First, IoT devices require a separate network segment, and that segment must be secured by using strong authentication methods such as certificates. All data must be encrypted, both at rest and in transit. Of course, a robust firewall is required, firmware must stay updated, and access must be carefully managed to limit communication between the IoT segment, and the rest of the network.