This session will look at IoT best practices for security and privacy from the device, through the network, and into the cloud. Real-world problems will be emphasized, including issues with certificates, VPN’s, API’s, and TLS, as well as a look at GDPR and other policy related issues.