Don't assume that an embedded device is too dumb or too obscure to be compromised don't take embedded security for granted.
Completely configure and harden connected embedded devices before hooking them up to your local network.
Keep devices under development on private, isolated networks developer hacking can facilitate unwelcome cracking from without or within.
Inventory and understand the ports and services available on a given device or from an embedded OS. Enable only those your application truly needs and disable the rest.
Consider placing embedded devices outside your corporate firewall; let them access corporate network resources through selected ports or, better, via secure services like SSL (Web interface), SSH or over a VPN.
Take extra care to secure wireless interfaces on embedded devices (for example, 802.11b): Use available security native to the protocol; harden access points (e.g., restrict wireless connections by MAC addresses); place access points outside your firewall, if possible.
Anticipate future software-update needs on deployed devices to apply security patches (via OSGI and so on) onto flash or other rewritable storage media.
For remote update, download and data logging, consider using pull-only access, where devices connect intermittently to "phone home," instead of pushing data onto always-connected and thereby exploitable devices.
Begin thinking about embedded devices like any other enterprise asset on a network.