Increasingly more non-computing devices, such as internet of things (IoT) devices are being connected to global computer networks. Unfortunately, many of these devices are typically not held up to the same cyber security standards, therefore adding an additional vulnerability through which cyber criminals may be able to gain access to your organization’s valuable data or manipulate critical systems.
The Internet of Things
The internet of things (IoT) refers to the connection of web-enabled devices that are connected to each other in a network to exchange information. While this provides many benefits, such as reducing the need to input the same data into multiple systems and gathering data from different sources to be analyzed and used in a centralized location, there are risks associated with it.
For example, if a single device is compromised in a cyber attack, the data from all connected devices and even the devices themselves could be compromised. As such, all it takes for an outsider to gain access to sensitive information is to identify the device with the weakest cyber security that also has access to the network.
IoT Security Solutions for Businesses
Employers pride themselves on using IoT technology to make their workplaces more modern and help them stand out from their competitors. Things like smart desks, video conferencing systems, security systems, smart TVs and intelligent HVAC systems are becoming more commonplace. Unfortunately, these same gadgets, as well as other IoT devices, can create a growing security threat for businesses who aren’t prepared.
There is a lack of consistency between manufacturing companies who make the IoT devices. They have different operating systems and different security measures, and some aren’t even capable of software updates. This makes it difficult for IT departments to prevent hackers from accessing IoT devices and gaining access to company networks.
That’s not to say that your organization shouldn’t use IoT devices altogether. You just need to take extra precautions. Here are a few IoT security solutions to consider for your business:
- Consider multi-factor authentication or use certificates. Both are able to stall hackers who’ve managed to crack your password.
- Create a separate Wi-Fi network specifically for all IoT devices. If hackers access the IoT network, your separate business network should still be safe.
- Limit access to sensitive data. For example, IoT security cameras can expose sensitive information to hackers. Therefore, it is important to consider what the device has access to before setting it up. Be sure to also clear its storage on a regular basis. In addition, it’s important to never store critical business or personal data on these devices.
- In the event of a hack, be prepared to disable your devices and reset the factory settings at any time. If you regularly back up your devices, it should be easy enough to restore them and reconnect.
- Avoid installing third-party software. It’s easy to add functionality to IoT devices simply by installing additional applications. However, you should never install software from an untrusted source. Doing so can open the door to hackers.
- Turn off IoT devices when they aren’t in use. This may seem like a simple solution, but active devices are vulnerable to attacks. Just by switching off unused devices, you can improve network security overall.
Although IoT technology is likely here to stay, it is important to remember that it is still in its infancy. By taking proper precautions, you can enjoy its conveniences instead of letting it threaten your business operations.
Securing IoT Devices
When looking to purchase and connect new devices to the IoT, ensure that there are plans and policies in place to minimize the chances of a cyber threat against those devices. Conduct a sweep of your organization to identify electronic devices and determine if each one is connected to a network that could be exposed to a cyber event, as well as what kind of data those devices are sending and receiving. Keep in mind that even seemingly mundane systems or devices such as heating, ventilation and air conditioning units could be running basic computer operating systems with the potential to connect to the internet. Track these devices by creating an asset map that lists the connected devices.
From here, you can start planning how to secure the devices that pose the largest threat of cyber exposure. Segment the network so that not every device provides access to the entire system, check for security updates or patches where possible and reach out to the device’s manufacturer for information if necessary. Restrict personal IoT devices to a separate network (like a guest Wi-Fi), update all default passwords on connected devices, use two-factor authentication and ensure that data generated by IoT devices is encrypted.
Contact us for more information about protecting the IoT from cyber threats.
Ottawa, ON K2P 0M3