The Internet of Things is everywhere, from the devices in our pockets, to the computers on our desk and even the stoves we cook on. Connectivity is the trend and smart devices are providing all manner of devices with unheard of functionality. We are becoming more and more connected to our technology, as they become more connected to each other. However, the more our devices speak to each other, often without our knowledge, the greater the risk of exposure. Quite frankly, as our devices become smarter, so do the cybercriminals and with our ‘always on’ connectivity, the hackers have ample time to find the vulnerabilities in our networks.
This increasing level of communication between devices is particularly of concern if your business is utilizing a BYOD policy. BYOD, or Bring Your Own Device, is a policy which encourages team members to bring their personal devices to the office and use them to work with. Benefits of BYOD are:
- Reduce business expense by not needing to buy employees individual devices.
- Eliminate technology learning curve, by allowing employees to use devices they are already familiar with.
- Access to cutting edge technology as staff members often have better technology than the business budget would allow.
As these personal devices interact with the network, it is important to have a BYOD policy in place. However, as technology evolves, so must your policies.
IoT and Security
Simply put, the Internet of Things demands we adapt IT security protocols in recognition of how much our devices communicate with each other and our network. Think about it like this, your employee’s smartwatch, phone, and their vehicle are not only speaking to each other, but to your network as well. The goal of the Internet of Things is to create an environment in which technology can communicate with each other.
In fact, the Internet of Things is so pervasive that even at your company potluck lunch, it is not beyond the realm of possibility for an employee’s crockpot to connect to your network and update its cook time. Still, the question you have to ask yourself is whether or not your current security protocols are sufficient enough to support the new normal.
Part of the process of keeping IT security top of mind includes keeping your team informed of best practices. This means you should provide your team with the tools needed to keep their IoT devices and your network secure. Here are some tips to help your team and business adapt in the age of IoT.
Secure your IoT device after purchase
Think your cute activity tracker on your wrist is harmless? Think again. Mirai is a malware that
transforms IoT devices into remote-controlled bots, capable of being used as part of DDoS attacks. How does it get access to the devices? It tries using the factory default usernames and passwords, and if you’ve never changed your device’s, Mirai can take control of it. Remember, an IoT device that is not secure has the potential of being compromised within minutes of it connecting to the internet. What’s worse, is that they can bring their infection into the network, compromising it.
Adopt secure password practices
The most straightforward and most efficient manner of protection for your network, is a clear password policy, one which defines the parameters needed to ensure compliance. This is particularly important when considering how ubiquitous personal IoT devices are, to the point in which we forget they are there; but the hackers don’t. If forgotten and unsecured, many IoT devices are a timebomb waiting to go off in your network.
One of the most significant vectors of malware in computers is linked to failure to update critical operating system vulnerabilities. When these vulnerabilities are left unpatched, hackers can find their way into your network and wreak havoc. Out of date firmware or software on BYOD devices like phones, smart watches and other devices are at risk of being compromised. Moreover, they can expose your network to intrusion.
Disconnect or turn off
Some IoT devices won’t let your team member enforce the best practices you’ve developed. In such cases, you have no choice but to request them to either disconnect from your network or turn off their device.
Develop an IoT plan
Finally, now's the time to develop a forward-facing IoT plan which takes into account not just how people and devices communicate now, but in the future. Without a dynamic and flexible plan, your network cannot be secured against the never-ending onslaught of intrusions that will follow.
It only takes one unsecured device to expose your entire network infrastructure to cyberattack, and your company cannot afford to allow this to happen. With IoT devices in every pocket, on every wrist and mostly every kitchen, it just makes good business sense to develop a plan to secure your network. KT Connections has a wide range of IT security solutions for your business, such as our UTM. Call 605-341-3873 today for a network consultation.