Internet of Things (IoT) is one of those terms like “cloud” that people initially were trying to wrap their heads around, and then just a few years later became part of their day-to-day conversations at home and work.
IoT devices, which are smart devices that require an internet connection, are a type of cloud solution that has been multiplying.
At home, an IoT device can be an Alexa voice assistant or an internet-connected coffee maker. At the office, it can be a wireless printer or smart security camera system.
There are approximately 127 new IoT devices connected to the internet every second.
Having the ability to control things like thermostats or barcode scanners via a computer or mobile device through a Wi-Fi connection has several advantages. Companies use IoT to improve:
- Business continuity
- Customer experience
- Response times
- Data analytics capabilities
But for all the advantages of using IoT devices, there is also one big disadvantage – they are considered high-risk when it comes to a data breach.
Security Statistics for IoT Devices
When adopting IoT technology, businesses need to have a cybersecurity strategy in place to address risk. Hackers look for any way to get into a network, and often IoT devices are not set up with proper security, offering the perfect gateway.
Here are some sobering statistics about the risky nature of introducing IoT devices into your network:
- 84% of companies that have adopted IoT experience some type of cybersecurity incident as a result.
- 98% of all IoT traffic is not encrypted.
- 41% of IoT attacks exploit device vulnerabilities, often to identify and infect other devices on the same network.
Why are businesses so susceptible to IoT attacks?
- IoT often has less visibility than other technology assets
- Existing cybersecurity strategies don’t support IoT
- Informational Technology and Operational Technology may not be integrated
- Lack of awareness about the threats posed when IoT devices are used
How to Properly Secure Your IoT Devices
IoT technology isn’t going anywhere. In fact, it will continue to grow due to our reliance on the internet and wireless connections to operate and improve business processes.
IoT can be used safely if you adopt safeguards to make it less risky as soon as it’s introduced to your network.
Create a Separate Wireless Network for IoT
One way to reduce the risk of a hacker gaining access to a server or computer by hacking an IoT device, is to put those devices on a separate network. This is known as router segmenting.
Here are the steps to do it:
- Set up a guest network on your Wi-Fi router
- Change the password of your existing network (so devices won’t connect automatically)
- Put all devices with sensitive information (computers, servers, etc.) on one network
- Put all IoT and high-risk devices on the other network
Immediately Change the Username and Password
Within as little as 5 minutes of being turned on, IoT devices are being attacked by hackers. Users often won’t immediately change the default username and password, and this is the mistake those hackers are taking advantage of. They have a list of default device login credentials that are used in automated IoT attacks.
During device setup, the first thing you should do is to change the default username and password and ensure the password you’re using is a strong one.
Don’t Use a Detailed Device Name
When you name your device during setup – i.e. give it a display name on your network – you want to make it generic.
For example, if you’re setting up a new IP security camera, you don’t want to use the camera brand or model in the name, instead just use something like “Camera 1.” When a hacker has details on the device type, it’s easier for them to identify exploits they can use to hack it.
Turn Off Universal Plug and Play (UPnP)
While UPnP was developed to make discovering IoT devices easier, it’s also often used by hackers to gain access to a device. Vulnerabilities in UPnP can allow hackers to potentially discover other devices beyond just your network.
This setting should be turned off during device setup to reduce the risk of a breach.
Keep Device Firmware Updated
Companies often will have managed IT services in place to handle updates and patches for their computers but forget about IoT devices.
IoT devices also need to have firmware updated regularly to ensure any newly found device vulnerabilities are patched and don’t leave the device at risk.
Include IoT Devices in Security Monitoring
Any network monitoring safeguards you have in place to detect and thwart threats should also encompass your IoT devices.
You want to ensure there are no unauthorized access requests or unusual traffic to or from your smart devices. Treat the security of your IoT devices as you do that for computers, servers, and other technology assets.
Get Help from Neuron Computers to Secure Your Use of IoT
Don’t leave an important part of your technology infrastructure unprotected. We can do a complete cybersecurity audit to ensure your network is secure and you haven’t left IoT devices unprotected.
Contact us today to schedule a 21-point cybersecurity audit. Call 1-833-4-NEURON or sign up online.