Internet of Things (IoT) is one of those terms like “cloud” that people initially were trying to wrap their heads around, and then just a few years later became part of their day-to-day conversations at home and work.
IoT devices, which are smart devices that require an internet connection, are a type of cloud solution that has been multiplying.
At home, an IoT device can be an Alexa voice assistant or an internet-connected coffee maker. At the office, it can be a wireless printer or smart security camera system.
There are approximately 127 new IoT devices connected to the internet every second.
Having the ability to control things like thermostats or barcode scanners via a computer or mobile device through a Wi-Fi connection has several advantages. Companies use IoT to improve:
But for all the advantages of using IoT devices, there is also one big disadvantage – they are considered high-risk when it comes to a data breach.
When adopting IoT technology, businesses need to have a cybersecurity strategy in place to address risk. Hackers look for any way to get into a network, and often IoT devices are not set up with proper security, offering the perfect gateway.
Here are some sobering statistics about the risky nature of introducing IoT devices into your network:
Why are businesses so susceptible to IoT attacks?
IoT technology isn’t going anywhere. In fact, it will continue to grow due to our reliance on the internet and wireless connections to operate and improve business processes.
IoT can be used safely if you adopt safeguards to make it less risky as soon as it’s introduced to your network.
One way to reduce the risk of a hacker gaining access to a server or computer by hacking an IoT device, is to put those devices on a separate network. This is known as router segmenting.
Here are the steps to do it:
Within as little as 5 minutes of being turned on, IoT devices are being attacked by hackers. Users often won’t immediately change the default username and password, and this is the mistake those hackers are taking advantage of. They have a list of default device login credentials that are used in automated IoT attacks.
During device setup, the first thing you should do is to change the default username and password and ensure the password you’re using is a strong one.
When you name your device during setup – i.e. give it a display name on your network – you want to make it generic.
For example, if you’re setting up a new IP security camera, you don’t want to use the camera brand or model in the name, instead just use something like “Camera 1.” When a hacker has details on the device type, it’s easier for them to identify exploits they can use to hack it.
While UPnP was developed to make discovering IoT devices easier, it’s also often used by hackers to gain access to a device. Vulnerabilities in UPnP can allow hackers to potentially discover other devices beyond just your network.
This setting should be turned off during device setup to reduce the risk of a breach.
Companies often will have managed IT services in place to handle updates and patches for their computers but forget about IoT devices.
IoT devices also need to have firmware updated regularly to ensure any newly found device vulnerabilities are patched and don’t leave the device at risk.
Any network monitoring safeguards you have in place to detect and thwart threats should also encompass your IoT devices.
You want to ensure there are no unauthorized access requests or unusual traffic to or from your smart devices. Treat the security of your IoT devices as you do that for computers, servers, and other technology assets.
Don’t leave an important part of your technology infrastructure unprotected. We can do a complete cybersecurity audit to ensure your network is secure and you haven’t left IoT devices unprotected.
Contact us today to schedule a 21-point cybersecurity audit. Call 1-833-4-NEURON or sign up online.
Los Angeles Offices:
453 S Spring St Ste 400
Los Angeles, CA 90013
Rancho Cucamonga Offices:
9668 Milliken Ave Ste 104-285 Rancho Cucamonga, CA 91730