In our last post, we discussed the amazing benefits that IoT has to offer small businesses. When we left off, we mentioned that there are many particular security concerns and potential downsides that also come with the many benefits of IoT.
IoT is becoming an increasingly attractive target for cybercriminals. More connected devices means more attack vectors and more possibilities for hackers to target our businesses and our personal data. IoT is catching the eyes of the federal government, security firms, and product manufacturers. Several measures are being taken to prevent security breaches at the device level. However, it is critical that in the meantime we address this rising concern and take our own preventative measures, as well.
Purchase with Security in Mind
With all the benefits that IoT products offer, it can be easy to invest in them with only the upsides in mind. However, it is important for you to evaluate IoT products for not only the benefit that they provide but also for their embedded security features.
One way to do this is to target devices made by larger, more reliable companies. For example, larger IoT companies like Belkin are beginning to respond to the problem in ways that smaller IoT device manufacturers may not have the resources to. Another way is to know what questions to ask. Make sure you inquire about built-in security features and privacy policies before you leap for your next IoT investment.
Bolster Your Defenses
Before you even purchase an IoT device, consider how it will connect to your IT environment. Consider securing the gateways through which your IoT devices will connect. For instance, set up a separate network for your internet-enabled devices and track the devices that are connected to your network.
Update, Update, Update
According to Craig Young, a cybersecurity researcher at Tripwire, a big part of the problem is that the firmware is not updated on a regular basis. As an example, researchers at the University of Michigan were able to hack into the Samsung SmartThings platform and control an entire home automation system. Young observed, “These companies sometimes have the intention of fixing a vulnerability like that through a firmware upgrade, but then never get around to it because they don’t want to disrupt the user base.”
With the little security that is in place today for Internet-connected devices, it is critical that you pay attention to firmware updates and stay on top of them. As Roman Foeckl, CEO of CoSoSys, says, “A well-informed user represents a great premise to prevent data breaches regardless of the threat.”