Remember the good old days when you could buy a pot for a plant and it didn’t need to connect to the internet? Or cats were fed without digital intervention? The peaceful times when your phone and TV weren’t listening to your conversations.
Those were the blissful days before the Internet of Things. Now, everything that you buy needs a constant, reliable Wi-Fi connection, and is vulnerable to IoT cyber attacks.
What is the Internet of Things?
At first, the Internet of Things, or IoT as it’s abbreviated, was useful. Items were designed to be digital for your benefit. Digitise your shower to make sure it reaches just the right temperature. Have your fridge remind you of those items you’re running out of. Use your TV to connect to your streaming services, so that you can have one single device for entertainment rather than three or four of them.
But as more and more everyday items are becoming digital, the threats that they pose are increasing as well. I know – I sound like a crazy conspiracy theorist. I’m not. Even a quick Google search will highlight all the ways that IoT can go wrong.
Sometimes the results are hilarious, as with this Twitter handle that points out foibles with ‘smart’ devices. Sometimes ‘smart’ solutions to everyday problems can pose a risk to your physical safety, as with the smart deadbolt locks that actually made it easier for intruders to enter homes. And sometimes the IoT can be catastrophic for businesses, as in the case of the IoT cyber security attacks earlier this year where Western Digital network-attached storage devices were wiped of all their data remotely.
So the question becomes this: How can you take advantage of the benefits that IoT devices and services offer without posing a risk to your business?
5 Ways to Protect Your Business Against IoT Cyber Attacks
While IoT solutions may be vulnerable to cyberattacks, ignoring the advantages that they offer can also prove detrimental to your business. You want to be able to embrace digital advances, but you need to ensure that you’re making every effort to protect your company at the same time. That’s why we’ve put together these 5 ways that you can protect yourself against IoT cyber attacks:
1. Restrict Internet Access
If a device doesn’t need to connect to the internet, don’t let it. Just because it can connect to the internet, doesn’t necessarily mean that it should. Take, for example, your office’s coffee machine. These days you can buy coffee machines that can be programmed to make the perfect cuppa remotely. That way, by the time you get into the office, you’ll have your coffee ready and waiting for you. But do you really need that functionality?
You could setup cameras around the office and access them from your phone, your laptop and your home PC. But do you need to access the footage remotely, or are you able to store it locally without them needing to connect to the internet?
The fewer points of entry you have for cyber criminals to exploit, the less risk is involved for your business, and the more securely you’ll be able to operate.
2. Setup a Separate Network
It can be very tempting to have all of your devices, services and solutions connected to one another. It’s incredibly convenient. But it’s not necessarily a secure way to operate.
When bringing on IoT technologies that require internet access, we’d recommend creating a separate network for them. This way, if one of your IoT devices becomes compromised, you aren’t placing your entire business at risk. Keeping your security cameras on a separate network to cloud solutions, for example, will mean that if a criminal accesses your camera, they won’t be able to infiltrate your business’ critical information and stored data.
3. Carefully Manage Your Devices
It’s essential to keep track of which devices are being used, and who they are used by. It’s also critical to manage the permissions that your devices are given, particularly when it comes to your network security.
As soon as a new IoT device is brought on board, make sure that you record its information including its MAC address, IP address and serial number, as well as details of the person who’s going to be using it. If the device changes hands or needs to be replaced, make sure that you update the information that you have on file. This way, if you fall victim to cyber attacks on IoT devices, you’ll quickly and easily be able to track which device is affected, and remove its permissions as necessary to stop the attack in its tracks.
4. Keep Your Software Up to Date
As with any device that is able to access the internet, it’s important to make sure that its software is regularly updated. Updates are critical to device management, because they include security patches which fix vulnerabilities that attackers could use to gain access to your device and, in time, your network.
That Western Digital attacks that I mentioned earlier – that was only able to happen because of software that didn’t get updated. In that particular instance, it was because Western Digital had stopped supporting the storage devices, and hadn’t released updates in over five years. But people were still using them for storage, thinking that they were a secure solution. The result was that many users’ data became irretrievable, leading to frustration and outrage.
While nothing could have been done in the Western Digital case, you can avoid this frustration and fury by ensuring that any software updates that are available for your IoT devices are implemented as soon as possible.
5. Make Sure You’ve Got Strong Password Protection
When we talk about password protection, we’re not just referring to the length of your passwords or the inclusion of numbers and special characters. These rules for password setup will make it more difficult for attackers to gain access, don’t get me wrong. But there are further measures that you should be taking to protect your business.
Multi-factor authentication is essential for any business in this day and age. Attackers gain access to passwords all the time. They have bots set up to guess thousands of passwords every second. And if your password becomes compromised, you’ll want to ensure that attackers still won’t be able to access your systems. This is where having multi-factor authentication comes in – ensuring that without your phone, device, or access to a separate email address (which hopefully has a different password), attackers will be stopped in their tracks.
Protect Your Business Against IoT Cyber Attacks
These 5 preventative measures against IoT cyber attacks are a good starting point when implementing Internet of Things devices and solutions. But ensuring that your business is protected as a whole, across your networks and servers, across your email addresses and endpoints, is another matter. Protection against cyber attacks in general goes beyond securing just your IoT devices, and can feel like an impossible task when undertaken alone.
Solid Systems has vast experience in helping businesses to protect their IT assets. From cyber security solutions, to email security techniques, to Advanced Threat Protection implementation, to training and beyond. We’re the perfect IT support partner for business who want to step into the future with confidence.
Talk to us about your business and its unique needs, and we’ll be happy to guide you through these challenging times, ensuring that you’re using the right tech and maximizing its potential to make you money and help you step confidently into the future.