The Internet of Things, or IoT, creates a rash of new security problems throughout your business. Without proper handling, the IoT can cause you to significantly increase the volume of traffic moving through your network and raise the number of potential security holes across your business. Fortunately, you can act to secure the IoT in your business and improve your overall security.
- Know what’s connected within your organization. From copiers, printers, and other devices your business needs to keep running smoothly, there are a host of IoT devices. The first step in cyber security is identifying all of those devices. With the lack of governance to IoT standards, many of these devices do not speak to each other and will need their own procedures for maintenance and support.
- Monitor IoT devices. Monitoring is having a watchful eye to make sure all connected IoT devices and servers are free from issues and up to date on all software and security patches. Make sure that regular cyber security checks on connected devices are part of your normal security protocols.
- Create network segments. This is particularly important for employee-owned devices, which may not have the same security standards in place as the devices that you choose to connect to the network. We recommend IoT be connected via a secure guest network set apart from your encrypted sensitive data to keep cyber predators at bay and away from potential of a major security breach.
- Design a policy for accountability around IoT connections. Make sure you have a policy in place which identifies acceptable IoT connected devices and hold staff accountable when anything other than permitted devices access the network.
- Pay particular attention to recording devices. Do your IoT devices have the capacity to record video and audio? Are the microphones or cameras hooked up or turned on? It’s particularly important to deal with this facet of security if you deal with customer and employee sensitive data.
- Establish authentication procedures throughout your system. Where IoT devices must be connected to the network, ensure authentication procedures are in place to prevent malware from entering and spreading throughout your entire network.
- Pay attention to the risks. A risk-based strategy will allow you to evaluate the potential threats that could arise as a result of IoT connected devices and allow you to mitigate them where possible. Ensure that you’re familiar with IoT security risks, and make sure that the benefits outweigh them.
- Test your IoT devices. You have compliance testing on a regular basis to ensure that your networks are safe and secure. Make sure that your IoT devices are part of the testing process so that you can understand any potential problems with each one.
- Check the defaults. Do your connected devices have default passwords or usernames? It’s critical that you change those passwords and use your own, safe passwords instead. Many devices have default usernames and passwords that can be found via a simple online search, making it easy for hackers to slip into your system.
- Implement employee cyber security training. As always, your employees are one of the most critical layers of your cyber security protections. They must understand not only what you’re doing for security and the steps that they’re required to take as a result, but, as much as possible, why those procedures have been put in place. Make sure that training covers all those critical details so that your employees can help prevent cyber attacks on your business.
Protecting your business from cyber attacks is becoming increasingly complicated, particularly if you have IoT devices within your business. If you need more help protecting your business from attack, contact us today to learn more about how we can keep your business safe from hackers.