It’s not unusual for companies to be completely on top of their computer and server security protections but be lagging far behind when it comes to the protection of smart devices.
Internet of Things (IoT) devices have been multiplying over the last 5 years, and now are just about everywhere, even in our cars during our commute to work. Businesses have also been adopting smart devices at a rapid rate, adding wireless sensors, IP security cameras, wireless printers, projectors, and more to their network infrastructure.
85% of surveyed organizations say they have a dedicated IoT project budget.
However, IoT poses a serious risk to a business network if it’s not properly secured. 76% of risk professionals say that smart internet-connected devices leave companies at risk of cyberattacks.
Attacks have also been going up in recent years. In 2019, IoT device attacks skyrocketed by 300%.
You can enjoy the convenience and productivity benefits of smart devices without worrying about being hacked, it just takes knowing how to properly secure them through best practices.
Best Practices for IoT Security at Your Office
Immediately Change Device Usernames & Passwords
Smart devices come with manufacturer default logins to allow you to access the setup and device administration. But these logins are not secure and need to be changed as the first step in your setup process for an IoT device.
On average, IoT devices get attacked in as little as 5 minutes of being set up, so time is of the essence. If you tell yourself that you’ll “change the password later,” later may be too late.
Use a Strong Password
One mistake that many companies make is to add a router password that is easy, so all employees will remember it. But this is like leaving a twist tie on your front door for security instead of deadbolt.
For any IoT devices, including routers, make sure you use a strong password, which has:
- A minimum of 10 characters
- At least one upper-case letter
- At least one symbol
- At least one number
- Is unique, and not used somewhere else
Be Non-Descript When Naming the Device
If you name a device “Redfield front door security camera,” you’ve just given a hacker important information about that device if they’re able to discover it on a network.
You want to keep your IoT device names (SSIDs) as generic as possible, so they don’t identify the following information:
- Device model/brand
- Your company name
- Device type (security cam, etc.)
- Device location (conference room, front door, etc.)
- Your physical address
Turn Off UPnP and Unneeded Features
Universal Plug and Play (UPnP) is a feature that makes it easier for other devices to discover and connect to an IoT device. While it was created for convenience, it’s also a risk because hackers use it to breach smart devices.
It’s best to turn this feature off, along with any other features you don’t need for normal operations. For example, some devices will default to sharing data with the manufacturer, which can seem fine at first, but any connection sending traffic to and from your device offers a pathway to a hacker.
Keep Your Network Monitored
When you have an I.T. monitoring program in place, your entire network and the devices you use have a watchful eye on them for any signs of trouble. If an attack attempt is seen, it can immediately be addressed before the attack is successful.
System monitoring gives you peace of mind and is also increasingly a necessity to detect problems proactively as more endpoints are added to a network.
Put Smart Devices on a Separate Network
IoT devices are known to be less secure than other types of devices, like computers, servers, and mobile phones. You can reduce the risk to your more sensitive systems by putting smart devices on a separate Wi-Fi network.
This can be done easily by segmenting your router, which simply means setting up a “guest” network or secondary network. When doing this, you should change the password to your main network, which will disconnect all devices. This way you don’t run the risk of your IoT devices auto-connecting to your main network after being powered down and back up.
Next, connect all your IoT devices to the new network and all other devices back to the main network using the new password. This will help reduce the risk of an IoT device hack allowing a criminal to get into computers and servers holding sensitive files.
Ensure Your Smart Devices Aren’t Opening the Door to a Hacker
Texas I.T. Pros can help your Wise or Denton County business with a security plan and monitoring program for your entire network, including your IoT devices.
Contact us today to learn more! Call 940-239-6500 or reach out online.