From Meadowlands Magazine staff: We’re living in extraordinary times. Despite much of the negative news and restrictions, there has been at least one bright spot: the mass adoption of new technology has allowed us to circumvent some of the roadblocks the COVID-19 crisis placed in our way.
For example, when lockdowns rapidly thrust business online, many organizations found themselves managing a remote workforce for the first time ever. When we consider how much more we are relying on connected devices to help weather this pandemic – and how much personal, sensitive data is being collected in the process – business leaders must place security top of mind. In this piece, Mike Battistella, President of Solutions3 LLC, offers actionable tips for securing your IoT ecosystem so you can operate with confidence – wherever your workforce may be.
We’ve all been amazed – and at times overwhelmed – by the idea of being totally connected at all times. Who leaves a room without first grabbing their cell phone, much less leaving the house without it? We have desktops and laptops in our homes and offices, we have our smart phones and our tablets. Our vehicles are smart, letting us know when we need service or emergency assistance. Our TV’s stream our favorite movies and shows and music is often streamed in almost every room in the house.
We are indeed fully connected to the internet at all times.
With all of these conveniences we’ve come to rely on, we must also become much more aware that our “attack surface” has become much broader and more susceptible than ever before. Our “attack surface” is essentially the total sum of attack points that we’ve given cybercriminals to potentially take advantage of. By doing so, they may gain unauthorized access to our private information not meant to be exposed to the outside world.
Many of us know to be careful with the obviously connected devices mentioned above, but many are not aware of all the other access points that may be vulnerable as well. These may include toasters, microwaves, refrigerators, ovens, “Instant Pots”, thermostats, doorbells, alarm systems, alarm clocks, smart watches and a never-ending list of devices that are connected to the internet and can communicate via the web.
These are called smart devices.
Any smart device that has outside internet access has an attack surface that could be compromised. This collection of smart devices is called the “Internet of Things”, or IoT.
IoT by definition
Wikipedia defines the Internet of Things (IoT) as “a system of interrelated computing devices, mechanical and digital machines provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.”
The IoT is literally exploding in size. It’s comprised of billions of smart devices from mini-components in our homes and vehicles – to huge machines and systems that use wireless technology to communicate with each other and with us humans. The IoT world is growing at an astonishing pace, with the experts estimating the number of IoT devices in 2019 at approximately 200 billion and growing to approximately 1.1 trillion by 2026.
That number represents about 135 smart objects for every man, women and child on planet earth.
Security concerns are growing
With the immense number of smart devices, many of which we don’t even think about, we have increased the size of our attack surface. In response, we must increase our security awareness and become all the more diligent to protect our digital assets, at home and at work.
Below are some practical steps you can take that will lower your vulnerability to cyberattacks:
- Identify and keep track of all your devices to the best of your ability. You can’t protect what you are not aware of. This is the starting point for your IoT security posture.
- Continue to password protect any devices you are able to. Use strong passwords and multi-factor authentication where possible. Any device you connect to your home network should be treated no differently than your key devices, such as your laptop and desktop. This includes smart TVs, music and other streaming devices, and smart home control components.
- Keep all your devices updated to the latest software revision and software patch level. This may be a bit more inconvenient and cumbersome than your main devices, but no less important.
- Identify those components you do not have security access to. Validate the manufacture’s security posture and be sure those components are being updated and patched as necessary.
- Ensure a strong and secure entry point into the home and/or office. By establishing a near impenetrable barrier to the outside world, most devices on the interior will be less vulnerable by default. Even so, also protect each device as if it were completely exposed to the outside threat.
- Be sure not to transmit sensitive data through any devices that go outside the walls of protection and may not have a secure tunnel (i.e. VPN or comparable). Remember, it’s highly likely that someone is listening, and does not have your best interest in mind.
- These basic and practical steps offer a good starting point to protect your own personal Internet of Things, thus protecting your data and personal information from those that want to gain access to the things that are private and personal to you. Be diligent, be aware, and be safe.
If you are interested in learning more about protecting your business and/or personal Internet of Things, please send an email to info@Solutions3LLC.com with the Subject: IoT – Next Steps.