Smart Security with your Smart Devices
Smart devices are everywhere! Internet of Things (IoT) devices such as camera doorbells, smart thermostats, and smart speakers have revolutionized the way we manage our offices and homes. These devices provide unparalleled convenience by allowing us to monitor and manage them from any location. These advancements represent a significant evolution in making our daily routines more efficient and our lives easier. However, we must learn to navigate the balance between embracing these conveniences and mitigating the risks that come with them.
The Risks Behind the Convenience
Despite the benefits of smart devices, incidents of unauthorized access have shown that users need to be vigilant about how they utilize them. Many users, for instance, neglect to change the default password on these devices, creating an easy breach vector. All an attacker needs to do is connect to the device, enter the default credentials, and then change things at will. Furthermore, if an attacker gains access to a smart device connected to your network, they may be able to exploit vulnerabilities within your network. This could allow them to access other devices connected to the same network, potentially causing significant harm.
Broader Security Implications
The concerns don't stop at unauthorized access. Most IoT devices come with an application that needs to be downloaded to properly use the device. These apps often require the user to enter personally identifiable information to create an account. You should always carefully read the terms and conditions of your device and account to make sure your data is not being shared. The sharing of user data with third parties without clear consent continues to be a problem. You should also be careful what you allow these apps and devices to connect to. Do they really need to access your email, documents, or toaster?
Taking Control
The purpose of this blog is not to convince organizations that IoT/Smart devices are bad. There are many great products out there that can make office management extremely efficient. Here are some tips you can use to keep your devices and still maintain your security.
Enable Multi-Factor Authentication (MFA): Using MFA adds an extra step to your account log-in, but it is one of the easiest, most cost-efficient (often free), and most powerful tools you can use to keep your accounts secure.
Use Strong Passwords: Use as many characters as possible, including uppercase letters, lowercase letters, symbols, and numbers, and do not use any real words. Furthermore, use unique passwords for all devices on your network.
Segment your network: Most routers have the capability to set up a Virtual Local Area Network (VLAN) to allow users to put smart devices in a network that is separate from work stations. This helps hide your work devices in the event a smart device becomes compromised.
Update Your Devices Regularly: This helps patch security flaws and protect against known vulnerabilities.
Disable broadcasting of your WiFi name (SSID): Most WiFi access points have a setting that allows the name of your WiFi to be found through a search rather than openly broadcasting its name. This makes it much harder for threat actors to access.
Adjust Privacy Settings: This helps control how account data is shared and used.
Conclusion
While smart devices offer significant benefits, they also underscore the need for vigilant cybersecurity practices. By adopting proactive security measures, users can mitigate risks and enjoy the conveniences of smart technology safely.
For organizations looking to fortify their cyber defenses, the ACDC offers a suite of FREE services. We provide risk assessments, awareness briefings, monthly training, and incident support to strengthen your cyber posture. Visit forge.institute/acdc to register for our free services, our newsletter, and our upcoming online training event:
"Defending your Organization 101: Remote Work Safety” on June 19, 2024.
