The Internet of things can be described simply as devices that have connectivity to the Internet, and thus to a computing network. Many times these connected devices aren’t manufactured with security solutions onboard (or any security-minded foresight at all) so they can be fickle instruments when trying to onerously secure a network that includes numerous IoT devices. Today, we’ll go over some of the threats IoT devices pose to your network, and how to reliably secure it from these threats.
Many devices on the Internet of Things have security problems. You’d think that they wouldn’t be much of a problem since they often have limited functionality. For example, a connected thermostat has a limited number of options (on/off, temperature adjustment). In fact, whether it is a CCTV camera, a smart refrigerator, a connected toy–anything that comes with Internet connectivity–is a potential threat to your home or business’ network. There are a myriad of reasons for this. They include:
For every threat there is a remedy, but really the best thing you can do is to be conscientious about the device you are connecting to your network. Every connected device could be the device to cause major problems for you. The industry is split about how exactly to secure crucial computing networks from the threats the IoT presents.
The generally accepted strategy to manage the IoT is one where the more things can be controlled from a central hub, the more secure the system will be. While it does make management easier, this strategy doesn’t completely provide the kind of comprehensive risk-based solutions needed to mitigate any IoT-fueled corruption. By not first doing a full risk assessment, especially these days, there is a decent chance of catastrophe. After all, security is about dealing with real threats.
The main problems are that most IoT-connected devices don’t come with comprehensive security and they can be altered by a network-attached user pretty easily. Take the driverless car. There is going to have to be a major enhancement in the way that these systems are protected if we hope to utilize automated systems to drive actual people around. Since the driverless car is effectively on a public network–and is not behind a firewall–it will need to have its own encrypted system in order to keep it from getting hijacked.
This brings us to one of the best ways to secure an IoT device on any network: ensure it is placed behind some sort of firewall. For the average business that is starting to deal with employee-owned IoT devices on their network, it is important that you have the person with the device, whether it is directly connected to the network or not, pass it by your IT staff. This way there is a legitimate chance, if something does happen, to assess where the problem started and how to go about mitigating the negative aspects of any attack.
In the future, there will almost have to be systems in place for all connected technologies where they keep updated with the latest security patches (or at least the latest firmware) so that there is very little chance that some of these extremely vile threats aren’t unleashed on your network.
Another way to manage the IoT devices on your network is to assign them to their own separate network. This strategy will absolutely work insofar as there is no way for your enterprise-level IT infrastructure to get hijacked or infiltrated with malware because of IoT-related devices. The problem with this strategy becomes cost. Not only do you have to set up an additional networking infrastructure, you also have to constantly monitor and manage it.
Finally, you can prohibit IoT devices on your network. As more and more consumer goods come with sensors and Internet connectivity it will likely become more difficult, but if you are threatened by the horror stories surrounding IoT-based hacks and infiltrations, doing away with the risk may be the best way to solve the problem until there is a workable solution that you think is right for your network.
Rest assured, the Internet of Things is not going to get any smaller any time soon. In fact, it’s going to be a major consideration for people, businesses, and governments for a long time to come. If you are worried about how Internet of Things technology is going to affect your organization, or you personally, reach out to the technology professionals at Palindrome Consulting. Our knowledgeable technicians will help you come up with a strategy to keep IoT devices from hurting your business. Call us today at 305-944-7300 for more information.