According to IoT statistics, 25 billion IoT devices will connect to the internet by 2021. That number will surge to 80 billion by 2025 as 152,200 new IoT devices will connect to the internet every minute. Managing and securing billions of IoT devices will become a challenge. In fact, 76% of risk professionals think that cybercriminals will target these IoT devices and launch cybersecurity attacks on organizations. The number of IoT based attacks are growing exponentially.
What is even worse is the fact that only 20% of risk professionals were able to successfully identify the majority of IoT devices. The lack of standards and security protocols makes matters worse. To top it all off, most businesses do not maintain an inventory of IoT devices and applications they are using, which makes them more vulnerable to IoT based attacks.
In this article, you will learn about seven cybersecurity tips that will help you safeguard your IoT devices.
Maintain an Inventory
If you do not have an inventory of your IoT devices, the first thing you need to do is to create one before it is too late. Most businesses tend to do inventory management the wrong way. They focus on smaller devices and ignore mobile devices such as smartphones and laptops. Cyber attackers mainly target these mobile devices because all your sensitive data is stored on these devices or on the best dedicated server. Even when an attacker targets an IoT device, their main goal is to use it as a ladder and infect other parts of the network. IoT devices are soft targets as they are not as secured as other devices.
Use Common Sense
Erez Yalon, security research director at Checkmarx thinks that you should use some common sense. According to him, you should think about the kind of devices you purchase and connectivity requirements they might have. Most devices are equipped with cameras and microphones so you should be extra cautious and keep them away from your work desk. You can also put a tape on the camera and microphone and turn on devices when they are not in use. This can minimize the risk of IoT devices getting misused.
Buy Secure IoT Products
As IoT devices go mainstream, their prices are coming down. You can easily get an IoT device anywhere from $10-$100. What this means that profit margins for IoT manufacturers are shrinking unless they mass produce. That is why most IoT device manufacturers neglect security features.
When you want to purchase an IoT product, look at how your prospective IoT manufacturer reacts when a security researcher points out a security vulnerability in their IoT devices. Good IoT companies will not only admit that there are flaws, take responsibility but also respond in a timely manner to address security concerns. Google and Amazon were quick to release security updates to fix security issues in their IoT devices. Always purchase IoT devices from popular IoT device manufacturers and first line suppliers that prioritizes security over everything else.
Change Default Passwords
Most IoT devices have universal passwords which are too easy to guess for hackers. Additionally, manufacturers share these default passwords across the product lines and groups. That is why it is important to change the default passwords as soon as possible and ensure you never revert to the same default password again. Users can also take advantage of more secure and advanced authentication methods such as fingerprint unlock or facial recognition instead of using passwords. Some states such as Chicago have already taken steps to ban use of default passwords for IoT devices and have forced users to have a unique password for every IoT device for better security.
Segment Your Network
Instead of keeping everything on a single network, you can create a subnet or segment a larger network into smaller segments. Since most routers let you create and manage two different wireless networks, this won’t be an issue. This can come in handy especially if you have separate devices for personal and professional use. Users can create separation between the two by using IP addresses. Whenever you add a new IoT device ask yourself which segment of the network it should connect to.
Update and Patch Regularly
IoT devices running on older versions of software are more vulnerable to cybersecurity attacks as this software has bugs and security loopholes that can easily be exploited by cyber attackers. If there is an update available, update your software to the latest version. If there is no update available, check for security patches. This will help you patch security issues before it can be exploited.
Turn off features like universal plug and play for IoT devices and turn on features like https when browsing the web through these IoT devices. Does your printer and CCTV cameras have security enabled? Most manufacturers don’t turn on security features by default which allows cyber attackers to easily take over these devices and enter into your network or even worse, use IoT devices to spy on you.
IoT device manufacturers must make the process of securing IoT devices easier and educate the users about it instead of making it more complicated for them to set up and secure their IoT devices. That is why many users don’t even bother about checking the security of these devices because the settings are hidden behind layers of menus.
Last but certainly not the least is to use strong encryption. When you communicate with your IoT devices, the probability of your communication getting hijacked is much higher as it is happening on a unprotected wireless network. That is why it is important to use strong encryption methods. Devise a secure mechanism to store and exchange keys to keep your communication private. By using encryptions, cybercriminals won’t be able to execute man in the middle attack and spoof your communication. This will give you the peace of mind.
How do you secure your IoT devices? Share it with us in the comments section below.