IoT Security: SMBs at Particular Risk
From IoT World Today
As the use of internet-of-things (IoT) devices continues to increase, so too does the level of security risk, especially to small business. A report by Juniper estimates that there will be 50 billion IoT devices by 2022.
There are certainly many benefits for businesses that implement IoT, including improvements in efficiency and logistics, as well as convenience. But with many small businesses operating on tight margins, the speed with which these devices are becoming standard is bringing with it a security challenge for SMB IT teams.
Operating without specific IoT security measures in place puts data at risk, but now everything, from lights, printers to speakers are multiplying the attack surface. The number and type of devices will vary according to the company, but there are a number of universal precautions that SMBs can take to minimize the risks IoT can pose.
Possibly the oldest security mantra is to make sure that strong passwords are used at all times, on all devices. IoT makes this more relevant than ever before. In many cases, device makers pride themselves on the simple setup processes of their products. As convenient as this can be, the result is that many devices are installed with default passwords.
Knowing this, all hackers would need to do is perform a quick search to find gain access. A recent report by Avast found that four out of 10 smart homes had at least one vulnerable device. If this risk is not dealt with, similar numbers of businesses could be vulnerable to an entirely preventable security threat.
The makeup of the modern office space is changing rapidly. Just a few years ago mobile working was a rarity but is now set to account for 43.3% of the worldwide workforce by 2023. Alongside this, the popularity of IoT devices is projected to grow in the United Kingdom from 272 million connected devices in 2018 to 625 million in the next five years. What does this mean? More and more endpoints.
The first step is to consider carefully when adding new devices to the network if the benefit of the device is worth the SMB security risk of adding another endpoint. Any device that can connect to your network needs to be correctly set up and secured to avoid it becoming a point of entry for an attack. This includes everything from the personal devices of remote workers to smart speakers.
Next, ensure that antivirus software and firewalls are updated and in place to monitor and deal with any suspicious activity. Next, while many of IoT devices are designed to easily connect to a network, it can be easy to forget to change the default password to something more secure — the equivalent of leaving your front door unlocked.
Beyond standard security, IoT measures should go even further by including tools to identify phishing emails, Wi-Fi scanners and encryption for sensitive files.
Regular security updates are a common sight with modern technology, and while it might be an annoyance to install when you are in the middle of something, they are a crucial security step. Aside from seasonal refreshes, numerous security patches are likely to be made available during the course of a year. Most will be produced to fix a known security vulnerability, meaning that those who click ‘remind me later’ are putting their data at unnecessary risk.
In addition to laptops, servers and personal devices used for mobile working, the rapid increase in IoT devices poses a challenge for …