What steps can your business take to avoid an IoT breach?

Whilst there is no doubt that the Internet of Things (IoT) has enabled us to make huge leaps in the way we connect with each other, both at home and in the workplace, the IoT also brings with it a huge amount of risks.

But let’s focus on the positives first.

McKinsey reported back in 2017 that, “If policy makers and businesses get it right, linking the physical and digital worlds could generate up to $11.1 trillion a year in economic value by 2025.”

The article goes on to state that, “The Internet of Things (IoT) has the potential to fundamentally shift the way humans interact with the world around them.”

There is no doubt that IoT has already successfully entered every aspect of our society. From the distribution of electricity, water and gas to the deployment of emergency services and traffic management, cities are already leveraging the IoT in ways that most of us are unaware of as we go about our daily lives.

Of course, there are other IoT integrations that, as consumers, we are more aware of.  Fitness devices, fridges, home assistants and more are all IoT connected devices that help us go about our day to day lives and every day, more and more devices are being fitted with IoT capabilities and herein lies the potential risk.

With more and more IoT connected devices, the opportunities for hacking those devices grows. This is an issue for individuals and consumers; however, it poses a much bigger security risk for businesses. An IoT cyber security attack can open up your entire network and result in a serious data breach that can be catastrophic.

Protecting your business from IoT cyber attacks

In today’s modern digital era where cyber security threats take many forms, security is imperative.

Businesses need to ensure they keep up to date with cyber security best practices, especially with the proliferation of IoT connected devices.

Obviously ensuring you have a robust cyber security system in place is critical to protecting your business, however what else should you be doing?

1.      Inventory all internet connected devices on your network

Understanding the threats to your network is about knowing which devices are connected to your network. Whilst it may seem harmless for someone to bring a wireless speaker to the office, as soon as that device connects to the internet and your network, there becomes a potential threat to your security.

2.      Keeping firmware up to date

Once you have a full inventory of all your IoT connected devices, it’s also important to ensure the firmware is kept up to date on all devices. Manufacturers release regular patch updates in order to mitigate against cyber-attacks and it’s important that all devices on your network are kept up to date.

3.      Password management

As with any internet-connected device on your network, it’s important to ensure any IoT device has strong password management. You also need to ensure that devices connected to the network have unique passwords that are not used across multiple devices.

4.      Manage the security settings carefully on all IoT devices

It’s very easy just to click ‘accept all’ when you get prompted into authorising the access to a certain service without truly understanding what you are agreeing to. It’s important to understand what you are agreeing to – blocking things like location settings and access to your social media profiles can help to limit the security threats but you should always read the fine print (skim read at a minimum) to understand how your data will both be used and stored.

5.      Educate and train your staff

One of the biggest threats to your network comes from the people that work within your business. Unknowingly, they can leave your network open to security threats through poor security practices on their mobile devices. Through education and training, you can ensure your staff are aware of best practices around cyber security. This training needs to be across the entire organisation and include the C-Suite to the cleaning staff.

What can happen when your IoT devices are breached?

Keeping your network secure is about adding as many layers of protection as possible. From cyber security solutions to a robust training programme, the more security levels you have in place, the better your chances of avoiding a breach.

The Verge reported one of the most high-profile IoT breaches back in 2016. A pair of hackers compromised the Jeep Cherokee, taking complete control of the steering, braking and transmission. This was done as a testing experiment, but it highlighted the flaws with internet connected devices and IoT security threats.

In another high-profile example, hackers managed to use the internet connected thermostat on a fish tank within a casino lobby to gain access to the network and extract highly sensitive data on high-profile customers.

These devices, with simple functions, basic designs and unchanged default passwords are often the target of cyber criminals and it’s often the case that the most innocent devices can cause businesses the biggest headaches.

Conclusion

In this modern digital era, where so many everyday items are connected to the internet, cyber security has never been as crucial for businesses and consumers. Understanding the threats is the first stage in the battle to combatting the threats.

Make sure your business is prepared and if you are not following the steps highlighted above, don’t delay. Put in place the systems and processes required to combat the range of threats that exist and consult with a cyber security specialist in order to audit your security measures and ensure you are protected.