Magnitude of growth
The Internet of Things (IoT) is growing very rapidly with an estimated 5.5million new devices being connected to the internet every single day. More and more devices at home and in businesses are getting connected to the internet. According to Gartner, 20 billion devices will be connected to the internet every by the year 2020. The allure of its convenience and efficiency is very profound, hence the rush to get connected is very immense. However, in as much as IoT represents convenience, it also represents a security risk. Leaving devices unsecured is the digital equivalent of leaving a vaults door unlocked. It poses a huge security threat.
Ways of securing IoT devices
1. Connect devices only when you need them
Just because the AC, TV and Coffee maker can be connected to the Internet does not mean you keep them connected even when you do not need them connected. This will reduce your susceptibility to cyber-attacks. It is also important to understand the risks of connecting a device to the Internet before doing so. This way you will understand the security measures that will need to be implemented to avoid jeopardizing your security.
2.Pick good passwords
Create strong passwords for each of your devices. Also, avoid using the same password for all your devices. If a hacker manages to acquire a password of one of the devices, he may try it on all the other devices hence making your devices very vulnerable. You can use a password manager to help you track your passwords.
3.Use separate networks
For those devices whose security you find questionable, you might need to use a different network. This reduces your exposure to risk.
4.Retain physical security in IoT devices
IoT devices control physical objects remotely. These include doors, windows and vaults locks. If these physical objects are hacked, the hacker can gain or allow unauthorized access to these places leading to intrusion and theft. However, if there exists physical security, they offer an extra set of eyes and ears ensuring improved safety.
5.Avoid Universal Plug and Play (UPnP)
UPnP is designed to ease networking of devices by aiding them to discover each other. This eliminates the need for configuration However, it makes devices like routers and cameras very vulnerable to attacks. The UPnP protocol is very vulnerable hence hackers could discover your devices from beyond your LAN. To avoid this, turn off UPnP.
6.Constantly update your firmware
Constantly updating one’s software enables to always have the latest security patches hence reducing the chances of an attack. Firmware vulnerabilities are constantly fixed as they emerge through updates. If possible, automate the update process or set a schedule to constantly scout for and download them. When purchasing devices, ensure that they have secure firmware policies to avoid compromise through unsanctioned updates.
7.Track your devices
It is very paramount to track every device connected to the network while monitoring the traffic flow. This enables you to constantly the level of access your devices should have and to keep them patched up and up to date. It also enables you to identify any red flags, for instance, unidentified or rather unknown devices in the network.
8.Use encrypted protocols
IoT devices have inferior and insecure encryption practices. Very few of them utilize encrypted communications as part of their default configuration. Instead, most of them use the ordinary web protocols that use plain text to communicate across the internet making them easy targets for hackers. Ensure that all Internet communication uses HTTPS, SFTP, TLS and DNS security extension at the very least. All devices that connect to the mobile through mobile phone applications and other gateways ought to use encrypted protocols and should as well encrypt the data stored on drives.
9.Avoid using personal devices in business networks IoT devices
Do not use personal IoT devices on the business network. There has been a rising concern in the recent past regarding the security concerns of wearables. Personal devices may not be secure enough hence end up creating a weak spot within the network. If you must, then use them on a guest network.
10.Implement a failover design in IoT devices.
Ideally, IoT devices ought to function when there is no Internet connectivity. However, this is not the case for many IoT devices. Most of them are not designed to cope with internet failures. It is therefore important to implement a failover or a manual override for crucial devices like door locks and security camera monitoring devices. All businesses and smart homes are prone to cyber-attacks. Therefore, it is very important to be informed and prepare for the likelihood of cyber-attacks as this will enable you to prevent or mitigate such attacks.