Your Smart Toaster Could Be What Burns Down Your Business

Look around, whether you’re working in the office, at home, or remotely. How much smart technology is around you right now, forming an Internet of Things? Connected technologies add an unprecedented convenience to life. The question is, is the convenience worth the inherent security tradeoff that each new connected device brings?

The challenge comes from the fact that the devices that make up the IoT are so frequently made with little-to-no thought or effort put into their security. Let’s talk about why this is such a huge risk factor and what you can do to take advantage of these devices while minimizing such risks.

What About the IoT Makes it Such a Risk/Threat?

As we’ve said, the IoT largely features devices that seem to have little to no thought or long-term effort put into their security…but the issues don’t stop there.

Let’s review some password best practices for a second… would you say that “password” or “admin” are secure, trustworthy passwords?

No? Good. They aren’t.

However, many IoT devices use these exact words as their default passwords. Making a bad situation worse, sometimes these passwords cannot be changed and are just baked into the device. Plus, IoT devices are notorious for receiving few—if any—security updates. This all makes a hacker’s job relatively easy.

Now, consider some of the connected devices that you may want to implement in an office space. Networked printers and scanners, security cameras, smart locks, smart speakers and displays… Whether they feature worrisome vulnerabilities, could be used to peek in on your business’ operations, or otherwise cause trouble for you, the IoT could quickly become an issue.

Now, consider the ramifications of using the same network to access your business’ data as you do your IoT devices. In this case, an attacker could potentially use one of your vulnerable IoT devices to gain access to the rest of your network and everything on it, staging themselves for a much larger attack.

So, what can be done? While security issues are not to be pooh-poohed, the IoT does have significant utility to share.

The Fix: Network Segmentation

As discussed, most IoT devices are inherently insecure, with no real means of improving their security directly. Therefore, the best option available is to address these shortcomings with network-level adjustments.

Network segmentation is the practice of using multiple connections for separate needs, keeping the data on each isolated from that on the other. It’s a similar concept to having a guest network connection—to eliminate the chance of a visitor interfering with business operations or coming across company data, visitors are given an entirely separate, specialized network to use. You can—and should—do the same with any IoT devices you have in the office. It’s the most straightforward way to use them without risking your business data.

We can help you accomplish this! We’ll review all devices you have on your network and ensure they are securely and appropriately connected. Give us a call at 631-905-9617 to learn more!