The Internet of Things has exciting possibilities. It’s been labeled “the next Industrial Revolution” because it will change the way we live and work. However, the IoT also comes with major risks to your cybersecurity.

Without an integrated a comprehensive portfolio of security technologies that provide advanced threat protection, your network can be breached via your IoT devices, and shut down by today’s sophisticated hackers. LA Networks provides this type of security for IoT devices.

What is the Internet of Things (IoT)?

The IoT refers to the connection of devices to the Internet. Automobiles, machinery, appliances, and medical and manufacturing devices can all be connected through the IoT— Any internet-connected device that can be monitored and/or controlled from a remote location is considered part of the Internet of Things.

The IoT came to be from the merging of wireless technologies, micro-electromechanical systems, microservices and the Internet. It has unified operational technology with information technology, allowing for the analysis of unstructured machine-generated data to promote improvements in technology.

How IoT Works

The network transmits the data collected by the IoT device to other devices.  It’s the internet communication layer that enables you to communicate with your device, and devices to communicate with each other (a process called machine-to-machine (M2M) communication).

We can interact with these devices to set them up and access data, but they actually work much on their own without human intervention thanks to the always-online nature of our business and home networks. The components that connect us to our IoT devices include remotes, dashboards, networks, gateways, analytics, data storage, and security.

IoT Is Good for Business as Long as You Keep Security in Mind.

Businesses are the top users of IoT solutions because they can lower operating costs, increase productivity, and enable the development of new product and service offerings.

There are hundreds of companies linked to the Internet of Things, and it’s expected that the list will expand in the next few years. Some of the industries that depend on IoT now include manufacturing, transportation, defense, agriculture, retail, banking, oil and gas, mining, utilities, hospitality, insurance, healthcare and logistics.

By 2020, 30 billion devices will be connected to the Internet. Cybersecurity is a Worrisome Issue When Using the IoT.

Unfortunately, many companies are jumping on the IoT bandwagon without giving enough thought to cybersecurity. As devices become more connected via the Internet of Things, security is now a major concern.

Hackers use IoT botnets to launch cyberattacks. With them they can penetrate anything from connected cars and home appliances, to business infrastructures. A botnet can control a large number of hacked IoT devices, such as routers, IP cameras and digital video recorders (DVRs) that are exposed to the Internet and only protected with weak or hard-coded passwords.

Experts have been warning us for years that lax security for IoT devices can have serious consequences. We’re now seeing botnets made up of compromised IoT devices capable of launching distributed denial-of-service attacks (DDoS) on an unprecedented scale.

Cybersecurity experts warn that IoT is one of the most vulnerable areas in corporations today.

Unprotected IoT devices are being increasingly hijacked and used to launch these DDoS attacks that cause systems to crash.  This is due to a lack of basic and comprehensive security controls. Hackers scan the Internet for devices with an open Telnet or SSH port and log-in with default administrative credentials. This is all it takes for them to succeed.

According to the Ponemon Institute’s “2017 Study on Mobile IoT Application Security”, only 30% of nearly 1,000 respondent said that their organization allocates sufficient budget to protect mobile apps and IoT devices. At the same time, IoT device makers aren’t building in security at the outset. 

What You Should Do to Protect Your IoT Devices.

IoT devices are very different from your standard PCs.  They use embedded systems and are designed to perform a specific task. They also run specialized operating systems that don’t have the resources to support traditional security mechanisms. And, as the number and sophistication of attacks against embedded devices continues to rise, greater security measures are required.

Ask your IT Provider to secure applications and network connections that link to your IoT devices.  You must defend against DDoS attacks and ensure your devices aren’t contributing to your vulnerability.

Put your IoT devices on a separate network. You’re probably familiar with “guest networks” that businesses provide for their visitors. Wi-Fi routers support this to prevent anyone gaining access to your files or networked devices.  This also works for IoT devices—So, consider putting them on a separate network.

Use the latest firmware and security patches. Your IoT devices and router must be regularly updated. Employ a schedule to check for updates every three months at least, and set automatic updates whenever possible.

Use strong passwords and different ones for each IoT device. If a hacker manages to get one of your passwords, they will typically try using it to get into other devices or networks.  Consider using a password manager to keep track of all your passwords.

Don’t use Universal Plug and Play (UPnP). If you do, your routers, printers, cameras and other devices will be vulnerable to attack. Hackers can get in due to vulnerabilities in the UPnP protocol. It’s best to turn this off altogether.

Don’t connect IoT devices to the cloud.
Many IoT devices rely on cloud services, but this can present a real problem. Not only will your IoT devices not work when your network is down, but they may also be syncing sensitive data or offering another potential route into your business. Make sure you read up on the vendor’s privacy policy, and ask your IT provider about encryption and data protection for these devices.

LA Networks has an integrated and comprehensive portfolio of security technologies that provide advanced protection for your IoT and other devices.  This includes next-generation firewalls, intrusion prevention systems, secure access systems, security analytics, and malware defense. We also offer web and email security, network security and cloud security. For more information, contact us at: {phone} or {email}