New gadgets that seek to make your home and office smarter and more efficient hit the market seemingly daily, but did you know it’s on you to learn how to secure them?
Your internet-connected devices — smart TVs, conference room systems, security cameras, smart locks, gaming consoles, smart thermostats — make life more convenient, but these devices can also make your network more vulnerable, specifically in your office security, opening you up to attackers and threats. If your office is like most, you have “smart” connected devices, and it’s important to have a defense plan for securing them.
In many cases, employees bring in their own smart devices without your knowledge. Unfortunately, the typical non-technical person has no idea this may be a security risk.
Bottom line: If you have smart devices at your office, you’ve opened a new door to attacks, and they need consideration and protection.
14 Tips to Securing Smart Devices in Your Office:
- Shut down unnecessary services on the devices
- Setup the smart devices on an isolated wireless or wired network
- Restrict access to any internal networks from these devices
- Restrict your “internal” wifi network to only IT authorized devices to avoid rogue smart devices
- Implement an advanced wireless system that allows device tagging and automated isolation policies
- Change the default password on the device
- Update the software whenever available
- Put IT in charge of smart devices (i.e: purchasing and managing)
- Have a complete inventory of all smart devices (and check the log to see who/what else may be logging in)
- Ensure your network firewall is updated and provides next-gen protection
- Train employees on the danger of unauthorized and unmanaged smart devices
- Unplug smart devices that aren’t in use
- Implement a Unified Endpoint Management (UEM) system to detect and monitor smart devices
- Factory reset devices before disposing of them
Why are smart devices often targeted by hackers?
There are several avenues in which a hacker can target a smart device. First and foremost, many smart device manufacturers don’t ship devices with the latest security updates and don’t have secure operating systems deployed. This means a smart device needs to be updated by you during, or after, installation. Also, many smart devices don’t auto-update, leaving them with old network protocols enabled.
Smart device traffic can be relatively easy to identify coming out of a network, making it easy for an attacker to identify your site as a potential target using these devices. In combination with weak and publicly-known passwords set on devices when shipped, smart devices are easy targets.
Some smart devices require specific ports to be opened in a firewall to allow them to work, and opening unnecessary ports in a firewall can open your entire network to access through that port. There is limited capability when it comes to monitoring these devices with advanced security monitoring services that are designed for Windows servers, Linux servers, or common business networking equipment.
What are some of the most vulnerable connected devices?
- Video-based devices are often targeted
- Thermostats - Because they are really common and often not managed by IT
- Shop-floor IoT devices installed by non-IT shop-floor employees
Why does it matter? I don’t have anything to hide…
Any smart device connected to your office Wi-Fi, approved by IT or otherwise, can present a risk to your network. Your company’s next major security risk may come from a device as seemingly innocent as a connected coffee machine.
Security risks from IoT devices are a hot topic of discussion within the cybersecurity community. The digital age has made us accustomed to the power and convenience of having our data decentralized, and of having all our devices work in conjunction with each other. With the perfect combination of characters, the digital and physical world can be easily usurped.
Even if you implement these 14 tips or consider yourself a security expert, new developments happen every day. To minimize your security risk, it’s imperative you stay current on cybersecurity news and regularly revisit security protocols.