Connectivity is good. Now how do we make it safe to use?
The Internet of Things (IoT) is becoming a part of our daily lives right before our eyes, and as that happens, more of the security issues the IoT brings with it will be exploited. That’s a scary thought at first, but this is part of the growing pains of any new technology. We’ll learn in time to secure these devices. Necessity is the mother of invention, after all.
In the wake of things like the Dyn attack and the US government’s Vault7 leak causing hysteria about smart TVs recording us all, there’s no question IoT security has become incredibly important. Homeowners and business owners need to secure themselves. Thankfully, there are already things you can do to make your IoT devices safer to use. Here’s a few of them.
1. Do your homework when buying devices
It’s important to understand how the devices you use remain up-to-date with the latest security standards — particularly if you’ll be making purchases for your business. PC Magazine recommends taking a layered approach to safety measures, which is nothing new in the world of network security.
2. Speak up
Manufacturers understand that many consumers are ignorant of the threats lurking in the IoT. But many cyber criminals are not. They’re working towards better security, but giving feedback and being vocal to encourage these things is always a good idea. That means sending bug and crash reports and staying vocal on the appropriate message boards.
3. Change your password from the factory default
It might sound overly simple, but this security lapse is what has allowed many hackers access to the routers of unknowing users around the world. The password that comes on your device might not be unique and could even be mentioned in the product’s support documentation. Change it and you’re taking away one of the easiest methods for criminals to walk right in the front door.
4. Avoid broadcasting personally identifiable information
The GPS system in your car can give you away. It knows where you park at night and where you drive every morning. If someone gets access to this information, they could potentially carry out an attack on you in cyberspace or even in the real world.
Invest in systems that use encryption and other obfuscation techniques and keep your systems up-to-date. In fact, this is a valid enough piece of advice to make its own list item.
5. Make sure your devices are updated
Manufacturers can only do so much with what they know when they release a device. The nature of modern cyber threats is that they’re built quickly to take advantage of exploits. When every device in your life is linked to the internet, you can’t risk not having the latest versions of operating system software.
Check with device manufacturers to see how you can tell when your device is updated and that it’s running the latest version of the relevant software. Updates are important in the distribution of patches that keep criminals from exploiting new security holes.
6. Encrypt your data
There are already commercial encryption solutions widely available. Despite the U.S. government’s efforts to roll back this technology’s place in society, we don’t expect it to go away soon. Encryption can be a highly effective tool for security.
If you are concerned that criminals could have an interest in the data being transmitted between your personal devices, or in your business itself, put an encryption solution in place. It can take years and years of effort to decrypt even a small amount of encrypted data, and that’s more effort than most criminal operations are willing to make.
7. Ensure compliance
This is primarily for businesses, but there are standards that exist to help keep businesses from being compromised. Getting certified in with one of these standards build trust and credibility for companies that require customers to give them data. Get to know them and make sure your company takes them seriously. Failure to achieve compliance can make life difficult in the event of a breach.
It’s likely that we will see the baked-in security measures of IoT devices get better in time, but things might get worse first. The nature of attacking an IoT network is that it’s different from attacks we’ve had to defend against in the past — and that means some of our best lessons still need to come from experience.
Follow the advice you’ve read here and stay up-to-speed with industry developments to give yourself the best chance of remaining protected in our increasingly interconnected world.