The Internet of Things (IoT) is an umbrella term for the connected devices and networks that exist within items that were previously, simply put, just things—think smart watches, smart thermostats, and any other item that is now be equipped with a digital screen or a voice assistant.
IoT has undoubtedly simplified the ways we work and live, making many aspects of daily life feel futuristic and efficient. In the short time since IoT has hit the mainstream, these devices have revolutionized traditional industries such as agriculture, farming, healthcare, energy, retail and many more. By 2020, experts estimate that there will 25 to 50 billion connected IoT devices around the globe.
Despite these strides, the challenge of perfecting IoT device security is far from solved. The amount of data that an IoT device collects from just a single user is enough to tempt cyber criminals, let alone an entire company using IoT devices in volumes. The variety of device types presents a handful of new attack surfaces that can be exploited. Additionally, the machine-to-machine communication that is weaved into the functionality of these devices means that we lose direct control over them.
As an end user or a business owner, you’re probably wondering what you can do to protect your data from the vulnerabilities that are at play in the IoT landscape. Below, we’ve rounded up our top recommendations for mastering IoT device security.
- Secure Your Router
If you take away a single piece of advice from this article it should be this: think of your router as the front door to your digital home. Most routers used by home customers are not secure and can make your IoT devices much more vulnerable to attacks. Upgrading to a commercial router intended for small business or separating your modem and router are two ways to boost the security of your network. If you want to stick with your gateway router, start by changing the login credentials to be strong and unique.
- Create a Guest Network
A second step to take to secure your devices is to create a guest Wi-Fi network for your home or business. This way, when visitors want to hop on the Wi-Fi, your main network won’t be exposed to any of the potential vulnerabilities within their device. Setting up a guest network is simple—follow the instructions for your router or call your internet or IT provider.
- Use WPA2 for Wi-Fi Encryption
Ensure that you are using WPA2, or the latest encryption software. WPA2 is considered the most secure method for protecting your Wi-Fi connection. There are other methods, such as WEP, that are still available in many home products but WEP networks are easily hacked and put your data at risk. If you’re unsure what encryption type your Wi-Fi is running on, you can find out in the Wi-Fi settings on your device.
- Keep Your IoT Devices Up to Date
Make a habit of checking your IoT device settings for software and firmware updates. Manufacturers and developers are constantly pushing out improvements and working towards higher security standards. Security patching will ensure that your devices are running as safely as possible.
- Enable Multi-Factor Authentication
Most IoT devices have an option for enabling two-factor or multi-factor authentication (MFA). This is a two-step authentication process that involves verifying your identity through a second device, such as your phone. As with any digital device, we strongly recommend that you enable MFA on all IoT devices to add an extra layer of security.
- Disable Universal Plug and Play Features
Universal Plug and Play (UPnP) features are a set of networking protocols that make your device “discoverable” by all other devices on the network. These features are typically used for data sharing, communication and streaming. Although UPnP features may be tempting to use in your smart home, we recommend disabling them in order to properly secure your devices, since these features increase your susceptibility to hacks.
- Disable Features You Do Not Use
Beyond UPnP, look at your device’s settings and disable any features that you do not use. Digital devices often run various settings in the background that go unseen and may not be necessary to the device’s functionality, depending on how you use it.
- Avoid public Wi-Fi Networks at All Costs
If you’re on-the-go with an IoT device, avoid accessing public Wi-Fi networks at all costs. Often, cyber criminals will create spoof networks in public spaces such as airports and malls to trick users into voluntarily making their devices hackable. If a network doesn’t require login credentials, it means that it is not encrypted, and therefore it isn’t safe to run your IoT device (or any device!) on it.
- Unplug Your Devices When They Are Not in Use
Finally, unplugging your devices while they are not in use (or powering them off) is a small step that you can take to decrease your level of cybersecurity vulnerability. While we all love the idea of a smart home that manages itself at all hours of the day, there is a level of machine-to-machine communication that we have no control over. One way that you can take back some of this control is to only keep the device powered on while it is being used by you—not to mention, you might save money on your electrical bill!
If you have any questions about installing, configuring or managing IoT devices for your business, we can help. Speak to one of our experts today.