Protecting your company network from unauthorized IoT device access
By Max BurkhalterDecember 3, 2020
While the Internet of Things (IoT) has opened up exciting new possibilities and ways to lower operational costs for many businesses, the sheer number and variety of IoT-connected devices causes a new set of issues for companies that depend on them for data input.
While many companies utilize a very narrow subset of IoT devices for specific data collection, such as sensors on tires for logistics fleets, others connect a wide range of devices to their network, including personal devices owned by employees such as smart watches or fitness devices. The more devices there are, the higher your risk is of a breach in your security. Does this mean you should shun the IoT? Not at all — it's becoming requisite.
However, these hidden or "shadow" devices can be difficult to protect and may create a vulnerability in your organization's cyber defenses. How can you help protect your company and prevent your network from being accessed improperly through one of many IoT devices that are less conspicuous? The answer lies in understanding what devices are connecting to your network and what they have access to.
What are common shadow devices?
According to CPO Magazine, shadow devices most commonly fall into one of the following categories:
- Fitness trackers (like Fitbit or Gear Fit)
- Digital assistants (like Google Home or Amazon Alexa)
- Smart kitchen appliances (like refrigerators or microwaves)
- Computer devices (like wireless thumb drives or smart speakers)
- HVAC (home or industrial heating and cooling, ventilation, and Wi-Fi controlled thermostats)
- Security (cameras or alarm systems)
The main issue for most organizations is that their cybersecurity policies and IT teams haven't yet begun to take IoT devices seriously. Few companies have a clear and specific set of guidelines in place to direct what devices may or may not connect to the network. Employees can bring their own devices under the radar, hooking into the network and creating weak points.
How to help support IoT-connected device security
According to ZDNet, security cameras are responsible for nearly half of all IoT-related hacking attempts. HVAC systems are also high on the list. By carefully monitoring access to your network on the vendor side, and implementing role-based and action-based access, you can keep your network more secure.
Avoid choosing the cheapest model when it comes to company-owned IoT tech. Look for specs that promise higher levels of security. Mass-produced devices are more likely to share simple blueprints, and lack of encryption can make them easy to hack. Once one device is hacked, others will easily follow.
High-quality software and hardware that is properly installed and configured on purchase can reduce your risk. Always change usernames and password from the factory default, and uniquely name each device with an internal company code. For example, instead of naming your HVAC controls for separate buildings "HVAC B 1," "HVAC B 2," and "HVAC B 3," try creating a codeword to stand in place of HVAC.
Audit your system every few months and have your IT department run regular scans to see if unidentified devices are showing up on your network. If employees are responsible for shadow devices, consider creating a "guest" network that has limited access to your mainframe, and setting strict parameters in place to prevent access through an employee's smartwatch.
Looking for powerful connectivity tools that can help your organization maximize network security strength? Perle offers industrial-grade solutions designed to protect your sensitive data and minimize your risk of exposure. Contact us to find out more about how Perle can help you navigate IoT connectivity.