Cybersecurity for the Internet of Things (IoT): The Future of Connected Devices
Wrapping up National Cybersecurity Awareness Month, REDW Senior Manager of Cybersecurity Jennifer Moreno takes a quick look at the future of connected devices and how technological innovations like the Internet of Things (IoT) impact online experience for consumers and business professionals.
Throughout the month of October, we’ve touched on essential cybersecurity measures for both organizations and individuals—to provide confidence checks for hardworking IT teams and to help empower users to assist with cybersecurity initiatives. Catch up on some of our past blogs for National Cybersecurity Awareness Month covering:
- Enforcing standard cybersecurity measures for remote work
- Cybersecurity for work/personal mobile devices, and
- Cybersecurity checkpoints for the healthcare industry.
Going forward, consider how people and infrastructure can adapt to the continuous evolution of internet-connected devices. No matter what the future holds, every user needs to be enlisted to do their part.
Let’s Talk: the Internet of Things (IoT)…
It is currently estimated that approximately 2 million IoT devices are vulnerable to complete takeover, according to Threatpost. From the new “smart” doorbells rising in popularity, to similar home-monitoring devices—many products currently available on the market come engineered with vulnerabilities that allow hackers easy access for surveilling—or worse. Some companies have provided patches for the flaws in their internet-connected products, but many have not.
What exactly constitutes an IoT device?
A physical object endowed with any kind of sensor(s), software, and technology that uses the internet to connect to other devices, services, or systems. IoT devices range from smart fridges to lighting control systems, even HVAC systems—remember the Target data breach? Hackers penetrated their outer cybersecurity defenses through the retail giant’s heating and air conditioning contractor. Once through Target’s perimeter network credentials, the rest of the attack was much easier.
Multi-function copiers are fair game too, as well as thermostats—did you hear about the internet connected cameras and alarm systems—even cars—can contain IoT enabled technology. A hacker can infiltrate these systems with internet access alone. Vulnerabilities to these devices or their manufacturers can easily be obtained through the standard operation manuals and device information published on the internet, or by monitoring communication to and from the device itself.
Cybersecurity Defense for IoT Devices
Does your organization pass this latest confidence check? The best defense strategies for protecting your organization’s IoT devices from hackers involve steps taken to:
- Identify & Understand Devices: Identify all of the devices that reside on your organization’s network and understand their vulnerabilities.
- Scan Regularly for Vulnerabilities: Regularly perform vulnerability scans that will identify, examine and classify IoT devices, device connections and configurations.
- Monitor Data: Monitor the types of data being transmitted.
- Configure New Devices: When new devices are introduced to the network, review applicable IT policies and procedures to ensure the device is configured correctly. Put controls in place to reduce unnecessary risks.
REDW’s Cybersecurity Advisors Can Help You Stay Cyber-Smart
From cybersecurity experts to auditors and assurance professionals, our team helps established IT practices to expand as needed—adapting to the continually advancing digital world to better protect, elevate and empower your business. If you have questions or would like to further discuss how to strengthen your baseline security measures for your organization’s in-office, mobile device or remote setups, please contact Jennifer Moreno.
REDW is committed to keeping you informed at all times, and especially through the impacts of the COVID-19 pandemic. Stay connected with us on LinkedIn and @REDWLLC on Twitter. Access some of our other updates on our COVID-19 Resource Hub.