How to Keep IoT Devices Secure
Office environments everywhere are being transformed as more and more Internet of Things (IoT) devices enter the workplace. From intelligent air conditioning units and smart lighting to digital assistants and even app-based access control, IoT is having a tremendous impact on business efficiency and productivity.
Yet, security measures built into most IoT devices still fall well short of required business standards for protecting proprietary data.
Concerned that businesses may be opening themselves up to targeted attacks the FBI has released new advice to help recognize when IoT equipment is compromised and how to mitigate the effects.
Securing IoT devices with a virtual private network (VPN) is one tried and tested way to reduce the cybersecurity risks.
In recent years, IoT devices have brought major improvements to workplace efficiency and productivity.
Smart thermostats, for example, can learn worker preferences and automatically maintain an optimum room temperature. Energy savings of up to 60% are possible.
Buildings access is also changing. Conventional keys and code locks are to be replaced by electronic access control units that allow you to set your own access parameters.
Many of these systems can track usage over time and integrate with other systems to give an overall picture of energy usage or security.
Most businesses recognize the value of their data and do whatever they can to protect it.
Security technology such as firewall, anti-virus and network monitoring is commonly deployed to detect threats and keep out attackers. However, these security investments are easily undermined by the introduction of IoT systems.
The risk of company confidential or personally identifiable information (PII) being intercepted by unauthorized parties is very real. In the period 2016 to 2017 the number of attacks on IoT equipment rose by 600%.
According to a recent public service announcement from the FBI, “Cyber actors actively search for and compromise vulnerable Internet of Things (IoT) devices for use as proxies or intermediaries for Internet requests to route malicious traffic for cyber-attacks and computer network exploitation.”
Tell-Tale Signs of Attack
Unfortunately, there is no obvious way of knowing when IoT equipment has been compromised. The only option is to regard any sudden changes in network activity as suspicious.
Examples might include an unusually high uptick in monthly broadband usage, rising Internet bills, a drop off in network performance, anomalous Domain Name Service (DNS) queries or data syphoning off to unfamiliar destinations.
Cyber criminal attacks remotely probe devices for weak points.
It therefore helps to know if all IoT in the office – from CCTV and thermostats to routers and smart building access devices – have the latest updates to firmware, robust authentication measures and passwords are changed from the default setting.
There are several other precautions companies can take to reduce the risk of IoT security compromises such as ensuring devices are updated regularly and keeping IoT equipment as self-contained as possible so that it is isolated from the main business network.
Firewalls should also be set to block traffic from unrecognized IP sources and port forwarding disabled. Another good idea is to switch devices off and on again at regular intervals so as to remove any malware stored in memory.
Essentially, when it comes to mitigating IoT risks there are many elements to consider. One of the most tried and tested is to use a VPN.
Benefits of Securing IoT with VPN
A VPN encrypts all traffic entering and leaving IoT devices, rendering the data unintelligible to anyone trying to intercept it.
A professional, enterprise grade VPN typically uses military-grade encryption and can manage deployments comprising many thousands of IoT devices remotely.
An example of a common assault against IoT equipment is a distributed denial-of-service (DDoS) attack. A DDoS attack is a malicious attempt to disrupt the normal operation of a target digital device by bombarding it with an overwhelming quantity of Internet traffic.
VPNs help protect against this kind of attack by shielding the IP address by replacing it with a proxy address. Many other endpoints with the same VPN service will share the same proxy address. This makes it much harder for cyber criminals to pinpoint any individual target device. An IP address shielded in this way also stops intruders being able to track user activity. It also reduces the number of available attack vectors, helping IT support teams to focus defense efforts and increase the chances of malicious activity being quickly detected and stopped before any harm is done.
In summary, state authorities remain very concerned at vulnerable nature of many IoT devices currently finding their way into the workplace. The FBI recently issued fresh advice on what to look for and how to mitigate IoT attacks.
Of course, the risks are numerous. Making IoT completely airtight requires a multi-layered security strategy.
However, there can be no doubt that in an IoT environment, a VPN is essential part of any defense-in-depth approach to protecting company data.
As soon as an IoT device goes live on the public Internet it becomes susceptible to viruses, malicious programs, or hackers.
VPNs encrypt and protect the IoT data as it travels from device to platform. Attacks are either repelled or the data is completely indecipherable to any outside party that intercepts it.