Mobile technology has been taking over business networks over the last five+ years, and in the next five, the story will be Internet of Things (IoT) devices.

The number of IoT devices in use in homes and businesses has been growing rapidly, and 5G is expected to only continue to accelerate that trend.

Between 2018 and 2019, IoT growth in enterprise and automotive markets was 21.5%. In 2020, the use of these smart gadgets is expected to grow another 21% to 5.8 billion IoT endpoints.

But you don’t have to be a large enterprise company to worry about how IoT devices are going to impact your business cybersecurity. Many small businesses in Tucson and beyond are seeing the proliferation of smart gadgets in their offices all the time.

Common business IoT devices include:

  • Routers
  • Wireless printers
  • IP security cameras
  • Internet-connected sensors
  • Wireless projectors
  • Smart whiteboards
  • and more

Even smart speakers are making their way from homes to offices. Amazon has an entire Alexa for Business strategy to help them do just that.

Why You Should Worry About IoT Security

So, what’s the problem? Aren’t smart gadgets a good thing?

For productivity, they absolutely can be, but for security it’s another story.

Only 2% of IoT data traffic is encrypted, which leaves those data streams wide open to a “man-in-the-middle” attack from a hacker that’s compromised a Wi-Fi network.

IoT devices also often have more vulnerabilities in their code than software for other devices, and users often aren’t checking for updates. This leaves them vulnerable to attack and acting as a gateway to other devices on the network.

Tips for IoT Device Security

Just because IoT devices tend to be more vulnerable than computers or mobile devices, doesn’t mean you can’t address security concerns. There are several ways to reduce risk and secure your IoT devices.

Here are best practices that will allow you to connect new smart gadgets without being kept up at night worrying about their risk.

Change the User Login As Your First Step

Hackers use long lists of manufacturer default usernames and passwords for IoT devices to start automated hacks as soon as any are detected. This is why you hear stories about devices like new doorbell cameras being hacked shortly after being connected to the internet.

Your first step when setting up any new IoT device should be to change the default username and password to secure the settings login.

Use a strong password that has a combination of letters, numbers, and symbols and at least 10 characters.

Disable Universal Plug and Play (UPnP)

UPnP is a feature that makes it easier for other devices to find and connect to your IoT device. While this was designed to be a convenience, it’s also a tool that hackers use to breach your device.

It’s a good idea to turn off UPnP, as well as any other sharing features that aren’t absolutely needed, to improve device security.

Check for Firmware Updates Regularly

When is the last time you updated your router firmware? Users will often set up IoT devices and then never log into the settings again unless they have a problem.

Update prompts don’t always flash across your screen for a router or wireless printer update, which means many of these devices don’t get updated and are at risk because of that.

Make sure you log into IoT device settings regularly to check for updates, which usually contain vital security patches, and apply any that are available.

Set Up an “IoT Only” Network on Your Wi-Fi

Because IoT devices are a higher security risk than computers, it’s a good idea to add a layer of network security that will keep hackers that may breach a smart device from being able to get into computers that may hold sensitive data.

Set up a guest network on your router and only use it for IoT devices. To do this, you’ll need to take the following steps:

  • Log into your router and set up a guest network
  • Change the password to your current network (which will disconnect IoT and other devices)
  • Reconnect all non-IoT devices to your current network
  • Connect only IoT devices to the new guest network

Don’t Use a Descriptive SSID (Network Name)

If you’ve named an IoT device “Brand X Front Door Security Cam,” a cybercriminal is not only going to know what camera they can tap into, knowing the brand is also going to make it much easier for them.

When naming IoT devices don’t use a descriptive name that gives away the brand, model, device type, or location.

Get Help Securing Your IoT Devices

Does your network have IoT devices connected that may be making it vulnerable? Don’t leave security to chance, get help from ECN IT Solutions!

We’re here and ready to discuss IT security with you! Reach out at 520-355-7553 or through our website.