When you drive home, your garage door opens as you arrive. That toy bear Santa gave your kids talks and sounds just like you. Your smart wristwatch keeps tabs on your heart rate. You love the IoT world as much as everyone else, but most people are blissfully unaware of the need for IoT security and security training—until their data gets hacked.
“Nonsense,” the victims say. “How can a garage door opener put my entire company’s data at risk?” If the device uses a web-based platform for opening the garage door, alerts are sent to a work email account, and if that password has the same root as the network password, you’ve just opened the door for hackers.
IoT toys can be dangerous, too. According to the FBI, smart toys and entertainment devices for children typically “contain sensors, microphones, cameras, data storage components, and other multimedia capabilities—including speech recognition and GPS options. These features could put the privacy and safety of children at risk due to the large amount of personal information that may be unwittingly disclosed.”
If your employees are bringing new IoT devices into the office or even just using them at home—they’re opening another avenue for hackers to leverage, because any device with an IP address can be hacked. Don’t underestimate this threat vector, and start preparing to fight back today.
Mitigate IoT risks with ongoing security training. Many businesses address security on an employee’s first day of work but stuff the topic into an avalanche of other information that often causes their eyes to glaze over. Consider this checklist when onboarding employees:
You’ll also want to do the following:
Networked printers are some of the most commonly connected devices in the world, but individuals and companies fail to secure them properly. IDC reported that printers often don’t command much attention from security personnel, as they consider the devices “only printers.” It’s assumed if a networked device, like a printer, is behind a firewall, it’s low risk—but this isn’t the case in today’s world of sophisticated malware and evolving cyber risk.
Print-related security breaches can come from inside or outside an organization. Exposure points include the device’s network ports, print/copy/scan job interception, print hard drives and memory, printed or copied documents left in output trays, or illegal use of secure media (i.e., checks, prescriptions, etc.).
Along with training, strengthen your defenses as follows:
The IoT can make your life easier, but you must take steps to avoid the dangers it also brings into play. Keep your network safe, despite IoT cluttering.
Used with permission from Microsoft US Small and Midsize Business Blog