The Internet of Things, or IoT, consists of billions of everyday devices which now have the ability to connect to the internet. This ability turns previously ‘dumb’ devices into automated systems which can control the temperature of a heating/cooling system, the locks on your doors or can even get your coffee machine to make a cup of coffee for you every morning before you even get out of bed. These devices also supply intelligent methods in which you can gather data about usage trends, consumption, coffee bean levels & numerous other metrics. IoT is part of our future and it will make our lives easier on a day to day basis but everyone that is thinking about adopting IoT devices need to consider some ramifications of implementing this technology within your network. See below a brief list of ‘best practices’ before implementing this technology.
1. Ensure that the IoT devices are behind a firewall
These devices have generally not been designed with security in mind and there are some considerations you need to be aware of if thinking about implementing these devices into your network. The biggest consideration is ensuring that the IoT device is behind a firewall that blocks unsuspected network traffic. Unfortunately, in 2017, with the adoption of IoT devices in business and home environments there was a 91% increase in DDoS attacks originating from open and unsecured IoT devices (things such as cameras, doorbells, fridges, light globes & humidity/temperature monitors).
2. Segregate the device to a separate WiFi Network (SSID)
This may not be possible for you on your home network but within a business scenario, you should always try and create a separate WiFi network which has no access to your existing network. This will mitigate the risk if your device becomes exposed to a vulnerability which gives an attacker access to your network – they will not be able to steal any confidential data from your business.
3. Ensure the IoT device & software is up to date
Regular firmware updates need to be completed on any IoT devices due to new vulnerabilities being found continuously. Ensuring that your device & software is up to date mitigates the risk of widely known and exploited attacks being perpetrated using your devices. Sign up to the suppliers mailing list for your device and keep an eye out for any recommendations, updates & vulnerabilities or from the supplier.
4. Change the default passwords!
admin/admin as your username/password is not secure and attackers will know that these are the default passwords for most devices. Make sure that you’re using complex passwords (16 characters with uppercase, lowercase, numbers & symbols). Do not replace existing letters with numbers or symbols that look like the original letter – “B1gD4ddy!D3v1c3!” is not a secure password and can easily be cracked by attackers who use dictionary password cracking. A password like “^wu%7pjQGMepRKYz” is not easy to crack and will ensure total security. If you need help creating passwords – try a website such as https://passwordsgenerator.net/to generate passwords for you.
5. Encrypt the traffic
Most business grade firewalls can do this for you and should be done for any traffic published out from your network. IoT devices are infamous for sending all traffic out of your network in plain text meaning that anyone can grab this traffic and read your passwords, the data that is being collected (could be the total cups of coffee you’ve had today, the TV shows you’ve watched on your internet connected TV, the password to your CCTV system or anything in between).
These are some of the base considerations and if you are serious about implementing IoT in your network – please feel free to reach out to us and we can help you implement this technology.