The internet of things (IoT) is a broad term used to describe the network of devices that connect to any particular wireless internet. For example, anything that has “smart” as a prefix is almost guaranteed to need an internet connection, making it an IoT device.
The IoT has grown to a vast number of devices since the beginning of 2010. Many modern homes have a few devices that connect to the internet, be it a voice speaker like Google Home or a streaming device like the Amazon Fire Stick. Contemporary innovations have brought society incredible new tech, such as remote-start coffee makers and thermostats, refrigerators with dietary suggestions, and even door locks that can only unlock with your phone. It’s predicted that nearly 31 billion IoT–connected devices will be online by 2020.
IoT devices are beginning to make their way into corporate spaces as well. Some offices may have an Amazon Echo for conference calls or a streaming device to share the screen of a laptop with a nearby TV.
What you may not understand is that anything connected to the internet is vulnerable to a multitude of cyber attacks.
The rapid rate of tech advancement and mass adoption has made society comfortable connecting their internet to just about anything. Securing those devices can be tough, and while cybersecurity is constantly improving in these devices, nothing has stopped hackers from finding a way in yet. Blind faith that those devices are keeping your data safe is not smart. Research from Ponemon Institute found that 97% of risk management professionals indicated an IoT data breach as catastrophic for an organization.
Some IoT recent IoT attacks include:
August 2016 – Mirai botnet attack — Targeted IoT recording devices creating one of the largest DDoS attacks in history
August 2017 – An macabre attack on IoT pacemakers lead to a recall of 500,000 devices fearing a security gap that would allow an attacker to manipulate the device.
All companies should adopt a set of security practices, rules, or regulations to keep employees aware and accountable. Make sure that you check with IT to be sure the device is safe for a corporate network. Our partner Fortinet provides full network visibility, monitoring anything and everything connected to a network, specifically, the ability to control those devices with a dynamic, automated response.
From their website “FortiNAC simplifies the deployment of IoT devices by automating most of the authentication process using a sponsor. When a new IoT device tries to connect to the network, FortiNAC automatically places the device in an isolated network, profiles the device, and sends the information and the suspected type of device to the appropriate department for review and authorization. Once the device is confirmed, FortiNAC notifies the firewall of the type of device and where to place it in the correct network segment. The solution is also easy to upgrade and scale across organizations of all sizes and industries.” Check out their comprehensive guide to securing your IoT network here.
It’s important to step back and remember that we are only in the beginning phase of the IoT device. In the near future, most of the devices we use, including microwaves, fire alarms, and cars will be connected to the web, meaning there is always a chance of cyber attack. Being proactive about your IoT security could halt a much larger breach in its tracks. If you’re concerned about the use of IoT devices in your office, give us a call for a free consultation. We proudly deliver FortiNAC solutions as a Fortinet partner and would be happy to explain exactly how we would secure all your devices, now and in the future.