The Rise and Risk of IoT Devices in the Workplace

The internet of things (IoT) is a broad term used to describe the network of devices that connect to any particular wireless internet. For example, anything that has “smart” as a prefix is almost guaranteed to need an internet connection, making it an IoT device.

The IoT has grown to a vast number of devices since the beginning of 2010. Many modern homes have a few devices that connect to the internet, be it a voice speaker like Google Home or a streaming device like the Amazon Fire Stick. Contemporary innovations have brought society incredible new tech, such as remote-start coffee makers and thermostats, refrigerators with dietary suggestions, and even door locks that can only unlock with your phone. It’s predicted that nearly 31 billion IoT–connected devices will be online by 2020.

IoT devices are beginning to make their way into corporate spaces as well. Some offices may have an Amazon Echo for conference calls or a streaming device to share the screen of a laptop with a nearby TV.

What you may not understand is that anything connected to the internet is vulnerable to a multitude of cyber attacks.

The rapid rate of tech advancement and mass adoption has made society comfortable connecting their internet to just about anything. Securing those devices can be tough, and while cybersecurity is constantly improving in these devices, nothing has stopped hackers from finding a way in yet. Blind faith that those devices are keeping your data safe is not smart. Research from Ponemon Institute found that 97% of risk management professionals indicated an IoT data breach as catastrophic for an organization.

Some IoT recent IoT attacks include:

August 2016 – Mirai botnet attack — Targeted IoT recording devices creating one of the largest DDoS attacks in history

August 2017 – An macabre attack on IoT pacemakers lead to a recall of 500,000 devices fearing a security gap that would allow an attacker to manipulate the device.

All companies should adopt a set of security practices, rules, or regulations to keep employees aware and accountable. Make sure that you check with IT to be sure the device is safe for a corporate network. Our partner Fortinet provides full network visibility, monitoring anything and everything connected to a network, specifically, the ability to control those devices with a dynamic, automated response.

From their website “FortiNAC simplifies the deployment of IoT devices by automating most of the authentication process using a sponsor. When a new IoT device tries to connect to the network, FortiNAC automatically places the device in an isolated network, profiles the device, and sends the information and the suspected type of device to the appropriate department for review and authorization. Once the device is confirmed, FortiNAC notifies the firewall of the type of device and where to place it in the correct network segment. The solution is also easy to upgrade and scale across organizations of all sizes and industries.” Check out their comprehensive guide to securing your IoT network here.

It’s important to step back and remember that we are only in the beginning phase of the IoT device. In the near future, most of the devices we use, including microwaves, fire alarms, and cars will be connected to the web, meaning there is always a chance of cyber attack. Being proactive about your IoT security could halt a much larger breach in its tracks. If you’re concerned about the use of IoT devices in your office, give us a call for a free consultation. We proudly deliver FortiNAC solutions as a Fortinet partner and would be happy to explain exactly how we would secure all your devices, now and in the future.

Sources:

https://www.csoonline.com/article/3244467/internet-of-things/2018-prediction-securing-iot-connected-devices-will-be-a-major-cybersecurity-challenge.html

https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/SB-FortiNAC-simplifies-IOT-security.pdf

 

The internet of things (IoT) is a broad term used to describe the network of devices that connect to any particular wireless internet. For example, anything that has “smart” as a prefix is almost guaranteed to need an internet connection, making it an IoT device.

The IoT has grown to a vast number of devices since the beginning of 2010. Many modern homes have a few devices that connect to the internet, be it a voice speaker like Google Home or a streaming device like the Amazon Fire Stick. Contemporary innovations have brought society incredible new tech, such as remote-start coffee makers and thermostats, refrigerators with dietary suggestions, and even door locks that can only unlock with your phone. It’s predicted that nearly 31 billion IoT–connected devices will be online by 2020.

IoT devices are beginning to make their way into corporate spaces as well. Some offices may have an Amazon Echo for conference calls or a streaming device to share the screen of a laptop with a nearby TV.

What you may not understand is that anything connected to the internet is vulnerable to a multitude of cyber attacks.

The rapid rate of tech advancement and mass adoption has made society comfortable connecting their internet to just about anything. Securing those devices can be tough, and while cybersecurity is constantly improving in these devices, nothing has stopped hackers from finding a way in yet. Blind faith that those devices are keeping your data safe is not smart. Research from Ponemon Institute found that 97% of risk management professionals indicated an IoT data breach as catastrophic for an organization.

Some IoT recent IoT attacks include:

August 2016 – Mirai botnet attack — Targeted IoT recording devices creating one of the largest DDoS attacks in history

August 2017 – An macabre attack on IoT pacemakers lead to a recall of 500,000 devices fearing a security gap that would allow an attacker to manipulate the device.

All companies should adopt a set of security practices, rules, or regulations to keep employees aware and accountable. Make sure that you check with IT to be sure the device is safe for a corporate network. Our partner Fortinet provides full network visibility, monitoring anything and everything connected to a network, specifically, the ability to control those devices with a dynamic, automated response.

From their website “FortiNAC simplifies the deployment of IoT devices by automating most of the authentication process using a sponsor. When a new IoT device tries to connect to the network, FortiNAC automatically places the device in an isolated network, profiles the device, and sends the information and the suspected type of device to the appropriate department for review and authorization. Once the device is confirmed, FortiNAC notifies the firewall of the type of device and where to place it in the correct network segment. The solution is also easy to upgrade and scale across organizations of all sizes and industries.” Check out their comprehensive guide to securing your IoT network here.

It’s important to step back and remember that we are only in the beginning phase of the IoT device. In the near future, most of the devices we use, including microwaves, fire alarms, and cars will be connected to the web, meaning there is always a chance of cyber attack. Being proactive about your IoT security could halt a much larger breach in its tracks. If you’re concerned about the use of IoT devices in your office, give us a call for a free consultation. We proudly deliver FortiNAC solutions as a Fortinet partner and would be happy to explain exactly how we would secure all your devices, now and in the future.

Sources:

https://www.csoonline.com/article/3244467/internet-of-things/2018-prediction-securing-iot-connected-devices-will-be-a-major-cybersecurity-challenge.html

https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/SB-FortiNAC-simplifies-IOT-security.pdf

 

5 Tips to Keep Your Mobile Workforce Safe and Secure

The American workforce has seen its fair share of paradigm shifts — globalization, the internet, and the introduction of cargo shorts and sandals in the workplace to name a few.

The latest in labor initiatives has been the adoption of remote working. The spread of laptops and wifi internet has lead enterprises to begin sourcing their employees from, well, anywhere. In fact, 50 percent of the US workforce is now permitted to work remotely during the work week, according to Global Workplace Analytics’ 2016 study.

The initiative is a win-win in many cases, as a corporation does not have to expense for office space and the amenities that come with it. It’s no surprise that the workforce has responded positively to the change as well. Young parents can spend more time with their family and a lack of commute time adds almost an entire hour back into the average employees day.

While modern-day mobility and BYOD (device) opportunities present substantial productivity boosts, they increase the complexity and opportunity for security threats. Using a host of technologies from Data Loss Prevention, Encryption, and Monitoring services will help organizations limit their security exposure, but cannot prevent everything.

With this new, great opportunity to work from anywhere comes an even greater responsibility to the employee. A personal laptop accessing corporate files on a public network can be catastrophic.

If you’re hiring or plan to hire remote staff for your organization, be sure they receive these five tips before they start:

1) Back Up Everything

Whether it’s in the cloud or an external hard drive, backing up everything you work on can save a ton time and stress if an attack were to happen. Keeping backed-up data will allow you to access exactly what you’ve been working on from prior to the attack.

2) Be Cautious of Public Wi-Fi

Free Wi-Fi access, whether it’s in coffee shops, airport lounges, or hotels, is a huge benefactor to remote working. Unfortunately, they’re also vulnerable to security issues. To avoid issues, ask about your host’s security protocol before connecting, skip any unencrypted Wi-Fi networks, and avoid logging in to corporate accounts or viewing sensitive data when connected to public networks. Briefly using a personal hotspot via cell phone is a great alternative when necessary.

3) Update Operating Systems

Like a vaccine for an immune system, you should keep your computer operating system as up to date as possible. Security updates will often come standard with a new OS. Like a vaccine, they’re proactive (not reactive, like an antidote) in protecting you from the latest threats.

4) Disable Bluetooth Connectivity

“Idle mode” Bluetooth connection can present security problems as well. If your Bluetooth is left on, nearby assailants can connect to your phone and potentially hack into your device. Make sure your phone and laptop Bluetooth connection setting is disabled while traveling, particularly abroad.

5) Always keep your computer in your line of sight

This should go without saying, but many people often ‘trust their neighbors’ when in public spaces to monitor their device while they step out for a call. This poses two very malicious threats: 1. Your entire workstation could be stolen or 2. Your computer could be bugged with using software installed via USB. In both cases, data is almost always completely compromised and the outcome is disastrous.

The bottom line for hiring a remote workforce is that their laptop should be your priority — especially if it’s their personal one. Think of your organizations’ cyber safety as a whole — if even one employee is susceptible to exploitation, the whole organization could tumble. In addition, keeping your employees safe and secure will establish your commitment to security, holding them to a higher standard and keeping your enterprise secure.

Contact JDL Group today for a security assessment of your remote workforce.

The American workforce has seen its fair share of paradigm shifts — globalization, the internet, and the introduction of cargo shorts and sandals in the workplace to name a few.

The latest in labor initiatives has been the adoption of remote working. The spread of laptops and wifi internet has lead enterprises to begin sourcing their employees from, well, anywhere. In fact, 50 percent of the US workforce is now permitted to work remotely during the work week, according to Global Workplace Analytics’ 2016 study.

The initiative is a win-win in many cases, as a corporation does not have to expense for office space and the amenities that come with it. It’s no surprise that the workforce has responded positively to the change as well. Young parents can spend more time with their family and a lack of commute time adds almost an entire hour back into the average employees day.

While modern-day mobility and BYOD (device) opportunities present substantial productivity boosts, they increase the complexity and opportunity for security threats. Using a host of technologies from Data Loss Prevention, Encryption, and Monitoring services will help organizations limit their security exposure, but cannot prevent everything.

With this new, great opportunity to work from anywhere comes an even greater responsibility to the employee. A personal laptop accessing corporate files on a public network can be catastrophic.

If you’re hiring or plan to hire remote staff for your organization, be sure they receive these five tips before they start:

1) Back Up Everything

Whether it’s in the cloud or an external hard drive, backing up everything you work on can save a ton time and stress if an attack were to happen. Keeping backed-up data will allow you to access exactly what you’ve been working on from prior to the attack.

2) Be Cautious of Public Wi-Fi

Free Wi-Fi access, whether it’s in coffee shops, airport lounges, or hotels, is a huge benefactor to remote working. Unfortunately, they’re also vulnerable to security issues. To avoid issues, ask about your host’s security protocol before connecting, skip any unencrypted Wi-Fi networks, and avoid logging in to corporate accounts or viewing sensitive data when connected to public networks. Briefly using a personal hotspot via cell phone is a great alternative when necessary.

3) Update Operating Systems

Like a vaccine for an immune system, you should keep your computer operating system as up to date as possible. Security updates will often come standard with a new OS. Like a vaccine, they’re proactive (not reactive, like an antidote) in protecting you from the latest threats.

4) Disable Bluetooth Connectivity

“Idle mode” Bluetooth connection can present security problems as well. If your Bluetooth is left on, nearby assailants can connect to your phone and potentially hack into your device. Make sure your phone and laptop Bluetooth connection setting is disabled while traveling, particularly abroad.

5) Always keep your computer in your line of sight

This should go without saying, but many people often ‘trust their neighbors’ when in public spaces to monitor their device while they step out for a call. This poses two very malicious threats: 1. Your entire workstation could be stolen or 2. Your computer could be bugged with using software installed via USB. In both cases, data is almost always completely compromised and the outcome is disastrous.

The bottom line for hiring a remote workforce is that their laptop should be your priority — especially if it’s their personal one. Think of your organizations’ cyber safety as a whole — if even one employee is susceptible to exploitation, the whole organization could tumble. In addition, keeping your employees safe and secure will establish your commitment to security, holding them to a higher standard and keeping your enterprise secure.

Contact JDL Group today for a security assessment of your remote workforce.

Your Business Should Be in the Headlines for the Right Reasons, Not for a Cyber Attack

cyber security NJ Law Firm Cyber Security NYC

Today’s headlines are peppered with stories of major companies and institutions falling victim to a cyberattack. As a business owner, what’s your response to these gut-wrenching stories? If you write them off as fear mongering and believe that these attacks can never happen to your SMB, well, you’re wrong. They can and it’s up to you to prevent such a disaster.

One reason why it’s so important to shore up your company’s network security is because the ramifications of a breach extend well beyond the sensationalism surrounding a news story. Take for example one of the biggest stories of hacking in recent memory; the revelation made public last December that Yahoo had more than one billion of its accounts compromised, dating all the way back to 2013. While the headlines focused on the plight of Yahoo and the negative effect this would have on the tech company’s value, what didn’t get reported is how millions of Yahoo users were negatively affected by having their sensitive information exposed to hackers.

In the same way, seeing to your company’s network security goes beyond protecting your corporate image from a negative headline. It’s also about protecting all of those who have entrusted you with their sensitive data. This includes customers and vendors that have provided your business with their financial information, as well as employees that each have a wealth of their personal information connected to your HR department.

We’ve established that there’s a lot riding on your network security and that it’s your job to make sure this is taken care of. If you don’t currently have a security plan in place protecting your company from a data breach, where do you even begin? Fortunately, you don’t need to be an IT security expert or have a computer science degree to implement adequate security measures. As is the case with the many vital responsibilities connected to your business, you can outsource the protection of your network to the professionals, such as the IT technicians at JDL Group.

That said, IT security is such an important and comprehensive matter that it’s not something that you should outsource and then disregard. In fact, IT security works best when everybody in the company understands that they have an active role in its upkeep. Yes, everybody. We’re talking from the C-level executives down to the cleaning lady who connects her smartphone to Wi-Fi. If everyone in your company understands how to avoid the snares laid by hackers, then the cake that is your network security measures will be topped with the icing of best practices.

Remember, securing your network from cyberattacks isn’t something that you have to do on your own. JDL Group is here to help, and we can do so by implementing proven and comprehensive network security solutions like our Unified Threat Management tool, as well as remote monitoring and maintenance in order to detect and take care of any threats that may breach your defenses. We’re also available to equip your staff with the means and know-how to better understand cybersecurity.

Contact Us

For assistance in all of these areas of security and more, give us a call today at 973.607.2140.

cyber security NJ Law Firm Cyber Security NYC

Today’s headlines are peppered with stories of major companies and institutions falling victim to a cyberattack. As a business owner, what’s your response to these gut-wrenching stories? If you write them off as fear mongering and believe that these attacks can never happen to your SMB, well, you’re wrong. They can and it’s up to you to prevent such a disaster.

One reason why it’s so important to shore up your company’s network security is because the ramifications of a breach extend well beyond the sensationalism surrounding a news story. Take for example one of the biggest stories of hacking in recent memory; the revelation made public last December that Yahoo had more than one billion of its accounts compromised, dating all the way back to 2013. While the headlines focused on the plight of Yahoo and the negative effect this would have on the tech company’s value, what didn’t get reported is how millions of Yahoo users were negatively affected by having their sensitive information exposed to hackers.

In the same way, seeing to your company’s network security goes beyond protecting your corporate image from a negative headline. It’s also about protecting all of those who have entrusted you with their sensitive data. This includes customers and vendors that have provided your business with their financial information, as well as employees that each have a wealth of their personal information connected to your HR department.

We’ve established that there’s a lot riding on your network security and that it’s your job to make sure this is taken care of. If you don’t currently have a security plan in place protecting your company from a data breach, where do you even begin? Fortunately, you don’t need to be an IT security expert or have a computer science degree to implement adequate security measures. As is the case with the many vital responsibilities connected to your business, you can outsource the protection of your network to the professionals, such as the IT technicians at JDL Group.

That said, IT security is such an important and comprehensive matter that it’s not something that you should outsource and then disregard. In fact, IT security works best when everybody in the company understands that they have an active role in its upkeep. Yes, everybody. We’re talking from the C-level executives down to the cleaning lady who connects her smartphone to Wi-Fi. If everyone in your company understands how to avoid the snares laid by hackers, then the cake that is your network security measures will be topped with the icing of best practices.

Remember, securing your network from cyberattacks isn’t something that you have to do on your own. JDL Group is here to help, and we can do so by implementing proven and comprehensive network security solutions like our Unified Threat Management tool, as well as remote monitoring and maintenance in order to detect and take care of any threats that may breach your defenses. We’re also available to equip your staff with the means and know-how to better understand cybersecurity.

Contact Us

For assistance in all of these areas of security and more, give us a call today at 973.607.2140.