Through the invention of Internet of Things (IoT) appliances and devices, companies can now realize greater profit and happier customers through automation. However, IoT devices need to be proactively managed due to the data they collect and share. Continue reading to learn steps to take for properly securing your company's IoT devices.
IoT devices have the option to set a secure access password – and this should be done for every device, no exceptions! If the default password is left in place, it may be easy for a hacker to find the unsecured device and test all publicly known passwords. Further, passwords should be “strong”, with a mix of upper case, lower case, numbers and symbols. If multi-factor authentication is available for the device, configure this option.
Disable Universal Plug and Play
While Universal Plug and Play (UPnP) is a means for IoT devices and appliances to discover each other and other network devices, it is not required. To avoid leaving a “hole” in your network through this collection of protocols, turn off UPnP.
Create a Separate Network
As a best practice, it is recommended that IoT devices be assigned to a different part of the network from your main devices such as servers, PCs, and printers. This creates another layer between any unauthorized access to IoT devices and your business data.
Minimize Traffic from IoT Devices
For more granular control, use tools that allow configuration of permissions for IoT devices. Doing so will minimize the exchange of data between such devices and others on the network. Preventing unnecessary network communication between IoT devices decreases the pathways for unauthorized access.
Firmware updates are often overlooked until they become required for new features. Manufacturers create these updates for good reasons, often due to security improvements. Firmware updates should be applied to devices on a regular schedule to keep up with changes in security protocols and new features. Check for updated firmware at least quarterly, to stay current. If your company owns several devices from the same manufacturer, there may be tools available to automate updates across all devices.
Unplug It Overnight
Finally, IoT devices can be powered off when not in use. Unless your company is working 24x7, it may be worth the effort to put IoT devices offline outside of business hours, when no one is watching devices or data flow.
With the increased presence of IoT devices in homes and offices, hackers have found new ways to access and use such devices. By applying the security measures listed in this blog, your company can decrease the possibility of IoT attacks. If you have questions about securing IoT devices our team can help!
Beringer Technology Group, a leading Microsoft Gold Certified Partner specializing in Microsoft Dynamics 365 and CRM for Distribution also provides expert Managed IT Services, Backup and Disaster Recovery, Cloud Based Computing, Email Security Implementation and Training, Unified Communication Solutions, and Cybersecurity Risk Assessment.