Does your office have IoT devices? Even if it doesn't yet, many businesses are catching the craze for convenient and energy efficient IoT selection. The only problem is that no one ever said they were safe or, when they do, they might not be telling the whole truth. There have been many recent incidences of IoT devices getting hacked and bricked or added to botnets. IoT devices are potential gateways into your local company network and they often share any data collected with the entire internet without or with minimal authorization. The fact of the matter is that every day the network security requirements of modern businesses are going up and IoT devices just aren't up to the rigors of protecting client personal details or private company data.
IoT Was Not Built for Security
You may recall the security epidemic as companies that hired quick and easy app development realized that they hadn't specified security when listing features and therefore had not gotten it. Databases weren't secured, login information wasn't encrypted and the same problems kept happening. They were built quickly by a number of manufacturers to inspire whimsy, not to protect your data. When it's just light bulbs and speakers, most people don't care about getting hacked but when it's your security cameras, thermostats, and break room appliances, the possibilities for data theft and privacy invasion go through the roof.
They Can't be Monitored
One of the main problems with IoT devices is that they're all made by so many different manufacturers. While many of them are accessible through Google Home or Alexa smart home services to be controlled in sets, actually managing them from the back-end is incredibly tedious. Almost every single one has a different app and good luck getting past the UI to the real controls. Some even come with unchangeable default usernames and passwords and many aren't even built to receive software updates. Even the cleverest admin will have to crack one interface after another to gain enough control to properly secure the devices.
Is It Safe to Have IoT Devices in the Office?
The good news is that you don't have to remove the new awesome IoT devices from your office or keep your office from achieving the 'smart office' upgrade. IoT just requires a few extra security steps to make sure that the vulnerabilities that are inherent to the devices cannot put the rest of your network at risk. First, always have them behind a sturdy firewall in a separate section of your network. Next, scan them constantly for malware if possible and, if not, monitor their network activity to detect unusual interactions which could be malware. Because troubleshooting options are minimal, be prepared to reset your IoT devices to factory settings at any time. Finally, always change the admin panel passwords and don't use passwords already in use for company network security.
IoT devices are a delight in the office, not to mention amazingly energy-efficient. Whether you've got wifi security cameras that can be monitored remotely, a smart thermostat keeping the office comfortable, or a host of smart lights that turn on and off based on time and office activity, IoT in the office is often great for morale and everyone will enjoy playing with and being served by the new office toys. However, anyone responsible for network security should remember that until your entire IoT collection can be tightly controlled from a single dashboard, the lot should be treated carefully as the malware bait that they are. For more helpful tips and advice for cutting-edge network security, please contact us today!