Let’s start with a simple question for those that may not know: what are loT devices and why are we talking about them?
loT stands for Internet of Things (IoT). IoT devices are pieces of hardware, such as sensors, actuators, gadgets, appliances, or machines that are programmed for certain functions and can transmit data over the internet or other networks. Simple examples of loT devices include smart mobiles, smartwatches, smart door locks, fitness trackers, smart security systems, smart doorbells, smart Wi-Fi cameras, and more.
It is essential to talk about loT devices because they’re primarily consumer-oriented, and businesses are beginning to install them without proper vetting.
Attacking IoT devices is an ongoing trend, as over 20 billion of them are connected to the internet. Cybersecurity is typically the last thing on these device manufacturers’ minds because they target consumers looking primarily for low-cost and visual appeal over reliability and security.
Consumers take more risks, but businesses cannot.
Businesses are starting to use IoT devices more frequently, posing a serious problem: they’re deploying very insecure products. Consumers accept much more risk, as the worst case for the consumer is still relatively minor. Businesses, on the other hand, have a lot to lose. loT has been consumerized to the bone, and the majority of solutions have not been made safe for businesses (yet).
Is loT the way of the future? Should it be?
While we are not the gods of technology, we’ll give you our take on the evolution of loT, and you can take it for what it is–an opinion on a new type of technology that is still evolving in the way individuals and businesses interact with it.
Like any new technology, consumers seem unable to resist the new features loT provides, adding to its growth and demand. Many new business technologies have roots in consumer products; manufacturers test on consumers, improve it, and make a more robust and secure business offering. Examples: Google Gmail preceded Google Workplace, Apple iPod preceded the iPhone with corporate email integration, and attractive thin consumer laptops lead to the slick-looking Microsoft Surface Pro, Macbook Pro, and the Lenovo ThinkPad Carbon.
When consumers go to work, they want the convenience and slick designs they’re accustomed to at home. The result: consumers drive business technology trends, and now IoT is showing up at work.
So, let’s talk about using loT as a business.
What can your business do when it comes to using loT devices?
Do a mini IoT risk assessment for each device:
- What is the worst thing that could happen if this device is compromised?
If it’s a smart toaster, it might be burned toast. If it’s a smart camera, it’s a third party looking and listening to you. In both examples, it’s also a way for third parties to get into your network from the internet.
- Is it possible to segregate this IoT solution from your primary network?
Do you have the ability to make a separate locked-down Wi-Fi or wired network that allows IoT devices to connect only to the internet and not to your business LAN? Most Small / Medium Businesses will fail this test, and should seek out a competent IT company for recommendations.
- If you can live with #1 and implement #2, confirm that none of the data the IoT device stores or uploads to the cloud goes against any regulation your industry has to follow.
Example: Ring video recordings of doctor/patient conversations protected by HIPAA, bad. LG Smart Dryer lint trap cleaning history, safe.
Remember, as with deploying any new IT system at your organization, you always need a big picture approach. The “plug in and go” method of installation rarely turns out well. This holds for organizations looking to deploy loT devices. Ensure your security team is at the core of the deployment plan and maintains security as your top priority over additional features and quick additions. A long-term approach to new systems and IT security will provide your organization with a competitive advantage over time.
Questions about the use of loT devices at your organization? Let’s chat. Contact PK Tech here.