By: Kevin Williams
Categories: Cool Tech
There are many benefits of Internet of Things (IoT) technology. The constant flow of data it creates that can be used to improve business processes, save time and money, and increase convenience by centralizing control over otherwise disparate systems. In the coming years, the IoT will have a profound impact on nearly every aspect of our lives as the industry grows to $470 billion in annual revenues by 2020.
Unfortunately, one of the major criticisms about IoT technology is its security vulnerability. We’ve already seen the devastating impact that can occur when the IoT is hijacked for nefarious purposes, most notably the major internet outage that resulted from the Dyn cyberattack. In addition, 90 percent of IT professionals believe that we’ll see an increase in IoT security attacks this year, and 70 percent say their organizations aren’t prepared to handle them. With the tremendous rewards of IoT technology seem to come significant risks.
One thing to note about the Dyn cyberattack was that it was carried out using a software program called Mirai that sought smart devices which relied on factory-default usernames and passwords to access and control them. The reason why this is significant is that such factory login factory information can be easily obtained by hackers who’ll then spread it amongst themselves and use it to take over IoT devices en masse.
This is significant because it shows that there’s a simple way for the owners of IoT-connected devices to undermine hackers’ attempts to take them over, and that’s by simply changing their factory default login information. Hypothetically, if the owners of all the devices that were used in the Dyn cyberattack had taken this step, then the attack would have never happened, or if it had, it wouldn’t have had nearly as big an impact as it did.
What this means is that the IoT itself isn’t inherently unsafe; there are steps you can take to prevent your IoT devices from being taken over by hackers.
Hackers and their efforts are like a disease. They infect one device and it infects other devices until they have a whole network of devices under their control. If you take steps to vaccinate your devices against this disease, then they stand a much lesser chance of being infected and spreading the disease to other hosts. Here are some ways you can inoculate your IoT devices against hackers’ pestilence:
Use highly secure and unique login information – As previously discussed, hackers exploited the fact that many owners of IoT devices hadn’t changed the factory-default login settings on their devices to take them over. Make sure you change the factory default login information on any smart device as soon as you introduce it to your system. Preferably, you should use a strong password that’s totally unique.
Implement multi-factor authentication (MFA) – In addition to strong passwords, MFA requires additional steps to login to an app or smart device. These steps generally fall under three categories: something you know like another password or Personal Identification (PIN) number; something you possess like an identification badge or card; or something that’s inherent to you like your fingerprint or retinal scan. Using MFA can make it much harder for hackers to break into your devices and will strongly encourage them to look elsewhere for someone to take advantage of.
Invest in Identity and Access Management (IAM) – IAM is a series of processes to ensure that in any given system only the right person has access to the right information for the right reason for the right amount of time. This is especially useful for enterprises that rely on the cloud and IoT technology when handling sensitive data. IAM ensures that you’re able to control the identity information of all the users in your network and thus stymie hackers’ attempts to imitate someone else to gain entry.
The IoT may sometimes resemble the Wild West, but with the right security systems and processes in place, your network will more closely resemble Fort Knox. There’s no way to completely guarantee security all the time, but you’ll still be much safer with an established security protocol to form a moat and build a wall around your IoT-connected castle.