5 Tips for Securing IoT Devices
Smart Home Safety
This week, Google announced that its Internet of Things (IoT) platform, Android Things is officially out of beta. Android Things provides hardware and software developers with all the necessary SDKs to build IoT devices. The company has partnered with hardware manufacturers, offering developer kits and a developer console, designed for managing devices and pushing over-the-air updates to both prototype and production devices. This is exciting news for developers interested in building connected devices, and companies are already jumping in with new products for the platform including Google, with their launch of Smart Displays for Google Assistant.
Microsoft also announced open-sourcing for Azure IoT Edge, a product suite that allows companies to run AI and Azure services without connecting to the cloud. Microsoft first unveiled IoT Edge at last year's Build Conference to help it keep pace in the edge computing market for IoT devices. The latest update allows any customer to use the service, helps them modify it with little hassle, and makes it easier to detect and weed out software bugs.
These two huge companies aren’t the only ones shifting attention to building IoT devices, and general growth in this market is nothing new. IoT devices offer many features that make life easier and more convenient, and businesses can easily monetize them. IoT devices are in our homes, cars, workplaces, and pretty much everywhere, pumping information through the web to manufacturers, developers, and anyone in the world. With such a huge jump in these inter-connected devices, security threats have also spiked. According to Symantec's 2018 Internet Security Threat Report (ISTR), the total number of Internet of Things (IoT) attacks grew 600% between 2016 and 2017. Yet the public seeks convenience and is willing to give up privacy and personal data to get it. (Again, what else is new?)
The question stands: how do we as tech-savvy citizens of the digital world jump on the smart home/ smart world bandwagon without getting burned by hackers or having our personal data sold without permission? The simple answer: be smart. Knowledge is power, therefore knowing what threats already exist and how to combat them is the best way to arm yourself in the age of personal data exploitation. Here are the basics...
Cybersecurity & IoT
A FTC report details that fewer than 10,000 households can create 150 million data points with IoT devices every 24 hours, with each datapoint acting as an entry to your wifi and data. While most reports of hacked devices seem to be on a low-frequency level, like smart refrigerators and baby monitors, the likelihood of being a cybercrime victim increases as IoT devices become more commonplace. How many families now have Alexa or Google Assistants? Do you use Logitech Harmony Hub for home entertainment devices? Have A Nest or Smart Door Lock? Smart Toys for your child? Smart Car? The list of potential break-in points goes on.
In addition, more money-making IoT attacks are being explored, such as cryptocurrency mining or ransomware attacks on point-of-sale machines, medical equipment, or vehicles. If a device is connected, it can be compromised, and not just by hackers. Some of the most dangerous side-effects from smart devices come from the manufacturers and developers who gain capital from your data. With all of this in mind, what is the solution? While there is no current fix-all, we have compiled a few best practices to help keep you and your smart devices safe.
How to Protect Your IoT Devices
- Segment your Network: Create an encrypted Wi-Fi network that is devoted exclusively to the Internet of Things. Make sure that each device you have that is IoT-ready has a unique and highly secure password. Just to be safe, make sure your home network is using passwords that are changed every 30 days and that you have robust virus protection and firewalls. A VPN doesn’t hurt either.
- Update Firmware: An IoT device has software embedded on it called firmware that may be susceptible to exploitation if not regularly updated and patched. To keep your IoT devices secure, you should register each of your devices for any automated firmware updates that are offered by the manufacturer.
- Turn off IoT devices: The malware used in some recent cyber-attacks is stored in memory and can often be erased with a power cycle. Accordingly, you should turn off any smart devices when they are not in use, such as video cameras and devices with microphones that can be compromised and used to invade your privacy. IoT devices that are in regular use like thermostats should be restarted periodically.
- Avoid Public WiFi: Pay attention to mobile device security. When remotely checking your IoT devices from a smartphone or tablet, it is generally good practice to avoid using public Wi-Fi networks that are not password protected. Insecure connections can make your IoT device vulnerable to hacking.