Now that the holidays have come and gone, you might have a couple of new gadgets in your home or office that connect to the Internet. Depending on what these gadgets are, you might have a serious security issue sitting right in front of you without realizing it. Some devices that don’t normally connect to the Internet–also known as Internet of Things devices (IoT)–aren’t as secure as you’d like them to be, particularly in a business environment.
Users who don’t understand these security issues could unknowingly expose your business to threats. Internet of Things devices are notorious for their security faults, but in reality, these issues aren’t caused by the user. Some might place the blame on them for not doing their due diligence when acquiring the device and thinking about it in the workplace scenario, but the fact remains that the user can’t do much about it even if they wanted to.
This is primarily because many of the security faults found in Internet of Things devices comes from the fact that developers don’t really design them with security in mind. Think about it this way–the devices were made by those who have been making appliances (or whatever the device happens to be) for a long time, but they are just now getting involved with the actual software that allows for Internet connectivity. Therefore, they are less likely to make a device with security in mind compared to its functionality.
In particular, these devices are vulnerable to threats that would ordinarily be patched by the developer, but the thing about Internet of Things devices is that patches aren’t easily administered to these devices, if at all. It’s the responsibility of both the developer and the user, as failure to respond to this threat will mean that the Internet is less secure overall. Some have suggested making this kind of support required by the developer, including automatic updates and unique default passwords, but it is clear that there is a significant amount of work that needs to be done.
Businesses need to implement measures to keep IoT devices from becoming a detriment. Whether they want them to or not, employees will end up bringing in devices that can connect to the Internet, so business owners need to implement a policy regarding these devices. Going forward, a Bring Your Own Device policy that outlines how these devices are used and what data they are allowed to access will be critical to the success of an organization. To learn more about how to protect your business from IoT devices, reach out to ActiveCo Technology Management at (604) 425-3433.