Three Recommendations for IoT Security
Criminals are now relying increasingly on ways to hack your devices. Each of us plays a responsible part in ongoing security awareness training and best practices to secure the Internet of Things – IOT. Staying current with the latest scams and sharing this information with your family, friends and co-workers will help to insure they are not victimized.
Internet touch points are no longer reserved for just personal computers. We are increasingly networked together by an Internet of Things also known as IoT.
Take a moment to study the many ways you currently connect to the Internet each day and with which devices you are connecting.
- Are these connection methods equally secure?
- How do you manage your personal and professional web use across different devices and networks?
- Do you have any idea of how many connected applications or accounts you have open at any time, and on which devices?
Every day new ways to connect to the Internet are released into the marketplace. This includes all wireless internet devices including; smartphones, wearable fitness bands, smart-watches, vehicles, appliances and even medical devices that can connect to the Internet.
In many cases, these devices are constantly exchanging data across the Internet. This capability allows us great freedom to communicate and manage our busy lives, but it also exposes us to many new growing cybersecurity threats.
Protect Your Device Before You Connect
When you get a new device, take a few minutes to understand all the different ways it may be connecting. Your smartphone alone has the potential to connect in five different ways. All new devices, offer many options and features to connect.
- Take the time to understand the settings for your devices’ wireless features such as Wi-Fi, cellular, Bluetooth, Near-field communication (NFC), location tracking (GPS), and media sharing. Each of these can be a potential breach point if left unsecured.
- Avoid leaving your connection points open when you are not using them. In many cases you can just turn these features off when not using them.
- Always keep your device up-to-date with current versions of the operating system, firmware, security software and web browsing tools. Use a supported operating system capable of receiving updates.
- Get to know the security features included in your device and its many applications. Some examples may include data encryption, remote wipe, password customization, two-factor authentication, back-up, VPN, and malware removal. Using two-factor authentication is now considered a best practice and should be turned on for all your devices to increase security.
The convenience of connecting to a public Wi-Fi network is tempting for most, but offers very little privacy. Free Wi-Fi networks are always risky and should be avoided. An attacker over public Wi-Fi can easily embed long-term malware to your device, which stays with you even after you disconnect.
- Understand the risk and avoid automatically connecting any of your devices to free public Wi-Fi networks. Cybercriminals often create false networks that appear to be legitimate business networks to lure you to connect. Your passwords, financial accounts and data can all be compromised by a hacker on free Wi-Fi networks.
- Always consider that free Wi-Fi networks are unencrypted, and your device activity and data can be monitored by hackers. Check with the business providing the free Wi-Fi to verify you are connecting to the correct network. Turn off any settings that automatically connect you to free Wi-Fi networks you have not approved previously.
- Research and use virtual private network (VPN) software whenever possible to encrypt your data whenever you are connected to a Wi-Fi network.
Practice Safe Usage Once You Connect
If you are like many users, at least one of your devices may share work and non-work purposes. The device you use to access your work network and communicate with customers may be the same device you use for storing personal photos and engaging with social media.
- Be aware of where your data resides. What data is stored on your physical device? Is it being shared via the Cloud? If so, how often does it refresh, and who has been granted access rights? Are the settings sharing your data with applications you have not approved?
- The IoT is also creating more touch points with social media. Information can now just as easily be shared via your car’s onboard computer as with your smart-watch or phone.
- Be cautious with new and emerging technology. One growing area of financial exposure is the use of mobile payment platforms. Tapping a smartphone on an NFC reader to pay at the store offers convenience and risk. There are now countless different applications that support mobile payment that present new risk to our finances.
Security Awareness Training is a Daily Requirement
Remember, we are all now connected daily in the IoT world. Our online activities have the potential to affect our finances, families and co-workers.
Criminals are now relying increasingly on ways to hack your devices. Each of us plays a responsible part in ongoing security awareness training and best practices to secure the Internet of Things. Staying current with the latest scams and sharing this information with your family, friends and co-workers will help to insure they are not victimized.
The Center for Information Security Awareness (CFISA) and InfragardAwareness, www.CFISA.com has been providing online and in-person security awareness training since 2007. The CFISA security awareness training stresses the importance of educating employees to help reduce company risk.
Contact CFISA and we will help you with a training option to fit your budget!
Copyright © 2018 – CFISA