Be careful with smart device security

As our world becomes increasingly dependent on Internet of Things devices, it seems nearly everything can connect to the internet. While this can make life more convenient in various ways, it can also lead to significant security risks.

Internet of Things (IoT) refers to the collective network of connected devices and the technology that facilitates communication between devices and the cloud, as well as between the devices themselves. Many of these “things” are preceded by the word “smart,” such as a smart thermostat, smart refrigerator or smart bulb.

The more items your organization has connected to the internet, the more you run the risk of someone breaching your security. Here are some of the biggest security issues with IoT devices:

• Default passwords – Many IoT devices come with weak passwords, but they won’t necessarily prompt you to change them. You could leave yourself open, then, to someone figuring out your password and making their way into your system.

• Malware and ransomware – Malware is intrusive software that is intended to harm a computer, and ransomware is extortion software that can lock your computer and then demand a ransom for its release. Because there are so many IoT devices now, there are, consequently, many more opportunities for malware and ransomware to make its way into your system.

• Lack of testing – Because many IoT developers have been so eager to get their products on the market, they have sometimes overlooked security. Moving forward, there may be a lack of security updates.

• Interconnected devices – According to a 2020 survey, the average American household had 10 connected devices. With such interconnectedness, only one device has to be compromised to put the entire network at risk—making a hacker’s job much easier.

If your organization is making use of several IoT devices, it’s time to take another look at your level of security. Follow Church Mutual’s 10 Essentials of Cybersecurity:

1. Create a written internet use and access policy.

2. Provide regular cybersecurity training to your employees.

3. Make sure your employees—and anyone else who uses your network—create strong passwords with a combination of letters, numbers and special characters.

4. Use multi-factor authentication in addition to passwords.

5. Keep all software up to date, and delete unused apps to reduce the risk of malware or ransomware.

6. Regularly back up any critical information that is vital to running your organization.

7. Require users to gain permission to use your Wi-Fi.

8. Complete criminal background checks on all individuals who use your network and have access to the inner workings of the network.

9. Allow only a small number of people to access your network.

10. Review your insurance coverage to make sure you are prepared for a cyberattack.

For more tips on cybersecurity, visit Church Mutual’s cybersecurity risk management page.