Just like “the Cloud,” the Internet of Things (IoT) has gone from an alien concept for many small businesses to an integral part of their operations. New smart gadgets are being added to company networks at a rapid pace.
From IoT sensors and security cameras to wireless printers and locks, internet-connected devices are becoming a larger part of company networks each year.
It’s estimated that between 2021 and 2025, the number of IoT devices installed worldwide will increase by over 110% to 75.44 billion.
While the use of internet-connected smart devices is the future of business, multiple red flags are going up about how IoT impacts network security. It’s a case where the technology is moving faster than the security apparatus needed to protect it.
Why Should We Worry About IoT Security?
According to an article from Wired, a new set of nine different vulnerabilities has led to approximately 100 million IoT devices and servers being exposed to hackers.
The code vulnerabilities have to do with problems in the code that enable the connection of an IoT device to the internet. Part of that connection protocol includes the use of DNS (Domain Name System) to know where to connect to. This flaw in the code allows hackers to crash a device or to control it remotely.
You can imagine how dangerous that would be if an attacker had control of a security camera, operational sensor, or wireless door lock system.
While these nine vulnerabilities do have patches for them, that doesn’t necessarily mean all is safe and sound. Some issues that could still leave IoT devices vulnerable include:
- Devices may be running older firmware versions.
- The device manufacturer may not have included a way to update a particular device component.
- The business may be unaware that an IoT device needs an update at all and never apply the patch.
These vulnerabilities are just the tip of the iceberg. IoT is increasingly an attack target because hackers know that it tends to be less secure, and less updated than computers and servers.
In 2019, there were 34.3 million attacks on IoT devices, and IoT malware threats increased 5% over the previous year.
Why You Should Segment IoT on a Different Network
Companies can mitigate some IoT threats by keeping the firmware that runs those devices updated and following best practices, such as using a strong admin password. But attacks can still occur due to a device having a security flaw in its code or just a lack of proper encryption built-in.
98% of IoT traffic is unencrypted.
When you have less secure devices sharing a network with devices holding sensitive data, it’s a recipe for disaster if you don’t have a solid network security strategy. That includes separating your IoT devices and putting them on their own network.
Here’s why this can help prevent ransomware attacks, data breaches, and other costly security incidents.
Reduces the Risk of a PC or Server Breach
When a hacker accesses one device on a network, they can often follow that device’s network connection to infiltrate other devices. For example, a computer or server holding sensitive company data, or one syncing with cloud storage.
By keeping your IoT devices on a separate network, you break that bridge that an attacker can use to get to another device. This eliminates the risk of a smart gadget being a conduit for a full network breach of your company’s files.
Makes Security Policy Implementation Easier
Companies will use different security policies for server access than they do for access to a smart whiteboard. Some IoT devices need to have certain sharing capabilities to ensure they function in the way they were designed, but you may want much tighter controls on access to your accounting person’s workstation.
When you segment your IoT away from your more sensitive devices, you can more easily implement the network security you want for each group of devices. This includes putting in automatic security policies, monitoring, and more.
Helps With Identification of Breach Cause
If you have a data breach and everything at your office is on the same network (computers, IoT devices, servers, etc.), it’s going to take you longer to identify the source of the breach.
When you have two distinct networks, one for IoT and one for everything else, you immediately cut your investigation time in half, because you immediately know if the breach was on one network or another.
This can also inform your response because you’ll know that breaches of your IoT network will be contained to your smart devices, while breaches on the other network are impacting computers and other sensitive devices.
Get Help Securing Your IoT on a Separate Network
B-Comp Services can help your Denver area business get a handle on IoT security before it becomes a major problem for you.
Contact us today to get started. Call at 303-282-4934 or contact us online.