Research by one of the leading companies in 2017 reported $267 billion by 2020 will be the estimate market value for IoT products and services. IoT component would be included in more than half of significant new businesses, raising the number of IoT-connected elements to 20.4 billion globally as per Gartner. Internet-connected devices are increasingly occupying our lives at home and in organizations, it is essential to keep in mind the security risk. People often look for convenience, and in that process, privacy, and safety usually take a backseat.
A recent survey by Tripwire which included both IT executives and professionals found that 63% of C-level executives said they were inclined to adopt IoT to increase productivity and efficiency, while just 27% reported being “concerned” about the security risks. 30% of responding IT professional on the other hand stated that their company was equipped to ensure secure environment for IoT products, and 59% respondents working in mid- and large-sized businesses feel IoT could potentially be “the most vital security hazard on their network.” Gartner shows "Internet of Things" in 2016 will rise to 6.4 Billion connected IoT devices worldwide, 30% more from 2015 statistics. Advances in technology eases life but there is also increase in potential security threats to devices and software by hackers and malware. To keep all your devices secured here are a few crucial steps to keep in mind while thinking about IOT security.
Know What’s Connected
It is essential to know what is vulnerable to an attack even before you secure your device. Many IoT devices in today's market come paired with cloud-based services, in short, they are always connected to the internet. This connection can heighten the likelihood of sending sensitive data back to the manufacturer, thereby creating a potential security hole.
Keep your devices up to date
To reduce the risks of a successful attack, keep your devices fully updated with regards to firmware or any software update. However, most of the IoT devices do not have a software update distribution model and hence, making it the individuals responsibility of staying upto date and installing updates. Your IoT devices and router would not be vulnerable to hackers if continuously updated.
Pick a unique password
Do not use generic passwords for your IoT devices make sure to have a unique and different password for each device. If a hacker succeeds to get through your device or one of your passwords, they will try accessing multiple accounts. Include a combination of digits, letters, and symbols. Reusing old passwords is not a good idea.
Create a separate network
Wi-Fi routers mostly support guest networking where in a visitor can connect to your network. However, your files and shared networks are not accessible to them. This kind of security serves well for IoT devices as well as you can create separate network for your IoT devices depending on your model. In short, even if your device is hacked, the hacker would be disappointed and your files would be secured.
Turn off Universal Plug and Play (UPnP)
Routers, printers, cameras, and other devices become more vulnerable to attacks if you have activated UPnP. UPnP of course helps connect devices easily to network without configuration and discovering each other automatically but also leaves you vulnerable to prying eyes. However, imagine you are watching a movie and a thief enters your house and robs you off your precious jewels and money without even making a noise? Well, it is the same scenario with UPnP as it is a susceptible and a poorly secured doorway that hackers can potentially find and rob you off your precious data. Hence, it is better to turn off UPnP completely.
Keep personal devices out of the workplace
It is better to keep your IoT devices away from your workplace as potential security concerns for wearable’s increases. Organisations should limit IoT devices to a guest network or prevent personal IoT devices from connecting to the network.
Track and assess devices
Track the flow of traffic and monitor everything and each device connected to the network. Assess mechanisms to determine the level of access, keep them fully patched and up to date, and to protect end-to-end data to preserve integrity. Recognition devices that are connected and what they’re doing is a prerequisite for proper security, and unknown devices should flag an alert.