A Short Guide to Securing Your IoT Devices

March 17, 2021 - 8 minutes read

The Internet of Things (IoT) has revolutionized the industrial world, and now it’s heading for our homes, cars, and cities. As the number of connected smart devices continues growing in complexity and size, we must take care of cybersecurity risks before privacy and security are compromised in large numbers for businesses and consumers alike. According to London-headquartered CSO, attacks against IoT devices tripled in the first half of 2019.

Almost 70% of organizations globally have dealt with an IoT cyberattack in the past few years. These worrying numbers are expected to grow as IoT increases in growth and popularity. Here are some ways to secure your IoT devices, ranging from complex to simple adjustments you can make in your home or office.

Strengthen All Passwords

This is the easiest thing you can do, so do it first. Set strong passwords and use a variety of usernames (other than ‘admin’) to secure your IoT network and devices. It’s difficult enough to remember passwords as it is, but try to change your passwords every 1 to 3 months. To help maintain a single source of truth for all of your username and password combinations, use a password manager to organize them.

The password manager also helps you ensure that none of your passwords are too similar or too easy to guess. Sharing passwords and usernames puts you at a higher risk for a successful hack, so do your best to avoid patterns across your passwords. It’s also important that, when you first add a new device to your existing network, you go into its settings and customize the device and its entry points to use different usernames and passwords.

Many hackers traditionally try ‘admin’ first to get into the network or device, and eliminating that possibility makes the hacker’s job much more difficult. Customize the device’s settings to enable only what you need.

Secure Your Connection

Look into boosting your router’s security. It connects your IoT devices and network to the Internet, and it’s vulnerable to exploitation and hacking by bad actors. Replace the default network name, admin username, and admin password with stronger alternatives. And like we mentioned in the previous section, make sure you change the username and password regularly.

Next, investigate whether you’re using the highest level of encryption on your router. If your router doesn’t support WPA2, you should highly consider upgrading to a new router that does. You can also consider further fortifying your internet security by separating networks for IoT devices and personal devices.

Don’t Forget Multi-Factor Authentication

Multi-factor authentication (MFA) can be a pain to go through every time you need to sign into an IoT application. On the other hand, it serves as a lifesaving tool when you forget your password or if someone changed your password without your permission or knowledge. Depending on how strong you want your security to be and what types of data your IoT devices store (a baby monitor versus a refrigerator), you may want to add more authentication devices and steps to increase the complexity of your security setup.

MFA can include something simple like adding your smartphone into the authentication chain or something more complex like a physical authentication which involves inserting a physical key into a device to log in. Sometimes, physical authentication could include verifying the time and location or verifying biometrics before logging in.

Update and Upgrade Software

Software is always improving and changing, and even if the fundamental code of the software doesn’t undergo extreme change, it’s important to keep software updated, patched, and upgraded as soon as these fixes are available to apply. Updating software can result in a nicer user experience, but more often, it involves fixing newfound bugs and patching up vulnerabilities in the code. If you fail to keep your devices updated, you can leave your entire network susceptible to attack.

Encrypt Your Connection

You can further secure your Internet connection by encrypting the data that goes through data transfer within your network. This can mask sensitive information and disguise any vulnerabilities in your network infrastructure and setup. A VPN is a great tool to obfuscate what’s going on within your network: VPN changes your devices’ IP addresses, encrypts data within and leaving it, and it often comes with a kill switch to shut off your Internet connection if the VPN connection is interrupted or stopped.

Monitor Your System

Further strengthening your Internet security may be worth the investment of a network monitoring tool. If your IoT system has a complex and elaborate network of IoT devices used for business-critical operations, it’s imperative to have an eye on all devices and data flow 24/7. A monitoring system tracks the health of your devices and sends out notifications if anything abnormal is detected, whether that’s a problem with the data flow, an interruption in the Internet connection, or access by an unauthorized party.

Try Segmenting Your Network

As we mentioned earlier, separating your network might be a good idea if some of your devices put your network at more security risk than the others. In segmenting your network, you’re splitting it into separate sub-networks that are mostly independent and isolated from each other. Don’t worry: you can still have the networks communicate if you need them to.

IoT app development

In comparison, a singular network that contains all connected devices, employee devices, and sensitive data transmission is instead protected with a firewall or endpoint protection. But if that firewall or endpoint protection fails, the entire network is at the mercy of the hacker. Thus, it is more prudent to segment your networks and prioritize the security of each network differently, based on the devices and data transfer involved in each network.

Staying Safe Moving Forward

To protect yourself, take any and all measures, even if they involve more investment and time on your part. If you experience a security breach, it can cost more in time and money than if you’d slowly and steadily worked on securing your network all along. At Dogtown Media, we prioritize cybersecurity in our applications from Day 1, and we think that’s a great rule of thumb for your own security needs.

Do you maintain your home’s IoT security? How much time and money do you invest in it to ensure you don’t fall victim to a hacking attempt? Let us know in the comments below!

Tags: , , , , , , , , , , , , , , ,