How to Secure an IoT System in a Mere Few Minutes

By 2020, IoT devices are expected to grow to 31 billion in use globally, and by 2025, the number will surpass 75.4 billion devices. That’s a lot of potential attack surfaces. Everything has to be protected.

IoT.items

The internet of things market is potentially one of the greenest greenfields ever in the world economy. The sheer number of multiple billions of connected devices not only boggles the minds of hardware and software vendors, system owners and independent software developers—who all see dollar signs—but it also delights bad actors, who also see that same income potential.

As the IoT grows, the crooks can look around and find potential open doors everywhere to promote their nasty businesses. Every new device that comes on line represents a possible entry gate for malware, ransomware or some other poison to be injected into a system that will do harm to everything it touches. Only thoughtful security planning and diligent followup can stop this from happening.

Connected devices, such as smart home devices, new vehicles, drones and wearables, have quickly gone from “nice to have” to “must haves.” In fact, by 2020, IoT devices are expected to grow to 31 billion in use globally, and by 2025, the number will surpass 75.4 billion devices. That’s a lot of potential attack surfaces.

Because IoT devices often go hand-in-hand with hacking and intrusion, we all need to be extremely aware of the consequences if we do not secure our networks correctly. In this eWEEK Data Point article, Andrew Newman, founder of Reason Software and an expert in internet security, offers a set of tips consumers can perform in 60 seconds or less to help protect against a potential hack. 

These are generally common-sense items, but the fact is, many people are not aware of them—and ignorance is not bliss when it comes to the IoT.

Data Point 1:  Turn off your device’s Bluetooth.

When it’s not needed, consumers should turn off their devices’ Bluetooth functionality, because this is an entry point often exploited by hackers on IoT devices. Most IoT devices do not need a constant connection, especially those with cameras and microphones.

Data Point 2:  Check your breach status.

Consumers should regularly check for potential areas that hackers can enter through with free IoT scanners (like this one from Reason Core Security), which check for vulnerabilities in all the IoT devices in your home. An IoT scanner can detect open ports that can be potentially exploited and will notify the user to close those ports and patch the vulnerability.

Data Point 3:  Create strong and unique passwords.

On all companion apps and accounts, consumers should make sure they have secure passwords and that they store them in a password manager. Make them random and easy to remember but difficult to decipher; use special characters.

Data Point 4:  Stop WiFi pretenders.

Hackers often set up Evil Twin WiFi networks in public areas to try and trick you into connecting to your device to it to intercept your network traffic. This allows them to steal passwords and other sensitive data. It can be difficult to distinguish between real and rogue networks, but you can start by using your devices’ settings to clean up the networks you join automatically.

Data Point 5:  Keep your software updated.

Turning on automatic updates is imperative in improving security for your personal technology.Old software will lack up-to-date protection, making it easier for hackers to scope out vulnerabilities. Likewise, make sure all your devices are up to date with all the latest security and firmware updates.

Data Point 6:  Adjust device settings.

Most smart devices and apps feature adjustable privacy settings. Depending on your desired level of security, you can enable or disable certain features for connectivity, such as voice control or motion detection.

Data Point 7:  Install a firewall.

For added protection, installing a firewall will help prevent hackers from reaching your connected devices by denying unsanctioned traffic.

Data Point 8:  Create a separate network for IoT devices.

This simple action makes it harder for hackers to access your devices and access to shared files.

Data Point 9:  Don't connect your own device to workplace's network.

While companies should have a clear and concise BYOD (bring your own device) policy, it's a good idea to not connect personal IoT devices to your workplace’s network, where vulnerabilities and excess traffic are a high risk. 

Data Point 10: Use encryption tools and password-protected ZIP files.

Employ encryption tools or put your files in a password-protected ZIP file, especially the files you store in your network storage device. Both practices increase the security of your data, even if your computer is comprised.

Chris Preimesberger

Chris J. Preimesberger

Chris J. Preimesberger is Editor-in-Chief of eWEEK and responsible for all the publication's coverage. In his 13 years and more than 4,000 articles at eWEEK, he has distinguished himself in reporting...