Getting Excited About ‘Things’
The Internet of Things (IoT) is about connecting devices over the Internet, allowing us to interact with them through apps.
For example, imagine you left the house without switching the lights off. You could log in on your mobile phone and switch them all off on your way to work. Now apply that to fridges that can tell you when they are out of milk, smart meters that can report energy usage, digital video recorders (DVR) that can be set to record your favourite program, printers that can order supplies, coffee machines that can alert you when they need cleaning and you begin to see the scope and the opportunity of Internet of Things.
Depending upon who you listen to, the number of things is expected to reach between 20 and 50 billion by 2020.
Clearly the expectation of a lot of people is that there is a huge commercial opportunity. And as with every technology gold rush, everyone wants a piece of the action. Just about any type of device you can think of has already had an Internet connection built in.
Security of things is, however, a huge issue. If you can connect to your thing from the Internet then so can other people.
Very recently the Mirai worm used armies of compromised things (mostly DVRs and video cameras) to mount attacks on Internet infrastructure, making Twitter and Spotify inaccessible.
But what does all this mean to you and your business?
We counted devices on our customers’ systems where we are not contracted to manage their wireless. We found that ‘things’ accounted for 45% of the total number of connected devices. These are primarily mobile phones but also include personal laptops, tablets, e-readers and a small number of unidentified devices.
We found that figure shocking but I suppose we shouldn’t be surprised. After all we can’t stop those customers giving out the wireless password and letting people connect.
The scary thing is that any of these devices could be compromised and infect the network. At the very least they will be sucking up precious resources, affecting both the local network and the Internet connection.
The 7 Steps
The most secure solution, for any business, is to implement an advanced wireless network and have it managed by the IT team. That is what we recommend and implement for our customers that are concerned about the security of their technology.
We also know, however, that many small businesses find it difficult to accept the necessary expenditure, and are not convinced of the benefits. They then have no other option and so do nothing. This leaves them open to system breaches and poor system performance.
To close that gap, we have devised a series of 7 steps that will bring a significant improvement in wireless security for those on a limited budget:
- Check your wireless devices are able to advertise multiple network names
- Create one network for devices managed by the IT department
- Keep the password for that network name secure and change it regularly
- Limit who knows the password
- Create a second wireless network for mobile devices and ‘things’
- Allow that password to be distributed as freely as you wish
- Configure wireless isolation and limit the amount of bandwidth on this second network
If you have any questions about The 7 Steps, Wireless Security or Cyber Security in general then we would love to hear from you.