Heating your business, controlling the lights and viewing security footage can all be done remotely from your phone or computer when you aren’t there. This is known as the Internet of Things (IoT) and it is growing rapidly, spurred on by a culture that demands digital connectivity and smart devices that can be applied to all areas of life.

Whilst this level of connectivity is great, there are some major drawbacks that you need to be aware of. Without proper management and security, your smart business full of connected IoT devices can become a living nightmare if it is targeted by hackers.

There are several security and privacy risks that pose a serious threat. Any device that shares a wireless network is inherently at risk of a security breach. When somebody gains access to your smart devices, they can harvest your data and manipulate them. Luckily, there are plenty of security measures you can take to secure your IoT devices.

If you haven’t done any of these things yet or haven’t at least checked your devices over to ensure they meet the following points, then you should do so right away if you use a lot of smart devices.

1. Start with Your Router
   Your router is the ‘front door’ to your smart business. Just like your physical front door, your router’s front door should be secured with solid locks. You never know who’s going to come knocking.
   
   A secure smart business, therefore, starts with your router. It is the hub that connects all your devices to the IoT and enables them to operate. Most people use the router that their ISP provided them with, however, it’s always best to invest in a router that is better and offers a higher degree of security as standard.
   
   There is nothing wrong with using the router your ISP provided, but it’s not going to be massively secure.
   
   
2. Create a Secondary or ‘Guest’ Network
   You can create multiple networks on your Wi-Fi router. This is mostly used to create guest networks for visitors. You may want to create an additional network that is solely for connecting your IoT devices too. By doing this, you prevent potential hackers from accessing sensitive data, shared files and other bits and pieces from your other devices if they breach your network.
   
   All your Wi-Fi router’s networks should be secured with a strong encryption method and robust passwords. For routers, the standard and most secure encryption method is called WPA2. This should always be used, even for guest networks.
   
   For passwords, avoid things that are common and easy to guess. A strong password is composed of letters, numbers, and symbols, and each network should have a unique one. You can use a password manager to help you remember them all. Never use your router’s default username and password.
   
   Creating a secondary and tertiary network is easy, and most routers let you do this through a user-friendly GUI.
   
   
3. Check Your IoT Device Settings and Keep Them Updated
   Your IoT device probably comes with default security settings and you may want to consider changing them. Not all manufacturers have your best interests in mind and the default settings may work to benefit them more than you.
   
   Additionally, check that you don’t have features enabled that you don’t need. For example, remote and microphone access might not be required, however, network access will be. This depends on the device and its purpose.
   
   Avoid putting off software updates as these are often patches for security vulnerabilities. Many IoT devices will prompt you when an update is available, but it’s good due diligence to check manufacturer websites often.
   
   
4. Enable Two-Factor Authentication
   If any of your devices offer two-factor authentication, use it. Two-factor authentication is an additional security layer on top of a device’s password that requires secondary authentication—a one-time code sent via email or SMS—before access is granted.
   
   When used properly, two-factor authentication can stop the bad guys gaining access to your accounts and taking control of your IoT devices.
   
   
5. Disable UPnP Features
   IoT devices tend to have Universal Plug in and Play (UPnP) features, enabling different devices to find and connect to one another. Whilst this is convenient and eliminates the need to configure each device individually, the protocols rely on local networks to connect to each other and these are vulnerable to third-party attackers.
   
   When an attack occurs, UPnP lets multiple devices be accessed at the same time. It’s far safer to just disable it and configure your devices manually.
   
   

Staying one step ahead of attackers and securing your network of IoT devices comes with the territory; it is the price you pay for convenience and benefiting from what IoT devices have to offer. Securing your devices isn’t difficult and it is something you absolutely must be doing if you want a comprehensive smart business network.

By drawing inspiration from the above security tips, you can keep yourself safe from the threats posed by using the Internet of Things. If you want to learn more about how you can be proactive in keeping your company secure, contact Datum Consulting to learn how we help organizations protect critical assets.