Pro IT Services: Professional - Proactive - Proficient

PG&E Public Safety Power Shutoff is scheduled for Wednesday, October 9th at 4 AM for much of Northern California. For planning purposes, PG&E suggests customers prepare for outages that could last several days. Please take appropriate actions to ensure the safety of your systems if you are in a targeted shutdown area. See if your area is affected here...

IoT Devices: Security Holes?

March 15th, 2016 by admin

Cloud of icons connecting to other icons on a blue background

Hackers can take advantage of a newer technology prevalent throughout your business to break into your network and compromise security: Internet of Things devices. Your business may have never considered that the handy new Smart Thermostats throughout the building or the Smart TV in the conference room could actually be used by a hacker to piggy-back onto other devices on your network.

Fortunately, a managed service provider can stay on top of your IT security, installing the latest updates on every computer and all network hardware, and minimizing the risk of experiencing productivity-draining malware and hacks.

Your business could be vulnerable to a major security breach by leaving IoT devices unpatched and running old code.

The Elephant in the Room

In December of 2015, the security experts at TrendMicro identified approximately 6.1 million devices in use, including IoT devices, running software with an unpatched code execution attack security hole. The catch is that the security hole was identified and fixed all the way back in 2012, meaning these devices are still putting their owners at risk. Code vulnerabilities aren’t limited to device firmware, as the security hole TrendMicro found came from a code library found within apps.

A study by HP showed that upwards of 70 percent of all IoT devices are in some way vulnerable to an attack—and according to ZDNet, IoT devices are problematic for business security overall because they lack much of the security sophistication found on devices like laptops. For example, the home IoT market is facing major privacy and security concerns over Baby Monitor hacking. Your company may be concerned about home IoT devices as well if you have employees that work from home.

Plug, Play, and Forget

Hackers aim to exploit the common “set it and forget it” mentality toward IoT devices. Not only are IoT devices prone to security breaches, they are also often neglected as points of concern. When the manufacturer issues an update to patch security problems, your staff may not include IoT devices alongside regular updating practices.

There is plenty that an MSP can do right now to protect your business from IoT security holes, even when security apps and firmware patches aren’t an option. In addition to keeping the device’s operating software up to date, it is also necessary to keep all installed apps updated. Many IoT devices lack a clear interface to implement patches, making the process cumbersome. Security apps work well on devices that support them, but IoT products that lack security app support are a bit trickier to work with.

Another way an IT consultant may suggest to keep IoT devices from impacting the rest of your business’s security is to create a second isolated network for smart devices that can’t directly access your main network. WiFi makes the process relatively inexpensive and straightforward.

Keep your business running productively by taking preemptive action against IoT security faults with a local MSP. You’ll be glad you did.

Tags: hacking, IT Consulting, IT Security, IT, security threats, security, smart devices

Posted in: Security

Categories

Archives