6 Tips to Keep the Internet of Things Secure

Internet of things, IOT, Password Security, Security, Security Threats, , ,
16
Jan 2018

The Internet of Things (IoT) relates to all those smart devices which can connect to your network and communicate with it, but how do you make the IoT safe?

We have smart devices not just at home, but also within our businesses and it’s no surprise to hear that it’s estimated up to 8.4 billion smart devices will be connected in 2017. Naturally, with such a huge number of devices accessing networks, it’s not surprise that they’re proving to be highly interesting to hackers.

As our business life is becoming more and more digital, the need for the IoT is increasing just as rapidly, that’s why I’m going to share 6 tips to keep the IoT secure.

1.  Understand What’s Connected

It’s important that you know which devices are regularly connected to your network. By understanding which devices offer a route into your network, you’re able to take preventative measures to help safeguard against any vulnerabilities. Make sure that a database is kept and regularly updated to include any new hardware so that you can fully understand the reach of your IoT.

2.  Keep IoT Devices on a Separate Network

If one of your IoT devices is compromised by a hacker then this represents a threat to everything on that network, so it’s important that you segment all your IoT devices onto a separate network. In the event of an IoT device being hacked you can then limit the data on offer to the hacker.

3.  Don’t Leave Devices Connected for Longer than Necessary

It’s impossible to hack a smart device which isn’t plugged in, so to completely minimize the risk it’s highly recommended that smart devices are disconnected from the network when they’re not being used. This is a good security practice that needs to be communicated to all employees as anything can be hacked be it a printer or a webcam.

4.  Always Install Firmware Updates

As with any other piece of hardware or software, firmware updates for smart devices need to be installed as soon as possible. Not many people are aware of the security risks associated with smart devices, so firmware updates are often ignored – this is why hackers are starting to target them more and more often. So, once you see that update request, make sure you click it.

5.  Limit Personal Device Usage

99.9% of the population appears to have a smartphone, so this means that almost all of your employees will be bringing a smart device to work every day. And, to ensure that they can keep up to date with Facebook, they’ll be piggybacking onto your company WiFi to create an internet connection. Therefore, it’s important that you limit personal device usage or, at least, create a sign in method which uses company email addresses. 

6.  Password Protect Everything

Finally, you must make sure that you password protect every single smart device within your business. As previously mentioned, it’s easy to assume that a printer is never going to get hacked, but it happens. By establishing a set of passwords (all different of course) for all your smart devices you’re putting that extra layer of defense in front of your business. And the more defenses you have, the less attractive your network becomes to hackers.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

4 Real Life Examples of the IoT Being Hacked

Cyber Attack, Internet of things, IOT, Security, Security Threats, ,
09
Jan 2018

It’s easy to talk about the IoT (Internet of Things) security issues in theory, but what actually happens when the IoT gets hacked?

Understanding exactly what happens when IoT devices get hacked and how they get hacked is crucial in helping to protect your organization. Knowledge, of course, isn’t a cast iron guarantee you will avoid be hacked, but it certainly puts you in a much stronger position.

Let’s take a look at four real life examples of the IoT being hacked.

Unsecured University IoT

Verizon’s Data Breach Digest 2017 report details the example of an unnamed university where the network was flooded with Domain Name Service (DNS) requests for seafood restaurants. Whilst it sounds like a student prank, it was actually an outside attack by hackers which used 5,000 IoT devices such as vending machines and lighting systems. The hack was achieved through a brute force attack which took advantage of weak passwords so that malware could be deployed and bring the university’s network to a standstill.

IoT Cameras Hacked

The popular IoT security camera range – NeoCoolCam – has been found to contain a major security flaw which means that they can easily be hacked from outside the network they’re on. Given the security nature of the devices, these cameras can easily be compromised for unauthorized surveillance or even as a stepping stone to get even deeper into a network. Researchers at Bitdefender have found that all it takes is for the easily accessible login screen to be manipulated in order to take control of any of the 100,000+ cameras currently in use.

The Mirai Botnet

Poor password management is one of the biggest flaws in data security and the Mirai botnet certainly takes advantage of this. A piece of malware which infects network devices running on Linux, Mirai instructs these devices to constantly search the internet for vulnerable IoT devices. The fatal flaw contained within these IoT devices is that their factory set default username and passwords have not been changed. As Mirai is loaded with a list of these default details, it’s able to quickly take control of these devices and Mirai was even involved with an attack on Liberia’s internet infrastructure.

Hacking a Jeep

Perhaps the most disturbing and dangerous example of IoT devices being hacked is the case of a Jeep Cherokee 4×4 vehicle being compromised. Security researchers Charlie Miller and Chris Valasek were able to identify a zero day exploit which allowed them to send instructions to the vehicle through its entertainment system. Not only did this provide them with the opportunity to remotely change the in-car temperature, they could also influence the vehicle’s steering and braking systems. All it required was knowledge of the individual vehicle’s IP address to take control.

All four of these examples demonstrate just how far behind that IoT device manufacturers are when it comes to the security of their devices. Naturally, the manufacturers have a lot to do to ensure that their devices are safe from the moment they’re installed, but the owners of these devices also need to be mindful of good password practices.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The Main Security Challenges That IoT Faces

Internet of things, Security, Security Threats, ,
02
Jan 2018

The internet of things (IoT) is getting us connected like never before, but with its increase in popularity, the security challenges are intensifying.

With IoT creating an unprecedented number of connections into our organizations, it’s no surprise that hackers are viewing it as a potential entry point as opposed to traditional routes such as email attachments or USB sticks. And, as IoT is such a new technology, the vast majority of users aren’t as well schooled in the accompanying security challenges.

If you can understand these security challenges, though, you’re maneuvering your organization into a highly advantageous position. You may be wondering what the main security challenges that IoT faces are, so let’s take a look!

  • Updates aren’t always automatic – PC updates never used to be automatic and this used to leave them open to attack. Thankfully, software/hardware manufacturers quickly realized the importance of this and built automatic updates into their products. Although this approach still relies on human compliance to authorize, it’s highly effective. With IoT devices, however, there’s such a rush to bring out new products mean that firmware updates are allocated little priority, so IoT devices can soon become unprotected. 

  • IoT devices are relatively simple – Many IoT devices are limited in their capabilities, be it in terms of storage or memory. Whilst this allows them to remain compact and low cost, it also leads to a lack of room for security. As a result, they become susceptible to security attacks and the chance of adequate encryption being in place is unlikely. Therefore, it’s crucial that extra security steps are put in place such as specific networks with dedicated firewalls to help house these IoT devices. 
  • More devices mean more monitoring – The amount of devices which can make up the IoT is staggering, but it also means that there’s an increased security risk. With all these entry points in your organization’s networks, the amount of data which needs monitoring is going to increase dramatically. And this means that you need to monitor the data coming in and out of your organization much more closely. Leading to increased labour and technology costs, this is one of the most pressing challenges presented by the IoT. 
  • Predicting and preparing for attacks – Advances in technology mean that more and more devices are entering the IoT market which, on one hand, means accessibility for almost anything you can think of is possible but, on the other hand, it’s making threat detection more difficult. Pinpointing exactly how a hacker will abuse an IoT device is difficult – will they use it as a stepping stone into your network? Will they simply misuse the device? Or a bit of both?

These challenges could easily be misinterpreted as a list of reasons why you shouldn’t get involved with the IoT, but this couldn’t be further from the truth. Instead, these are challenges which, if tackled correctly, can help your organization get the best out of the IoT. Sure, there’s going to be a level of investment and new structures to consider, but what price can you put on progress?

For more ways to secure and optimize your business technology, contact your local IT professionals.

 

Read More

What Are Local Backups and Why Are They Important?

Cloud, External Hard Drive, Flash Drive, Local Backups, Security, , ,
21
Nov 2017

external-hard-drive-1200006_960_720

Local backups are one of the most popular forms of backing up data, so it’s a method that organizations should seriously consider for storing their data.

While cloud backups are grabbing all the headlines, they’re not necessarily the definitive answer to everyone’s backup needs. What’s more, local backup can easily run alongside cloud backup systems, so they’re not an option which should be dismissed.

As backup is such a critical business need in an era of huge data growth and ransomware threats, we’re going to take a look at what local backups are and what they can do for your business.

flash-drive-153204_960_720

What is Local Backup?

As the name suggests, local backup is any type of physical storage medium which is kept locally and can be quickly connected to a PC/network which requires a backup to be saved or restored. The most popular forms of local backup are:

  • External Hard Drives – These devices are now capable of holding huge amounts of data with 16TB (that’s 16,000GB) external hard drives available. Usually connected through USB ports, these hard drives provide a swift transfer of data and this is even quicker when USB 3.0 capabilities are present.
  • CDs, DVDs and Blu-Rays – Optical drives may sound fairly limited in their storage capacities (a single layer Blu-Ray holds 50GB and a CD only 750MB), but they’re still highly popular for quick data storage that can be kept close at hand on a spindle.
  • Solid State Drives – USB and flash drives, again, are highly quick and simple methods for storing critical data which can be kept locally. The beauty of this small, but important method of backup is that implementing the backup data is easily achieved by simply plugging the medium into the PC.

What Can Local Backup Do for You?

Local backup solutions come with a number of benefits which mean they’re perfect for organizations and these can include:

  • Enhanced Security – External hard drives, optical drives and solid state drives are all protected by online threats such as hacking as they’re standalone pieces of kit. Once they’re disconnected from a PC or network there’s no way of them being hacked, so they represent a highly secure storage medium for your data.
  • You Have Full Control – One of the main drawbacks of cloud backups is that they tend to be operated by a third party contractor, so you never truly have full control and responsibility for your data. With local backup methods, however, your data is always safely under your own watch and does not leave your premises.
  • Quicker Transfer – Local backups have a much simpler structure than complex cloud backup systems, so your data can be transferred at a much quicker rate when necessary. This reduces downtime for your PC and network whilst also significantly reduces the time taken to monitor the backup process.

As a result, local backups represent a secure method of storing data with a number of benefits that cloud backups are unable to offer. However, many organizations are now embracing hybrid systems which utilize local and cloud backups to enhance the ability to retrieve data when it’s needed most.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The Importance of a Business IT Continuity Plan

IT Continuity, IT Plan, Security, Services, , , , ,
07
Nov 2017

 

PDCA_Cycle.svg

A backup plan for your IT system in the case of a sudden disaster is crucial to ensure your business continues operating whilst that disaster is rectified.

Many businesses, however, don’t have a contingency plan in place that will allow their IT operations to continue in the case of an emergency. And this lack of preparation can lead to your business having to cease operations and, therefore, hit you hard financially. Naturally, no one can forecast an emergency or a disaster, so it’s important to get something established sooner rather than later.

To understand, in a little more detail, why a business IT continuity plan is so important, we’re going to take a closer look at what it can bring to your business and how to implement it.

The Main Benefits of Business IT Continuity

Say, for example, your business suffers a huge malware attack, this could seriously compromise all the PCs on your network and render them redundant. And how are you going to process orders or bring up customer records then? Exactly – you aren’t! However, with an IT continuity plan in place, you can put this into action whilst your IT team work at eradicating the malware attack – this allows you to continue serving your customers and helps your organization minimize the downtime.

It’s also quite possible that your business premises could be put out of action due to disasters such as fire or even natural disasters which could visit in the form of hurricanes. With your office, for example, out of bounds, it could appear that there’s no option but to down tools. If, though, you’ve planned for occasions such as this, you could execute remote working accessibility for your staff to work from home or alternate premises. Again, this helps to keep your organization afloat and operating.

IT Services are aligned to the customers needs. Dynamic Lifecycle approach to service. Interconnections between processes. Quality of Service. Reduced cost to serve because of use of standard process. ITIL is NOT… A methodology. A complete set of predefined low level processes – only the framework with which to build them.

Creating an Effective Plan

A good business IT continuity plan is one which has been carefully planned and designed by a team which incorporates all areas of your business. Whilst it may seem sensible to have an IT bias towards leading the project, they won’t necessarily understand which data and which applications are most important for different departments. And this is why we would always recommend a team comprising of individuals who can cover all aspects of the business’ needs.

Once this team is in place, you’ll find that the prioritization of IT resources allows you to get a better understanding of what’s required from your business IT continuity plan. Naturally, these plans are never perfect as they’re relying on a situation which hasn’t happened yet. Therefore, to get the best out of your IT continuity plans you need to put them in to practice to discover how effective they are for keeping your organization in business.

As we pointed out earlier, no one can predict when your business is going to be hit by a disaster be it through hacking, natural disasters or even just plain old equipment malfunction. However, what we can predict is that a business IT continuity plan is going to minimize the impact of such a disaster on your business and should be a prerequisite of any forward thinking organization.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 28 29 30 31 32 49