Digital technology and Moore’s Law have moved us along from the Computer Age to the Information Age. Now we are living in the IoT (Internet of Things) Age and it’s other counterpart or successor the Internet-of-Everything Age. It is a world where devices are interconnected via the Internet. Connecting electronic devices from home or the office requires an Internet connection and you can access it from anywhere using another computer or smartphone/mobile device. The more devices you connect — baby monitors, Internet cameras, DVR, lighting switches, security and alarm systems, wearables, fitness trackers, smart home appliances, HVAC systems— the more convenient it is to control your life. It is data driven with embedded sensors that gather information which can be accessed from the Internet. There is a tradeoff with security however. It is also the easiest way for hackers to gain entry to your home system so that is becoming an issue. The fact that you can access your devices from anywhere means it also allows others to access your devices from anywhere. As IoT devices develop with more advanced capabilities and features, hackers are going to look into exploiting their vulnerabilities. The need for securing your access to these devices becomes more necessary due to the threats the “InsecureNet-of-Things” imposes.
The Internet has no built in security or privacy for that matter. It has no built-in encryption to safeguard the data being transmitted. It is an open network that provides the pipeline to connect millions of users via their computers. Now it’s also connecting other devices that can be critical to daily life. Certain medical devices use IoT to interconnect patients with medical professionals. Without any guaranteed secure connection, if a hacker or bad actor were to gain access to let’s say a patient’s syringe injector there could be malicious intent.
For home consumers here are ways to address security of your IoT devices:
-Do not use a blank password, the devices default password or common password to access your IoT device. -Use a strong and reasonably not easily guessable password. Password protection is the most basic form of security.
-Change the default username of the device’s management console.
-Use the latest software provided by the vendor. Updating the software makes sure it is compliant to the product.
-Make sure you update the latest firmware from the product’s vendor since these often patch vulnerabilities and plugs security holes.
-If you access your device via a web interface over the Internet your URL connection uses HTTPS for end to end encryption. If not, then ask the vendor technical support how to secure the connection. If accessing locally, HTTP should be fine, so long as it is not shared over the Internet and only your computer can access it using a non-routable IP address.
-There are third party IoT Security Devices that can be used to protect your IoT devices at home. Do your research before buying one.
-When accessing your IoT device from public WiFi use a VPN connection since most public WiFi are not secure. Use WPA2 for WiFi security when connecting your IoT devices at home.
If your IoT device comes with other security features, enable them to provide more layers.
-Ask for professional help if you do not understand how to implement security for your IoT device.
There are so many ways IoT devices are implemented, we can go on and on with further discussions. The convenience IoT provides us to connecting our devices is a benefit, just don’t ignore the threat to your security, privacy and safety.