Maintaining privacy and security in the age of IoT tech

March 14, 20174 Minute Read

Select article text below to share directly to Twitter!

Dismiss

There’s no shortage of praise for the IoT—the technology revolution that’s made living and working like one of The Jetsons an imminent reality. But where technophiles see fun, futuristic gadgets, and exciting new workplace potential in IoT tech, IT security experts see dangerous vulnerabilities.

Recent research findings aren’t exactly assuaging those security fears. So, what exactly is IT up against, and how can organizations avoid falling prey to IoT’s troubling liabilities? Let’s take a look.

Hacking IoT

A few months ago, a group of researchers from the Weizmann Institute of Science in Israel and Dalhousie University in Canada proved just how easy it would be for one nefarious individual to cause a citywide blackout by infecting a single Hue lightbulb with a worm.

In their paper, IoT Goes Nuclear: Creating a ZigBee Chain Reaction, the researchers explain how this worm spreads from one bulb to another through ZigBee wireless connectivity—the protocol through which Hue bulbs communicate—in a practically instantaneous chain reaction. The experiment proves a hacker could cause a mass blackout or control surges in power consumption by forcing lights to blink on and off in unison, using a surprisingly uncomplicated method.

And if that’s not unsettling enough, another duo of researchers recently found WeMo devices—Belkin’s line of home automation products—can be used to hack into Android devices. By simply rooting a WeMo device and injecting code into the WeMo Android app from that WeMo device, the researchers proved hackers could access and siphon data without the Android owner ever knowing.

The process is eerily simplistic. Because the WeMo Android app constantly scans for WeMo devices, all it needs to do is connect to the same Wi-Fi as a malicious device, and a hacker can then insert code into the phone, allowing them to stealthily track the device and steal photos or other sensitive data.

Bringing IoT into your office environment

While the ease with which hackers can manipulate this new, innovative technology is unsettling, succumbing to tech fear isn’t an option—at least not if you want your business to survive into the next decade. And waiting to roll out new technology can prove equally damaging, as it gives your competitors a significant edge. Instead, by taking measures to educate your team and equip workers with the knowledge they need to protect themselves and your organization’s assets, you can reduce risks.

Here are a few tips for rolling out IoT tech:

  1. Introduce IoT in controlled, manageable bursts. Opening the IoT floodgates to an unprepared workforce is akin to releasing a hungry lion into a pen of sleepy zebras. Instead, roll out each new technology in a controlled setting of small groups, and offer plenty of education and support along the way.
  2. Communicate the importance of software updates. Belkin is aware of the WeMo app’s vulnerabilities and is taking measures to protect users with each new update. Ensure your workforce understands the significance of keeping all applications fully updated and the dangers of putting it off.
  3. Hold regular mandatory security training. Over time, employees can become complacent. As people grow more comfortable in their daily usage of equipment and software, they also tend to become careless. Regular training sessions will educate new employees and act as a reminder for existing employees.
  4. Create separate networks. Set up different password-protected networks with varying levels of access to sensitive data. Offer a guest network to provide visitors with Wi-Fi access without the ability to tap into networked devices or secure files.
  5. Develop a BYOD policy. Each new device entering your building and connecting to your Wi-Fi represents another access point. Ensure employees hold personal devices to the same standard as company equipment by staying on top of updates and adhering to the best security practices. If necessary, restrict personal devices to guest Wi-Fi.

While there’s no 100 percent effective solution for warding off hackers and protecting your data, taking these precautions can minimize your risk. Like any innovative technology, IoT’s benefits can far outweigh its drawbacks. Preparing for potential challenges will help you and your organization make the most of the increased productivity, convenience, and seamless mobility this new tech wave already offers today’s tech pioneers.

  • Recommended for you
  • Recommended for You