According to a 2018 prediction made by Juniper Research, “the total number of connected IoT (internet of things) sensors and devices is set to exceed 50 billion by 2022.” I suspect that number could substantially grow now that technology is the way by which we work, shop, see the doctor and socialise.
Increased utilisation of connected devices across every aspect of our personal and professional lives leaves us, the companies for which we work, the customers we serve, the services we use and even our families, vulnerable to bad actors. Every device connected to a network — whether a smartphone, printer, TV, toaster or coffee maker — is a potential point of data vulnerability, as they all serve as sources of intelligence about us as individuals or family/organisational units. That’s why we must take measured steps to secure devices we power on to protect sensitive data captured, stored or shared by those who use our devices and networks.
Here are six steps applicable to most devices:
1. Encrypt all connections. It’s common to apply password and encryption technology to wirelessly connected devices, but your wired/Ethernet-connected devices may also need encrypted or authenticated connections depending on the type of information they handle.
2. Rotate credentials. Treat devices as you would any person logging into your network. Use a credential and authentication system to ensure the devices on the network are authorised to be there. Rotate passwords, keys and credentials for all devices, including printers. Centralised device management can make this process easy.
3. Protect access. Many devices sit out in open areas, with access to their settings open for all to use. Activating a simple, front-panel password system is one way to deter misuse.
4. Monitor communication methods. Consider using a remote device management system for administrator access to company-owned devices versus the traditional, riskier web page, File Transfer Protocol (FTP), Simple Network Management Protocol (SNMP) or Simple Mail Transfer Protocol (SMTP) services.
5. (Quietly) perform regular updates via remote management systems. Regular updates are a hallmark of a well-maintained system, but not everyone needs to know the update/scope schedule.
6. Keep track of your devices. Always ensure you can see which devices are active on your network. You should be alerted when devices miss “check-in” times and have the means to automatically withdraw device credentials until the status is determined.
Sometimes, improving security is as simple as a setting change.
Secure your smartphone- go into the settings and turn on the factory-installed virus scan, multi-factor authentication and password protection features. You might even tighten accessibility and data-sharing permissions for individual apps.
Secure your printer- Fixed thermal printers, used in hospitals, stores, warehouses, manufacturing plants and even home offices, can be points of vulnerability, as can any other printer connected to a network. In most cases, you can secure printer connections, block unwanted access and ensure data and infrastructure are protected by properly configuring the setting options built into its operating system.
Secure mobile computing devices- handhelds, tablets, two-in-one devices, scanners or wearables, the first thing you should do is take advantage of the manufacturers’ security offerings. For personal devices, these will be factory-installed device features under the security settings menu. For enterprise-grade devices, the security tool set may be a combination of “factory” features and security software add-ons.