There’s no doubt Australians love their internet of things (IoT) devices. From the fitness watches on our wrists to the smartphone apps that turn on the lights before we get home, more and more of our everyday lives are being revolutionised by connected devices. These devices generate big data, and with big data comes big responsibility. As employees increasingly work from home or while they’re on the go, plugging in our devices both at work and at home, we must make sure that we take greater care in keeping data secure.
Small businesses are rarely blessed with a cybersecurity expert on hand, so what can they do with all the connected devices we keep buying, selling and plugging in? Make sure the office smart speaker isn’t your weakest link with these five commandments for keeping your devices, and your data, safe and secure.
Timing matters: The security of a device heavily depends on firmware updates. Some manufacturers proactively look for and patch bugs, regularly sharing updates to ensure you’re protected against the most current threats. Others however are just looking for the initial sale and aren’t interested in what happens to you or your data. It’s tempting to buy a cheaper device, but first read the manufacturer’s notes and check out if they update their firmware. Otherwise, you could be putting your business data at serious risk.
Select auto: Most devices will enable you to turn on auto updates – so do it! Auto updates hand back the responsibility to the device maker and free up your time to focus on other parts of your business. Rather than having to check for regular updates, you’ll be covered immediately as one becomes available. It’s as easy as that.
Remote control? No thanks: If your IoT device features a remote administration tool (RAT), you need to be aware of the risks. RAT is a feature that allows users to have access, even if they’re not physically near the device. This can be problematic. RAT is a target for hackers trying to get into your business, so be sure to disable remote administration when you’re setting up the device. If you’re deploying devices in distant locations or difficult to access sites and need remote capability, consider getting a security specialist to set it up safely.
Keep them guessing: You’ve no doubt heard that you should never keep a default login or password. It sounds like obvious advice, but so many of us continue to make this mistake and it can have dire consequences for small businesses. Change your passwords regularly and make them difficult. It may be a hassle to do but it’s certainly not as painful as losing your data.
Welcome guests: Guest networks, that is. Set up your Wi-Fi with a protected network you use for the most important parts of business – let’s say your work computer – and a guest network you use for everything else. This mitigates risk both in the office and at home, and it’s not as complicated as it sounds. If you have an IoT device that doesn’t need to communicate with any other devices, such as your smart TV or printer, put it on the guest network and isolate devices from one another. This is a great way to minimise the risk of hackers using your IoT devices as a gateway into your wider business devices.
Next time you get a fancy new IoT device, don’t rush to unbox it and plug it in. Take a few minutes and review these tips – they could save your data.
James Bergl, Regional Director – ANZ, Datto
