Setting the Scene
The Internet of Things has become a popular buzzword, but what is it? Basically, it is the multitude of devices that have the capability of being connected to the Internet. While a listing of IoT devices quickly becomes lengthy, here are just a few examples that you may encounter on a daily basis:
- Smart Appliances
- Smart Speakers
- Wearable Health Monitors
- Home Security
- Navigation Systems
- Smart Switches or Lightbulbs
These intelligent devices provide us with convenience, comfort, entertainment, and a wealth of knowledge among other things every day.
The bulk of these products are built for the consumer market where price oftentimes is one of the main deciding factors in purchases. This leads the manufacturers to make decisions that are usually not favorable when it comes to security. In turn, we end up with billions of devices having Internet access that are generally easier targets for hackers to gain footholds into a network.
Ocean’s Fourteen: A Fishy Tale
It's like something out of a movie, in 2018, the security firm Darktrace released a statement describing how hackers had compromised a North American casino and were able to exfiltrate the database of high rollers. Their entrance point into the casino’s network? The smart thermometer in one of the fish tanks!
“Whatcha Gonna Do…?”
- Change Default Passwords – Some devices will come with passwords and some will not. You may bring home a wireless router from the store, plug it in, and amazingly it just works. That device most certainly comes with a default username and password that absolutely should be changed, even if it is not required to get it working. Hackers, like most people, take the path of least resistance and may be deterred from a device that they cannot effortlessly log into when there are so many other devices that are more easily accessible.
- Apply Updates – If a device is capable of doing updates, then do them! Updates often contain security fixes in an effort to stay ahead of new security threats.
- Use Smarter Equipment – Some firewalls will allow you to isolate such devices from the rest of your network or have intelligence built-in to watch for traffic that may be coming from them that is suspicious. These features may or may not be available in the equipment that you have today, but they are becoming more commonplace and affordable. In a healthcare practice, these features should be considered the de facto standard and IoT devices should be segmented from the rest of the computing network.
That’s a Wrap
Today, there are already more IoT devices than there are humans in this world. Innovation will continue to bridge gaps between the digital world and the physical world around us with even more IoT device applications. While it is exciting to think about these future enrichments to life as we know it, we also need to be cognizant of and prepared for the associated risks. Stay vigilant and put effort into staying ahead of security threats, especially when they could be an easy entry point directly into your network.
- Garrett Thompson, Security Architect, Manager of Hosting & Managed Services at Itentive Healthcare Solutions