Posted by nbsweb Last updated 4th May 2020 reading time
Have you ever read Twitter in the kitchen? Well, you probably have—most likely on your smartphone. Today, however, our electronic devices are becoming increasingly interconnected as we discover more and more ways to be dependent upon the internet to help meet even our most basic needs. The refrigerator of tomorrow could well have a screen built into the door that provides news, weather and other informational updates. Quite an upgrade for a space of your kitchen that was once so uninteresting that people would stick magnets there.
By the way, by ‘the refrigerator of tomorrow’ can be taken as in, literally tomorrow. They’re already here. The same goes for home security systems, coffee machines, digital assistants such as Amazon’s Alexa, dog houses, and so on. Many things are internet-enabled. If there’s a plausible use case to connect an appliance to the internet, someone has probably already devised it. And while some of the more obscure implementations of the technology may seem obnoxiously luxuriant by design (the wifi-enabled refrigerator egg tray, for example), the fact remains that these devices are here to stay one way or another. And overall, that’s a good thing.
So What Does This Have To Do With Anything?
Even after the economy is back up and running again, people will still be working from home, and almost certainly in greater numbers than before. Now that businesses have figured out how they can continue to function without having the entire staff in the office, the percentage of workers who elect to work from home at least part of the time will certainly continue to grow.
Overall, this is a good thing too. Reducing commuting times, helping eliminating congestion and pollution, and making it easier to flex-time child and pet care are all great benefits for employees that companies don’t really have to pay for. As long as technology continues to help bridge the productivity gap between face time at the office and FaceTime chat, both companies and employees will continue to benefit from reduced costs and greater personal benefit.
However, with these benefits come a few tradeoffs. For one, in the office your cat isn’t likely to walk across your desk and step on your keyboard. But more importantly, your network has a greater chance to become compromised by hackers. One guilty party could very well be your favorite egg tray.
Wait A Minute. What Do IoT devices Have To Do With That?
Let’s face it. You’ve coordinated with your IT provider to put your network behind the best and most modern security money can buy. Your team reviews the security logs regularly, screens for alerts and takes action when action is needed. Your service plans are up to date and paid in advance. Your network is rock solid.
But just because you’ve secured your network in the office doesn’t mean that there aren’t additional attack vectors available for a very enterprising hacker. With the proliferation of work-from-home arrangements, you’ve now broadened your network (in a sense) to include the home networks of your employees and your service providers. And let’s face it—most people don’t take home network security as seriously as you take security for your business.
But to return to the question, IoT devices present an interesting problem. First off, whenever a device can connect to a wifi network to send and receive traffic, that means that someone else can connect to it too, if they can find it.
How easy can that be? Well, it’s possible. By their casual nature and the need for these devices to be simple for ordinary users to set up, they sometimes don’t go to great lengths to conceal themselves by encrypting their traffic. Inexpensive IoT devices may not implement basic security procedures in their setup—for instance, forcing users to change the default admin password. Cheap IoT implementations often don’t have robust security measures built into their code. And so on.
But why would a hacker want to know how many eggs you have in your refrigerator? Unfortunately, the potential implications are more sinister than that. Once a hacker has any access at all to a compromised device on your network, a whole new world of options open up for malicious behavior. It’s like having a gate pass to a concert—you can’t get into the VIP section if you’re stuck in the parking lot, but if you’re inside the gates you at least have a chance.
It seems silly to think that a baby monitor could be at fault for a system-breaking hack. But a casino in the United States found out the hard way just how much water can pour through a little crack in the wall. An internet-enabled thermometer in a fishtank in the lobby ended up granting hackers the opportunity to break through the casino’s network security and steal personal data and information about their wealthiest and most ‘generous’ clientele.
Such things are possible on your network as well. So what is there to do?
Here’s The Good News
It’s true that these kind of hacks are possible and made much easier by the bevy of IoT devices which are finding their way into consumer devices. Fortunately, there are a few good points to consider.
First, you can bolster your company’s security by maintaining good IT practices on the devices and equipment you have control over. You’ll be hard-pressed to demand your employees disconnect their faithful Alexa at home, but you’ll be able to secure your company laptops with the best antivirus and firewall software available. You’ll want to remind your employees to make sure to update their laptops with the latest upgrades and security fixes for Windows, available every month or more.
Second, you can at least rest easy that your employees working from home benefit from being relatively anonymous compared to a public-facing business. It’s less likely they’ll be individually targeted than your business would be—after all, most people would rather remain off the radar to strangers while most businesses vie for top Google ranks. So it’s less likely on the whole that they would be individually targeted by a hacker, and much more likely that such a hacker wouldn’t be very interested in your business in any event.
Still, IoT devices remain a challenge for companies implementing a work-from-home regimen. They’re cheap, widely available, and popular, and they just can’t be stamped out. However, you can mitigate the risk of your employees using such devices by ensuring you’re doing everything possible to lock down your network and each device that leaves the office. You wouldn’t want your client data stolen because you needed to remotely monitor the temperature of the fishtank in the lobby, after all.