The new front line in the cyber-security wars is the Internet of Things (IoT).
Our devices, appliances and toys are merging into one enormous cyber-thing. And they’re all talking behind our backs. Our televisions are chatting up our laptops. Our Wifi routers are schmoozing with our tablets. Our cars are becoming smartphones on wheels.
Welcome to the Internet of Things.
“The emerging world of IoT has the potential to be a transformational technology. To reap its many benefits, the world of IoT must be safe, secure and trusted,” says Michael Kaiser, director of the National Cyber Security Alliance. “Individuals and businesses that adopt IoT should be sure they know how to keep the devices secure, understand what data is being collected and where its being stored, and how to take advantage of any available user controls for the device.”
That’s a mouthful, but the takeaway is simple: the IoT is ushering in a brave new universe of opportunity – and risk.
Cyber-Security on the Front Burner
October was National Cyber-Security Awareness month, sponsored by the US Department of Homeland Security (DHS) and the National Cyber Security Alliance (NCSA). A point of emphasis was to draw attention to the IoT.
Consider these facts:
- The IoT is predicted to grow from two billion objects in 2006 to 200 billion by 2020. That’s an average of 26 smart objects for every person on earth.
- 21 percent of Americans are already using a mobile device to access some other device at home.
- Nearly half of all small businesses have been victims of cyberattacks.
- More than 70 percent of security breaches target small businesses – and law firms are a prime target.
- More than 90 percent of employees say they connect their laptop or mobile device to an unsecured Wifi network, putting data at risk.
- Six in 10 employees use company-issued mobile devices to work from home, on the road or for personal activities.
Stop, Think, Connect
Building a culture of cybersecurity at your firm is your best line of defense. This starts by identifying your most valuable assets, putting safety measures in place to protect them, and training staff to quickly spot trouble and respond accordingly.
Stop before you purchase a new device to determine if it is safe. Think about what to do if a problem arises. Connect only after you feel confident of security.
Here are some other tips:
- Keep your machines clean. Make sure all IoT devices – especially mobile phones and apps – are up to date. Install software upgrades. Use anti-virus scans.
- Watch your Wifi router. Both at work and at home. Routers are the main way IoT devices connect to the Internet. Use strong passwords. Name the device in a way that won’t tell people it’s your house.
- Maintain a record of all Internet connected devices. Update as your inventory changes.
- Own your online presence. Know what information is being collected by your IoT devices. How is that data managed? Who sees it?
- Understand how the cloud operates. Many IoT devices send your information to the cloud for storage. Know what data is going there. Investigate the security measures that are protecting it.
- Do your homework. Before buying or using a new smart device, do some research. Is it safe and reliable? What are the experiences of other users? How does it rate from a security and privacy perspective? Read more security tips here.
Everyone in your office should work as a team to prevent problems. Even in this new hyper-connected world, people are more important than things.
- I-Connect007 http://www.iconnect007.com/index.php/article/93405/iot-growth-puts-spotlight-on-cybersecurity/93408/?skin=ein
- Stay Safe Online https://www.staysafeonline.org/about-us/news/as-the-internet-of-things-grows-exponentially-national-cyber-security-awareness-month-focuses-on-securing-our-connected-devices-and-networks
Jay Reeves a/k/a The Risk Man practiced law in North Carolina and South Carolina. He is a former Legal Editor at Lawyers Weekly and Risk Manager at Lawyers Mutual.