5 tips on how to protect office IoT

Today’s office is no longer about desk with static PC and  printers, it is more  about bringing your own device (BYOD) and connecting all accessories with connected IT devices. As technology is moving forward so is our office infrastructure and we are adding more and more connected devices that will help us to go through our day-to-day operations. These connected devices are expected to increase from 2.5 billion 2017 to 5.4 billion IoT devices in 2020. Organizations’ key priorities today are to be more efficient, agile, connected and to be able to integrate all their connected devices to allow smooth and seamless operations.

Many organizations still follow the traditional security approach by implementing best of breed technologies when it comes to firewalls, endpoint security on the IT assets  while completely neglecting the fact that their security is still under a lot of pressure should they not take a proper care of their connected devices which operate on supervisory control and data acquisition systems (SCADA) and machine learning that we refer to as artificial intelligence (AI). . Such devices, as physical security devices, lighting, personal electronic gadgets, multi-function printers and many more,are points of attack surface which will increase the cyber threat directed at organizations.

Alpha Data advises its clients on how to establish holistic cyber-security infrastructures since 1981 and we observed that while ignoring multiple warnings, organizations believe that they do need to invest in better security solutions. They simply believe that because “nothing really happened up until now”, nothing needs to be enhanced.  This might be the case so far and your company is lucky that it was not yet targeted by hackers, but once you become the victim of cyber-crime, you will want to turn back the time and improve your defense systems. According to Arbor Networks’ 12th Annual Worldwide Infrastructure Security Report, cyber-security breaches, mainly caused by the distributed denial of services (DDoS) type of attacks, may cost your organization up to USD500 per minute which is AED 1,900 per minute and up to AED 110,500 per hour . Is your organization ready to pay such amounts for something that could be simply prevented?

If you decided that security is of an utmost importance for your organization and you are ready to upgrade your cyber safety levels, start with simple steps you or your company IT administrator can start taking today.

1. Identity
First thing your organization can do to improve your IoT security is to ‘lock all the doors’ and not allow hackers to penetrate your connected devices. All the hardware installed in your office is an entry point for cyber-criminals if not protected well. As soon as an installation of a printer, scanner, camera or any other device is complete and internet connection is established, change default passwords.

2. Authorization
If possible, set up access authorization passwords for all the employees. Different people should have different clearance levels as most of the data breaches today are due to either neglect or an ‘inside job’ which still puts human error on the top of the list of most of the cyber-security breaches.

3. BYOD and encryption
Bring your own device trend is amazing, employees manage to do much more when agile and connected at all times. You, however, need to be sure that your employees understand all the risks that come with the freedom of choosing their work devices.

4. Wi-Fi protocol analysis
Your Wi-Fi connection can carry a potential danger. Let’s assume that you are now protected on all fronts, but your router is still connected to your network, your network is connected to your data storage or cloud and anybody who brings malware on their device can infect the entire system letting cyber-criminals in. Ensure your guest and internal networks are separated.

5. Visibility
Every aspect of your company security is a priority. You can’t compromise on any of the security units and need to ensure that your network security, endpoint security and IoT security measures are well maintained. To do it effectively you may want to consider a unified or integrated security management solution. This will allow you to have a full transparency on your overall security performance and will help you not only reflect attacks but prevent them from happening.

Article written by: Biju Bhaskaran - Presales Manager, Alpha Data.