IoT Cybersecurity Tips for Stay-At-Home Workers
By Ben Dracup
It seems increasingly likely that remote working is set to stay in the wake of Covid-19, with leading brands such as Twitter having announced that its employees will be allowed to work from home indefinitely. This trend is likely to prevail throughout the labor market too, with a report from Gartner finding that up to 41% of employees are likely to work remotely for at least a limited period post-COVID-19.
This number has increased from 30% prior to the pandemic, and there’s no doubt that lockdown has forced brands to consider how their employees work best. Interestingly, this trend is also impacting on a growing range of markets, with technologies such as the Internet of Things (IoT) empowering individuals to work remotely in fields such as manufacturing and healthcare. In this post, we’ll discuss some of the top IoT cybersecurity tips for stay at home workers.
1. Turn on Security Features and Use Appropriately
In the manufacturing space, IoT is enabling on-site teams to now perform some tasks from distributed locations. This typically involves the use of secure remote sensors, which monitor key on-site metrics and ensure that plants are able to operate safely and efficiently. However, it’s interesting to note that many such IoT devices have security features that may be disabled or switched off, usually because this empowers ease of use from the perspective of workers. If you consider this alongside default security credentials that are never updated, creates a huge cybersecurity risk that puts sensitive and critical data at risk.
With this in mind, we’d recommend that you enable as many security features as possible when working from home, while also regularly updating your passwords and optimising the protections for individual devices.
2. Use Multi-Factor Authentication Where Possible
When working from home, you’ll have the opportunity to configure individual IoT devices on your home network. This enables you to deploy two or multi-factor authentication in some instances, which creates an additional layer of security by sourcing multiple user credentials from different devices (such as your smartphone). Typically, multi-factor authentication will focus on a combination of numerical codes, passwords, and biometrics, and this can be particularly useful when accessing company laptops, (which are often provided by employers to allow for flexible working and seamless remote maintenance).
Even on a fundamental level, the ability to leverage multiple security controls as opposed to one can create more secure and robust login processes, while also safeguarding the huge swathes of data that are often collated and shared by IoT devices.
3. Read the Relevant Instructions
This may sound like an obvious observation, but it’s important to note that IoT devices are diverse and can feature a wide range of potential risk and vulnerabilities. With this in mind, you need to take the time to read the relevant instructions when setting up and configuring a new IoT device from home, in order that you can take the relevant steps to optimise security. One of the key considerations is the specific purpose of the devices, and whether or not it includes features such as a microphone or webcam. Some may also come with default usernames and passwords, which will need to be changed the very first time that you power the device on. In the case of a webcam, you may need to determine whether this is a necessary feature, depending on your location and the nature of the work that you undertake. If you do find that it’s something of an unnecessary luxury, we’d recommend disabling it through the device settings.
4. Shut Down Devices Before You Head Offline
We recognize that some IoT devices (particularly those charged with monitoring on-site processes and tools) may need to be switched on almost constantly. However, there are others that may have sustained periods when they’re not in use, and in this case, you’ll need to ensure that they’re shut down and switched off while idle. This is important, as leaving devices switched on accessible when they’re not in use make them inherently vulnerable to hacking, abuse or cyber-theft. You may decide that it’s enough to put a specific IoT device in standby mode, but this only serves to reduce risks rather than curtailing them completely. This is particularly true if the device in question has a security camera, so it’s far better to be safe than sorry and on the side of caution by enacting a complete shutdown wherever possible.
This is arguably more important for remote healthcare workers who often access and share electronic patient records, as every step must be taken to secure this type of data.