IoT devices
IoT devices
IoT is the acronym for the well-known “Internet of Things”.
It refers to the possibility of connecting devices to wireless networks (e.g. Internet or Bluetooth), so that they can store, receive and send personal information for various purposes, although in general terms they are intended to improve the quality of life and the safety of people and things, but their use is also a benefit in the business environment.
In the private sector, we are talking about connecting home devices such as smart TVs, thermostats, game consoles, other household appliances, as well as personal devices such as smart watches or bracelets and other lesser-known devices such as medical implants or clothing.
As far as companies are concerned, vehicles, machinery or video surveillance cameras are connected.
As we can see, the IoT is more common in our lives than we think and this is going to more, because according to sources consulted by Business Adapter®, we would go from 8.74 billion IoT devices worldwide in 2020, to more than 25.4 billion IoT devices in 2030.
IoT Risks
The first thing we identify about IoT devices is the benefit they bring to our lives or business, but for their use to be truly rewarding and effective, we must know what contraindications they have and what actions we must take to address them.
The common feature of IoT devices is their connectivity to the Internet, which means that these devices are the target of cyber-attacks since they are used as an entry point to the corporate network of the user (individual or company) or to use their resources for the benefit of the cyber-criminal (e.g., cryptocurrency mining).
If the cybercriminal manages to gain access to the network and appropriate confidential information, he could use it to commit cybercrime. In addition, the loss of confidentiality of personal data of customers or employees in databases, computer applications, etc., which are the responsibility of the victim, could be a further risk.
IoT Security Policy
The use of IoT devices in the company must be contemplated in the company’s data protection security policies (which are also mandatory) so that the security measures to be applied are contemplated.
Given the characteristics of IoT devices, the security measures to be implemented are also particular. For example:
- If we install a mobile APP, it must be downloaded directly from the manufacturer and with authorization from the company.
- Update the software to the latest versions to include the latest security patches.
- Physical security of the IoT device, to prevent theft, unauthorized access, modification or deletion of information.
- User identification standards, using strong usernames and passwords and whenever possible using a second authentication factor.
- Connect to secure channels using cryptographic certificates or VPN connections.
- Install firewall devices to filter connections to and from the device.
- If IoT devices are not used, it is best to disable their access to the Internet.
- Delete all data on the IoT device once it is replaced.
- Cybersecurity training for employees
Need help?
Business Adapter® can help you implement what is necessary to comply with the LOPD and the RGPD, in addition to implementing those security measures that your organization needs.
[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Please contact us, we will be pleased to help you.[/su_button]