EZ MSP Blog
Do Inherent Security Risks Make Smart Devices Dumb?
Over the past few years, there has been a general fascination with smart devices in the home, and to a certain extent, the office. These Internet of Things-powered appliances and gadgets can help add to the convenience of rote tasks and other everyday activities, but is it actually a good idea to use them? As it turns out, unless you’ve taken the proper precautions, maybe not.
Let’s discuss how these devices can be manipulated to the detriment of the user. First, let’s start where the majority of these devices are now found: in the home.
Is a Smart Home a Dumb Idea?
The entire concept of a smart home is based on a singular premise: to simplify life for the homeowner by automating many of the things that they would ordinarily worry about. Running late to work in the morning? Your smart coffee maker has already prepared your cup of joe, and you can run out the front door without having to worry about turning off any lights or even locking up behind you, as both can be scheduled to happen automatically, or be triggered with a brief command to a smart speaker.
This all seems pretty useful, and that’s just a very small example of the devices that now come in smart options.
However, no amount of utility can outweigh the pretty serious security risks that these devices are notoriously prone to. Think about the havoc that a cybercriminal could raise if they got access to the devices that we’ve discussed in this blog. Even if they were only motivated to torment you, it would be simple enough to do -- commanding your coffee maker to continuously brew more java, waking you in the middle of the night by lighting up your home, or locking you out of the house when you only meant to step outside for a moment.
Those with more malicious intent could use your devices in other ways - spying on you, learning the layout of your home, and as a means to many other nefarious ends.
Problems in the Workplace
Of course, these problems aren’t content with being left at home. You and your employees may unwittingly bring them (and their associated threats) into the workplace. This actually makes sense, when you consider how many devices today are now created to be “smart.”
You may have decided that the break room should have a smart refrigerator or a smart coffee maker, or that smart lights make sense in your workspace. You and your employees probably have some smart devices up your sleeves (literally, if you wear a smartwatch), as many of them do offer a legitimately useful utility. However, just as they can in the home, these devices can foster threats in the workplace--perhaps even introducing them, as they move in and out of the office environment and potentially pick up malware.
The IoT, or the Tiger?
The 1882 short story “The Lady, or the Tiger?” describes the kind of paradox that the IoT can create for businesses and personal users alike. In the story, the king of some land puts people through a public trial of ordeal based on chance. An accused man is put into an arena and is given the choice of two soundproof doors. One hides a woman chosen by the king to be the accused’s new wife, while the other contains a hungry tiger.
The door with the woman means innocence and immediate marriage, and the door with the tiger… I’ll let you come to your own conclusion.
As it happens, the king’s daughter is in love with a man of lower social status, so (as you would expect in a story like this) the king puts him to this trial. The princess then learns where the tiger is, and that the woman behind the door will be who she sees to be a rival for her beloved’s affections. At the trial, the man looks to her for help, she indicates a door, and… the story ends.
The paradox the princess faces mirrors that of the IoT: two options, neither with a great outcome. In the princess’ case, she can choose to send her lover to his death, or into the arms of her romantic rival. As far as the IoT goes, many people see a similar choice: you can use it and potentially fall victim to considerable issues, or you can sacrifice the benefits it can bring by refusing to use it.
Fortunately, there are ways that you can make use of the IoT in relative safety. All you have to do is properly maintain the technology you’re using.
Here are a few ways to do that:
- Account for all of your connected devices and their details. Keep track of the settings that you have your IoT devices configured with, as well as the credentials you need to access them, any recent patches that have been applied, and all of the firmware versions of them. This will help you to keep track of what needs to be done to maintain the security of your solutions.
- Apply patches. Speaking of keeping track of patches, make sure you apply them in a timely manner, as this will help to reduce the vulnerabilities that your devices have.
- Change the default settings and passwords of your devices. It is only too easy for the factory credentials for many devices to be found online, and they aren’t always configured to be as secure as they can be. Make sure you take the time to update your devices to help keep them safe.
While the IoT has gotten a bad reputation for being insecure, there are ways that you can help minimize the threats it can pose - making these devices once again useful. For assistance in implementing these fixes, reach out to EZ MSP today by calling (914) 595-2250.