The Internet of Things (IoT) refers to the multitude of internet-capable gadgets and gizmos that have become part of everyday life for many of us. These devices can make life a little more convenient. From a distance with our smartphones we can start the coffee maker, lock the doors, set the room temperature, turn the lights off, check on the dog, all with the push of a button (or even a voice command). The possibilities are endless and amazing, but with all that convenience comes many security concerns.
IoT can put people’s privacy at risk. Hackers have been known to obtained access IoT cameras, for example. IoT devices can also serve as a path into the home network to access personal files with a wealth of data. Security for these devices is typically poor. Implementing stronger security controls increases costs and slows down production. Manufacturers are trying to be the first to market the latest product, meaning security becomes an afterthought.
Understand that if you are trying to bring an IoT device into the Fordham network–whether in the office, classroom, or dorms–you must abide by Fordham policies. Unsupported devices may be unable to connect to the Fordham network. Check the following policies. If you have any questions or concerns, contact ITCC before making the purchase.
Beyond the Fordham IoT policy guidelines, you may want to consider the following:
- Research the product.
- Don’t buy insecure products. Research the product for known vulnerabilities and security issues. There’s a good chance that the cheapest item is the most insecure, so make sure your decision isn’t based just on price.
- Configure and keep the IoT device updated.
- Change any default usernames and passwords.
- Make sure to follow the manufacturer recommendations when configuring settings. Check the privacy settings and ensure you are comfortable with the information shared and the parties who will receive that information.
- Update all firmware and software regularly
- If you receive updates for a device via email or text, do not click any links. Go to the manufacturer’s website and download the update directly from their website.
- Keep a good inventory.
- Write down all your MAC and IP addresses for all your connect devices. You want to make sure you can recognize any unknown devices on your network. (Make sure this inventory document is password protected and secured).
- Secure your WiFi router.
- Make sure that your WiFi has a unique username and strong password. The router should be regularly updated and the firewall should be enabled.
- Separate Networks
- It’s a good idea to place you IoT devices on a guest network. This will separate your home network with all of your personal information. If one of these devices becomes compromised the intruders will have limited access because they will be navigating an isolated network.
Sources: