Security: FEATURE ARTICLE

Gone Phishing: How Remote Work Setups Are Facing IoT Security Challenges Head On

Working remotely is nothing new within the corporate landscape. However, due to the pandemic, many organizations have been forced to abruptly transition into remote work setups to keep their employees safe, follow health protocols, and cope with overhead expenses. 

Although employees as well as  organizations enjoy plenty of benefits when it comes to remote work setups, these situations also have their drawbacks, namely, Internet of Things (IoT) security challenges.

Feeling Insecure: Remote Work Introduces Challenges

Remote work has made IoT security a challenge in a number of ways:

  • Lack of Understanding About IoT Functionality Among Employees

Employers should remember that not all remote workers understand IoT functionality. Unfortunately, this makes employees vulnerable to cyberattacks and hackers who use social engineering methods to trick them. This is why it’s imperative to educate employees about IoT functionalities in a remote work setup. 

  • IoT Devices are Susceptible to Loss and Theft

Just like with other devices, IoT devices can be misplaced or stolen. When this happens, the devices, if they fall into the hands of the wrong people, could be gateways to data breaches.  Even worse are the cybercriminals who steal IoT devices specifically to access a company’s sensitive data. This not only threatens data but also the security of the employees. 

  • IoT Devices Lack Basic Security Controls

New IoT devices are being created on a daily basis. However, not all of them are guaranteed to be secure.  This is because installing security safeguards in IoT devices increases vendors’ production costs and adversely affects marketing efforts.

Clearly, installing security frameworks on IoT devices is not standardized. Because of this, IoT devices are often made with limited user interfaces that allow them to function unsupervised for extended periods.

  • IoT Devices Are Always Listening

It’s common for many IoT devices such as smart assistants and smart TVs to come equipped with voice control features. These can be convenient, but also risky if cybercriminals are able to hack into a user’s network. These cybercriminals can listen to conversations via a user’s microphone and, as a result, can spy on organizations and capture their sensitive information.

Making Remote Work Setups Secure

The best way to strengthen IoT security for your remote workers is to implement a robust telework policy. The policy should outline how data should be handled. Some of the things that you could highlight in your telework policies include: 

  • Super Strong Passwords

One of the most basic ways to secure IoT devices is by requiring that all devices within an organization implement super strong passwords. The strongest passwords use a mix of different characters as well as uppercase and lowercase letters. Symbols and numbers should also be included for a more robust password.

Using super strong passwords on devices helps keep them secure even if they’re lost or stolen. Super strong passwords also significantly limit the number of people who can access a device’s sensitive information.

  • Encryption

Encryption provides an extra layer of protection for an organization’s files. Surprisingly, though, encryption is not widely used and, even when it is, it’s typically weak and does little to protect a company’s files.

Specifically, when using encryption for files, users should  ensure that they’re using the highest level, which is WPA2 (WPA3 is on the way, so be on the lookout). If an organization’s router only supports WEP and WPA protocols, then it’s high time to consider upgrading in order to secure IoT devices. 

  • Disabled Unused Features

As mentioned above, certain IoT devices are always listening. This is why it’s best to disable unused features. For example, it’s best to turn off the voice control features on devices when they’re not in use. 

  • Separate Wi-Fi Network for IoT Devices

The attractive thing about newer routers is that they offer users the option to set up a secondary network. Users would be wise to take advantage of this feature, which creates a separate network for IoT devices in order to secure them against cyberthreats. This means that hackers, even if they’re able to penetrate a network, will be unable to access IoT devices, since they’re on a separate network.

Are Remote Work Setups Doomed? Not Even Remotely

Remote work setups will never be as secure as office-based ones. However, the good news is that there are plenty of solutions to mitigate the risks associated with these remote setups. The best one is to have robust organizational telework policies that detail how data should be handled. In addition to establishing policies, organizations should ensure that employees are properly trained so they understand the implications. Finally, organizations should ensure that they incorporate separate Wi-Fi networks for all devices as well as use encryption to protect their data.


IoT Innovator Newsletter

Get the latest updates and industry news in your inbox! Enter your email address and name below to be the first to know.

Name