Why Your Enterprise Must Pay Close Attention to IoT Device Security
To prevent this from happening to you, the first thing you have to do is find all of your Internet-connected devices. This means you need to look at every IP address on your network to see what's connected to it. Fortunately, most network management systems can scan for IP addresses in use and they can alert you when a new one shows up. Once you've found all of the devices actually on your network, it's time to figure out what they are. A good network scanner can give you the device's IP address, its host name, and some sort of identification. This will provide the information you need to compile a list of every device connected to your network. Next, you need to validate the list against what you know is supposed to be on your network. When you do this you'll probably find that nearly all of the devices on your network are things you already know about, such as workstations, printers and perhaps employee mobile devices. The scan may also reveal the existence of some shadow IT devices or rogue devices, such as routers brought to the office from an employee's home. In addition, there will be some devices that may be identified by a name you don't recognize or simply are simply not identified at all.Setting an adequate level of security means implementing user names and passwords that are stronger than stupidly simple defaults. It also means that in some cases you will have to take trouble of assigning user names and passwords, since not all such devices even have them. Worse, some connected devices don't even have the ability to set user names and passwords. Such devices should be booted off the network and replaced with devices that can be password-secured if they are performing some essential function. You may need to be ruthless. That consumer webcam you have for monitoring the parking lot could be a weak spot in your security and if you really need to monitor the lot, then you have to use a device that matches your overall security level. In addition, you will likely need to consign some of your devices to network segments with firewalls that keep them away from your network's critical assets. With everyone from hackers to hobbyists trolling the Internet for IoT devices they can visit, the last thing you need is to put out the welcome mat for them. Unfortunately, if you don't take even those minimal steps, you risk becoming the butt of those IoT jokes making the rounds, and I'm pretty sure you don't want that.
If any of those items turn out to be devices that aren't computers, mobile devices and the like, then you need to investigate them. Each of the things you find on your network needs to have some level of security and you will need to go to each one of them to see what they do, if they are supposed to be there and if they are covered by adequate security.