IoT and Cyber Security, The Steps You Need To Take
By on 18th Nov 2019
Everyone’s talking about cyber security again lately, it seems to be the dominant topic for most companies, and nearly every week you hear about a major security breach. These breaches don’t just happen to small, ill-equipped companies either, the tech giants like Facebook and Linked In even fall victim.
A cyber security attack can impact a business in many ways, and one of the most prominent of those is through a data leak. With GDPR still being a relatively new law in the grand scheme of things, businesses have become incredibly aware of the impact a leak of their customer’s data can have.
GDPR gives consumers stronger legal powers over their data and demands that companies handle it in the most secure way. It also requires companies to make an announcement should there be a successful cyber attack on their business, resulting in huge amounts of negative PR for those who have experienced breaches. It means it’s imperative to consider cyber security as more and more devices become connected.
There also seems to be an emerging prevalence of DDoS attacks too, this is when multiple malicious systems target one particular service, in order to overwhelm it with too many requests. Recently we saw Netflix go down for a day due to its servers being attacked in this way, and although this seems like a small blip, it’s not just a matter of a day’s revenue; denial of service attacks affect customer trust levels and show how vulnerable a company’s digital services can be.
Since the ‘fourth industrial revolution’ came into conversation, people and businesses have become increasingly aware that a network of connected devices on the ‘Internet of Things’ may offer a whole new opportunity for hackers and other cyber security threats to take advantage. If every piece of hardware in your company is connected to one network, can’t it all be taken down at once? Especially if it all depends on each integral piece to operate?
Luckily the UK has already considered this security concern and has taken steps to fix the problem. By law, manufacturers of IoT enabled devices must now ensure their products are ‘Secure By Design’, this means they will already come with a roster of security measures pre-implemented into the hardware of the device.
This includes things like API keys and encrypted connections that make it harder for unknown devices to connect to the network, but that’s only where things begin.
Your cyber security for high device volume networks should be multi-tiered, but you need to start with the core installation. When you create a network in your business, cyber security should be a top priority to implement from the get-go.
DarkTrace, one of the biggest growth companies in tech at the moment, (and one of our partners!) provides a two fold approach.
Initially, hardware is installed directly into your network, and this is one of the most ingenious responses to evolving cyber crime; DarkTrace uses AI learning to analyse your network activity, which enables it to quickly identify and eliminate threats.
This is paired with cyber security software which deals with any incoming malware, phishing, malicious files and more. With a firewall and a cyber security program running, you’ve covered yourself from the bulk of common threats to your IoT network.
You also need to consider implemented some cyber security protocols into the day to day routines of your staff for an extra level of security. Make sure you and your staff know to keep all software, and especially your cyber security programs, up to date. Every time any item of software requires an update on your system, make sure you prioritise it, these updates often patch security flaws which have been recently discovered.
You’ll also need to give your staff some cyber security training. You could start with our free cyber security resources pack, but if the IoT is imperative to your business, make sure you take some time to do some detailed training with staff in a formal environment. It’s vital that staff are aware of the potential consequences of clicking unidentified links, giving away sensitive data in a phishing attack or not keeping a secure password.
The vast majority of cyber security breaches are caused by human error, so training should be your top priority.
Need a tailored cyber security solution for your business? We can help with every aspect of your IoT network solutions, ask us anything!
Proud to Work With
Investing heavily in new distribution, logistics and staffing initiatives, Sainsbury's approached Ensign to provide wireless LAN infrastructures to hundreds of Sainsbury’s stores across the British Isles.
In order to meet increasing product demand, JLR’s UK parts distribution operation was moved to Liverpool, with plans to operate out of a new 400,000 sq ft site on the Phoenix Industrial Estate at Ellesmere Port.