IoT Security Checklist
Internet-connected devices, collectively known as the Internet of Things or IoT, can provide opportunities for attackers to access your network–and as a result, devices more sensitive than your lightbulbs. This checklist covers three key points you should consider when securing your devices: passwords, buying from trusted manufacturers, and a few more tech-savvy options.
The Checklist
1. Passwords
- Change Default Passwords
Many devices come with default passwords–be sure to change them to prevent easy access. - Use Unique Passwords
When changing said passwords, use something unique for each account–and, because it can be a lot to remember, consider utilizing a password manager such as Bitwarden to track them. - Use Two-Factor Authentication
Two-factor authentication (2FA) and multi-factor authentication (MFA) help secure account access by requiring the user to verify their identity through two (or more!) steps. This might mean receiving a text message, an email, or through the use of an app such as Duo or Authy.
2. Buy From Trusted Manufacturers
Choosing devices from big-name manufacturers means that device not only has stronger backing when it comes to security teams and updates, but also that the security of that device reflects back on that company’s reputation. They’ll be more likely and more able to pursue security issues than smaller–albeit more affordable–companies. Ultimately, it’s well worth the value.
Companies with a reputation for pursuing stronger security options and pushing updates include Apple, Samsung, and Windows, to name a few. In short, if you haven’t heard of the company before, proceed with caution.
3.) Tech-Savvy Options
If you are more tech-savvy, these ideas can help you further secure your devices. Consider using the following:
- Open Source Firewall
These function as replacements for the router in your network and provide additional control over the traffic that is allowed into and out of the network. Popular options include pfSense and OPNsense. - Isolated VLANs
VLANs provide a method of separating devices within a network. A simple approach using VLANs may provision one VLAN for untrusted devices and a second for trusted ones. VLANs can be combined with an open source firewall to provide different levels of access control for different types of devices. - Network Monitoring
Network monitoring tracks activity within a network. This can be accomplished via multiple methods, including firewall log analysis or more advanced packet analysis techniques, such as an intrusion detection system (IDS) like Suricata. - Home Assistant
Home Assistant is open-source (which means you can review the code on their GitHub) and puts local control and your privacy first. It integrates with hundreds of IoT devices, including Alexa, Google Assistant, Hue lights, and many more, allowing you to observe, control, and automate the devices in your home or office.
Conclusion
Taking these precautions will help protect your network and devices–so it’s definitely worth the effort. In addition to this checklist, be sure to check out our related podcast, “SOC Talk: IoT and Security!”
About Hurricane Labs
Hurricane Labs is a dynamic Managed Services Provider that unlocks the potential of Splunk and security for diverse enterprises across the United States. With a dedicated, Splunk-focused team and an emphasis on humanity and collaboration, we provide the skills, resources, and results to help make our customers’ lives easier.
For more information, visit www.hurricanelabs.com and follow us on Twitter @hurricanelabs.
