Employees are slowly beginning the shift back into the office, but is working from home a thing of the past? As employees and employers redefine what work from home (WFH) will look like in the future, it is a great opportunity for employee education.
Too often IoT devices are overlooked as being security threats, both in the home and in the office environments. Many of these devices have multiple applications, meaning they are just as vulnerable to attack by a threat actor. With over 20 billion IoT devices on the market in 2020, and a 300% increase in attacks, the need to secure these devices has never been more important.
IoT devices are a concern for any business during normal operation, however, have become even more worrisome during today’s extended work from home environment. When a corporate office typically updates its hardware or onboards new IoT devices, the security and operations professionals are on-site to ensure those devices and the network are protected. When the operating model changes overnight from one office to hundreds of personal offices spread across a city, state—or even the world—the company’s control over their own cybersecurity may begin to slip.
The real threat from IoT devices is that consumers tend to assume they are perfectly safe and totally disconnected from their work network. Both claims are false. Many of these devices are produced and designed as quickly as possible in order to be first to market. This means that many have weak or even non-existent security, making them vulnerable points in home cybersecurity and tempting targets for attackers. On top of this, devices in the home usually aren’t installed by technicians with the security training necessary to protect the end user and, by extension, your data. Small mistakes like leaving ports open at a residence can quickly give a determined attacker access to your home network, if not properly defended against.
Unfortunately, the risk doesn’t end at home. Many employees are accessing their organization’s data via virtual private networks (VPN), this action increases the risk of exposing their networks to attacks. Utilizing devices like a TV, Alexa, Peloton, or even a smart refrigerator, expands the attack surface. One rogue device can spread malware or spyware through the home, to the VPN, and into a company’s network. If left unchecked, that malware can then spread across an unsegmented network, potentially leeching private or secure data from the system.
While employers are re-defining their work from home policies, security threats presented by at home IoT devices continues to grow. You can significantly reduce these threats by encouraging teams to take the following simple, but impactful steps.
While we have all experienced numerous challenges securing devices on home networks recently, there are solutions to help ease the burden. The steps outlined above describe how both employers and employees can proactively work together to harden security and reduce risk in these uncertain times.