Covering Disruptive Technology Powering Business in the Digital Age

Home > Archives > Blog > Five IoT Security fundamentals which could save your bacon
Five IoT Security fundamentals which could save your bacon


By Nop Srinara, Director, Datto Asia

Singapore’s appetite for the Internet of Things (IoT) is insatiable. From plans for smart homes, to intermodal transport systems and smart grid technology, so much of what Singapore has in mind for the future is based around the city-state’s push towards digitalisation in its bid to reach smart nation status.

For those not in the know, IoT refers to a network of internet connected objects, from buildings to vehicles and appliances embedded with electronic sensors and software which enables them to collect and share information without requiring human intervention.

According to Gartner, approximately 8.4 billion IoT devices are currently in use, a figure which is expected to reach the 20 billion mark by 2020.

But with new exciting technology comes responsibility. Last week saw Singapore recovering from the nation’s largest data breach in history, impacting approximately 1.5 million people in what were described as “specific and repeated” targeted attacks. The threat is real and criminals continue to find new and improved ways of exploiting vulnerabilities in any network.But what does this mean for your IoT devices, and how do you ensure that your smartwatch isn’t the weakest link in your security strategy?

Here are five ‘must dos’ to keep your gadgets and your data safe.

1. It’s all about timing: Your security relies on updated firmware, and while some manufacturers offer automatic updates, others unfortunately just want to make a sale, and care very little about what happens to you or your customers past this point. It’s a great idea then to check the manufacturers notes on any gadget you intend to buy before you purchase to see how often they’re patching their firmware. You may be tempted to buy a cheap device that’s got great reviews but if they haven’t updated their firmware in a couple of years, you could be putting
yourself and your data at serious risk.

2. Make use of guest networks: Utilising multiple networks can be a great way to protect yourself and your data. For instance, by setting up your laptop on a protected network and your other devices which don’t need to talk to each other (like your camera) on a guest network in isolated mode, means that even if one device is compromised, the hacker’s access to data is limited and therefore so is the damage they can do. For MSPs, this sort of segmentation is a big selling point of a managed WLAN practice.

3. Make it automatic: Auto updates are essential in the fight against cybercrime. Most reputable tech companies are doing all the hard work for you to come up with patches to fend off attack, so by flicking a switch for updates to happen automatically, means you can be confident that you get what you need when you need it.

4. Be clever with your passwords: It goes without saying, but one of the biggest mistakes that people continue to make when it comes to security, is failing to come up with a strong password. By this point, this should be a no brainer for anything that you care about, but it’s also critical that you don’t stick with the same password until the end of time. Regularly updating your password is one of the very best protections you can have against data theft in the long run, and while it can be annoying, losing your data is worse.

5. Remote control – Just say no: If your IoT device features RAT or Remote administrative tool, you could be in for trouble. While this is a handy option, allowing users or MSPs to access the device remotely, you may also be
inadvertently giving hackers easy access too. Disabling this function is a good move and could save you a lot of heartache in the long-run.