Should you consider connecting your devices via a VPN?
As many of us worried about how to keep track of devices are aware, the Internet of Things (otherwise known as IoT) are in many modern workplaces today. Especially prevalent are devices in the manufacturing and healthcare sectors.
The number of devices in your workplace that are connected to the internet is likely to increase in the next couple of years. And you probably already use some of them in your home.
Maybe you have a smart thermostat, maybe you control the lights inside or outside of your house, or maybe you even have CCTV protecting your property, or even are able to turn on your oven or cue up the next episode of Game of Thrones. Talk about connected devices, I’m sure your phone is broadcasting, recording, geolocating and monitoring all sorts of things for you and giving you real time updates on others you care about.
Today there are just so many devices connecting to our world that we probably couldn’t imagine a life without them. What’s been on my mind for quite some time is the same phenomena have been happening in your workplace and I want to make sure you are thinking about how to keep that data secure while using IoT.
As IoT devices become more prevalent in your workflow, should you be making sure your team is considering how to data those devices transmit?
One thing that escapes most of us is how much data there is—and which data you might not wanting to leak into the world—be it is private information (say, monitoring a patient at a clinic or hospital) or proprietary information (maybe specific temperatures or conditions involved in producing your biggest selling product). Individually, one data point or one small piece of information may not seem very significant, but if multiple devices are transmitting different information, it might be an entirely different story.
The big problem is it takes too much energy and resources to make sure every single device is locked down (and securing these devices might not be economically feasible for a variety of reasons).
But the reality is that information related to your health, location, processes, and other behaviors at work are susceptible to loopholes inherent in how current IoT devices are designed. The problem comes when people, somewhere along the way, are able to intercept or view that information—even the information you think might be protected on your network—simply because those devices were not originally designed with securing information at all.
How could a Virtual Private Network help in with IoT devices?
Your business might want to be cautious about security loopholes when it comes to devices. There are plenty of recommended business Virtual Private Network (VPN) options out there (the easiest way to figure out what might work best for your organization may be to get a network security assessment) that could help ensure your operations are secure without compromising speed on your network.
While experts agree that it should be the responsibility of the device manufacturer to make sure their devices are more secure, at this moment—with these devices in production systems—you have little to hope the device manufacturer will improve security around their devices anytime soon. At this point, the majority of devices are not encrypting information or transmitting that information in a secure form.
What steps can you take right now?
For now, it’s up to you as a user to make sure you are protecting yourself or business. In order to account for gaps in security in the devices you use, some experts are advising to make use of VPN use a part of responsible device use.
VPNs will help protect against common IoT attacks. Botnets and Man-In-The-Middle attacks have been common exploits on IoT device platforms. A botnet consists of a network of computers or other devices connected to the internet that are infected with malware. When the devices are controlled as a group, they easily are able to cause a lot of damage. Hackers have been using loopholes in IoT devices to infect large number of devices with malware to debilitate your business network.
Using a VPN could help mitigate botnet attacks by ensuring there is a protected channel between a device and a server it is connected to.
Similarly, VPNs can help prevent Man-In-The-Middle attacks, which consist of third parties trying to intercept network traffic. In the case of IoT devices, the attack may compromise data between a device and a central access point. A VPN encrypting traffic would ensure that data gathered from your device be unreadable when intercepted by such an attack.
A Few Things To Consider With VPNs
Find a good VPN option. If you are concerned about protecting data coming across your devices, it’s probably a good idea to spend a little time making sure you have a VPN that works well with your devices. There are many options out there—and many of them are very secure. Be aware that anything free might come at a cost.
Realize that a VPN is not the ideal solution for every device. Depending on the device, the data it collects and the importance of that data, you might not care to protect every single device in your facility. Make sure to identify which devices are your priority when it comes to keeping core processes, infrastructure and data secure and prioritize protection around those devices instead of treating every IoT device in your facility equal.