A recent article from CSO highlighted again the need for workforce monitoring. As we settle into work from home being here long term, there is an increased threat from IoT devices into your corporate network
Why are we talking about this again? Because there’s now the data to support what we talked about in our blog posts last year.
What do we mean by an IoT device? Fitbit, Garmin, smart switches, Bluetooth speakers like Sonos or Bose. Essentially any device that connects to a Wi-Fi network. In a recent study from Palo Alto showed that 98% of all IoT device traffic is unencrypted. This provides an open portal to your corporate network when all devices are on the same network. How many of your employees would have changed the factory settings on these devices? Would they have applied any security policies or settings to these devices?
Most users tend to underestimate how often their IoT devices are hit. They believe, on average, that their homes are attacked 12 times over the course of a month, when in reality it happens nine times more often, according to Comcast. Soon after companies made the decision to keep their employees at home, researchers saw a 12% growth in attacks, as hackers leveraged the increased online activity of connected homes.
Supporting your remote users is a different kind of employee experience these days. It’s no longer someone wandering over to the support guy or vice versa. Traffic isn’t confined to your managed corporate network with the occasional VPN connection. Ensuring that they continue to have the best user experience, and your corporate perimeter remains strong means businesses need to change their approach to their network perimeter.
Now businesses need to look at the entire work from home office setup. Our recommendations start with doing a network audit on your employees home router.
- How many devices are connected?
- Do they know what all the devices all are?
- Can the attack surface area be reduced?
- Is multi-factor authentication turned on by default?
The other consideration is creating dedicated networks within your employees home office setup so that only approved corporate devices are allowed access. This means that your data always stays within your perimeter and is not left exposed to outsider threats and leaky IoT devices.
2020 was the year of rapid change from an IT management, 2021 needs to be the year of optimisation and security.