CarefreeIT Cybersecurity Blog Series: The Internet of Things

It’s no secret that the spaces in which we live and work are becoming increasingly connected and digitized. A key aspect of this transformation has been the ever-growing slew of “smart devices” in our homes and businesses, whether they be televisions, thermostats, digital assistants, or fitness trackers—among many others. Current estimates indicate that there are 8.4 billion networked devices in use across the globe, and this number is expected to increase to 21 billion by 2020.

Together, these connected gadgets with data sharing capabilities comprise the Internet of Things (IoT). In addition to making our domestic lives more convenient, IoT devices are fundamentally changing how businesses operate, notably those in the utility, manufacturing, and healthcare sectors. Just as significantly, they are blurring the boundaries between our work and home lives by enabling a Bring Your Own Device (BYOD) corporate culture in workplaces across all industries.

Simply put, the new norm for employees and executives alike is to check email, hold conference calls, and perform any number of other work tasks remotely using their personal laptops, tablets, and smartphones. Nearly 80% of professionals currently work outside the office at least once a week, and 1.55 billion more are expected to do so by 2020.

While this increasingly mobile workforce has the potential to boost employee productivity and provide greater work flexibility, all the while cutting technology costs for employers, the convenience of working from any location on any device ultimately raises a number of cybersecurity concerns. Without the oversight of a qualified IT support team, it is unlikely that personal devices will meet the same security standards as company-owned computers that are managed in-house. Without these protective measures in place, personal devices may inadvertently leak company data, including private and confidential information, as well as provide a trove of opportunities for cybercriminals to launch successful attacks.

For instance, company data may be easily breached if personal devices are lost or stolen, especially if they are not protected by strong passwords and two-factor authentication. Likewise, laptops, tablets, and smartphones can be compromised by Man-in-the-Middle (MitM) attacks if employees use them to connect to unsecured public WiFi networks.

Cybercriminals are also using malicious applications to target smartphones, some of which can hide covertly in official app stores like Google Play. On the whole, it is estimated that attacks on smartphones accounted for 85% of all networked device infections in the latter half of 2016, illustrating that these devices constitute a key component of the IoT threat landscape.

Needless to say, it is essential that businesses establish clear security protocols and standards of use for personal devices that have access to company networks and data. This is why The CarefreeIT Cybersecurity Centre provides small and medium-sized businesses (SMBs) with their own virtual Chief Information Security Officer (vCISO) to implement a BYOD policy that is tailored to address their unique organizational needs. Our Security Awareness Training and testing also provides employees with the knowledge they need to use their devices safely and responsibly.

Now more than ever, organizations across all sectors require comprehensive protection from the inherent security risks that come with having an increasingly mobile workforce. This is why our team of experts works in strategic partnership with businesses to ensure they benefit from the greater flexibility and productivity that connected workplaces offer, while safeguarding their valuable information assets along the way.