So, what is it and why would that be? IOT in a nutshell refers to everyday items, often household items, that today have a processor, and can be operated by remote control. For instance, you can turn on your lights, start a cooker going, turn on the kettle etc, all from your phone on your way home. And of course, we have Siri, and Alexa amongst other systems, all interconnected in some way in your home, and increasingly, in your office, and to the internet.
Whenever it’s discussed all the usual light hearted comments about being hacked by your kettle, or held to ransom by your toaster, come out in the conversation. And I suppose, there can be some amusement to be had. But there is a serious side to this.
Increasingly now we are seeing smart appliances in the work place, that could be used to jump onto the more serious elements of a network, we are already at a place where some functions, perceived as routine, even mundane, can already be used to jump onto other network devices. For instance, most have security cameras and alarm systems. Many of these are IP based and are connected via the LAN. OK, but many also are remotely maintained by a variety of suppliers. I have found it not uncommon for these suppliers to arrange for their own backdoor into the system to maintain these systems, often without the client actually knowing how that is done. This provides a very neat circuit around the router and firewall and, when most SME networks are flat, access onward to all parts of the network. A flat network refers to a network that is unsegmented ie all devices are attached to a single wifi or wired network with no further network protection once through the gateway.
This of course is not the only example but it shows how poor security architecture, often times by local network providers, can have a quite seriously detrimental effect. So, what I am saying is that as many more devices become ‘smart’ and interconnected via the LAN, security architecture becomes just as important for the SME as it does for the larger enterprise. The problem is that the awareness and support within the SME community and their suppliers, tends to be lacking.
So, take a look at your network, or discuss with your IT provider, know what questions to ask and what answers you are looking for. Assess how vulnerable you might be to an attack or scam. We are now entering the realm where the mundane can quickly become significant and cause very real harm.
H2 provides affordable and flexible one-off and ongoing data protection and cyber risk protection services.
To learn more about the services we provide please click here https://www.hah2.co.uk/
Alternatively, please feel free to give us a call or email
T: 0845 5443742
M: 07702 019060
Trust H2 – Making sure your information is secure
What our customers say about us
“We originally engaged H2 to examine our liability under GDPR and devise risk managed policies and processes to ensure we met the requirements. Their Cyber Maturity Assessment is certainly and eye opener and H2s approach, unique in our experience of IT service companies, demonstrated clearly that we had some issues to overcome. They were patient in providing services at our own pace and at price points which we were happy with, and were comfortable working with our current IT provider, enhancing their services and products, and plugging gaps that they do not cover. I have no hesitation in recommending H2 to other companies who need such services.”
Lisa Williamson, Operations Manager, Savage Group