Every October, National Cybersecurity Awareness Month (NCSAM) reminds everyone about the importance of IT security. This year’s theme is “Do Your Part. #BeCyberSmart” and the main focus is device protection. Anything connected to the internet can be hacked, and there are more devices being connected to business networks all the time. Computers, mobile devices, and Internet of Things (IoT) devices are all network endpoints that need to have the right safeguards to keep them secure. IoT malware attacks jumped 55% over the first two quarters of 2019 and jumped 215% the previous year. Unfortunately, not all devices get the same attention when it comes to security. IoT and mobile devices often lag behind when it comes to cybersecurity strategies in a Tennessee business. But mobile devices are now making up more of the endpoints (60%) in an office than computers, meaning they could be a big threat to security if they’re not properly addressed. The following are several ways you can secure all devices on your network, whether they’re routers and wireless printers, computers, or employee mobile devices.
Protect All Your Connected Devices
“If you connect it, protect it” is the key message of NCSAM. Here are ways you can put this into action at your business.
Timely Updates for All Devices
Computers, mobile devices, and IoT devices all have operating systems and software that needs to be updated regularly. Updates include vital security patches that are released by manufacturers to fix newly found code vulnerabilities that could allow a hacker to breach the device. There are typically three main types of device updates:
- Operating system update
- Software/app update
- Firmware update (updates the software that runs hardware)
Not all updates will send you an alert through a popup message on your computer. Firmware updates on computers and IoT devices are typically not as obvious and you have to look in the device settings to find them. One of the easiest ways to ensure device updates are being applied regularly is to have them all done for you via a managed services plan.
Use Strong Passwords & Screen Locks
Mobile devices and laptops are much more easily lost or stolen than other types of devices. Wearables like an Apple Watch also fall into this category. You want to make it as difficult as possible for someone to access your device and data should it fall into the wrong hands or give you a little extra time to do a remote device wipe. Screen locks and strong passwords are important for protecting devices. When left accessible, anyone can access signed in accounts, mobile wallets on mobile devices, and more.
Endpoint Device Manager
Approximately 78% of businesses use a bring your own device (BYOD) policy when it comes to mobile device use at work. Having employees use their own personal smartphones at work can save companies money and be more convenient for employees. However, it also presents a security risk if you’re not keeping track of which devices have access to your business cloud accounts and data. An endpoint device manager (like Microsoft Intune) can help secure all those BYOD endpoints no matter where they are, as well as employee laptops and computers that are used by employees working from home. Some standard features of endpoint device managers include:
- Remotely grant or revoke access to business assets
- Detect an unapproved device that tries to connect
- Lock or wipe business information from devices remotely
- Push through software updates automatically
Use a Strong Antivirus/Anti-Malware
While most users understand that computers need to have an antivirus program installed to help prevent malware infections, not all realize that mobile devices need to have mobile antivirus/anti-malware as well. Mobile devices are increasingly under attack as they take on more of the workload and gain access to more data, banking activities, and other sensitive information. It’s important that mobile devices also have the same type of antivirus protection to keep them safe from malicious apps and mobile malware.
Change IoT Device Logins
IoT devices are often breached using default manufacturer logins that users have not yet changed. These logins are just meant to get you in to set up a new router, IP security camera, or other IoT device, but they should be changed immediately during setup. One thing that makes it even easier for hackers is when users use an SSID (device’s name on the network) that describes the device brand and model. This lets a hacker know exactly which manufacturer passwords they should try. It’s vital to understand that IoT devices, even if they don’t hold sensitive data themselves, are a gateway into your network and other devices if not properly secured. Change IoT device logins from the default during initial setup and use a non-descript device name.
Need Help with Solid Device Security?
Copperband Technologies can help your middle Tennessee or southern Kentucky business ensure that all devices that have access to your network or data are properly secured – both those in the office or being used remotely. Contact us today to schedule a device security consultation! Call 931.263.8000 or reach us online.