Despite the proliferation of smartphones, tablets, laptops and TVs that can go online, we’re still only scratching the surface of the explosion we are about to see in internet connected devices.
Known more generally as the ‘Internet of Things’, this is a world in which pretty much any item you have cause to interact with could be data connected to you, the wider world and other devices and services: already you can fit a door lock operated by your smart phone; British Gas will sell you a heating controller that is managed by an app and can turn on the boiler from wherever you happen to be in the world; light switches and plug sockets can be automated and connected to third-party services (like www.ifttt.com) to control whether your home looks occupied or to turn on the slow cooker half way through the day from your office…
There will be much more, very soon. Health-related devices will really start to spread. The state of your heartbeat could be available across global networks. And then there are self-driving cars (which even Apple wants to get into)…
So far, so exciting. But (there’s always one of those, is there not?) there are going to be problems and dangers and, where your health, wealth and security are involved, they need to be taken seriously. It’s not even as though the risks come from lurking denizens of the dark web trawling specifically for ways to break into your life; they come from the devices we innocently put in our homes and offices.
You see, in order to make these always-connected devices appeal to a wide audience you have to make their adoption a no-brainer. That doesn’t happen when you build in barriers – like strong security.
While life at Bespoke Computing starts and ends with security, the average tech user doesn’t want to be scratching their head trying to remember a 12-character password each time they want to turn down the heating. That’s not making their life easier, so they won’t do it.
To counteract that the manufacturers of devices still rely on default usernames and passwords in the devices they ship. The easiest thing in the world is to think that no-one’s going to be interested in your net-connected lightbulb so why bother changing that password? Except the world is full of automated programmes hunting networks for those recognisable default passwords and when they find them they have found a doorway to your router and, from there, to anything you have connected – like that remote video baby monitor or your alarm system.
For businesses the risks of giving access to criminals could be catastrophic. It’s not even as if that access would automatically be used against you, but the processing power in all those devices can be harnessed to carry out attacks against bigger targets. Do you want to be part of that? Especially if those bigger targets could be your clients…
This is not a bid to be alarmist. There is tremendous power to be harnessed in connected devices. Intelligent data sharing will solve many of the world’s problems and will save countless lives (hands up who has a BMW with a built-in SOS button that will send an alert with your location in the event of a crash?). What is essential is that we are prepared for and respectful of the risks (those same clever BMWs recently needed an urgent software upgrade because it was discovered they could be hacked over-the-air!).
What this post represents is a plea to everyone who reads it to think that bit harder when they buy new technology for work or play. Don’t make it ridiculously easy for someone to abuse it. Criminals will come up with new wheezes to benefit from these devices before the security industry, law enforcement and legislators come up with ways to fight back.
Make sure you change passwords and make sure they’re unique and impossible to guess. There are very useable ways to manage your logins that lock them all away behind one hard-to-guess, encrypted password (more on that later) and second layers of checks involving one-off codes or text messages on your phone (more on that later, too).
Better, if your livelihood and that of your staff, customers and suppliers is going to be at risk because you automated your lighting, to put in a call to Bespoke Computing. Even now, the wrong ports open on your router could be leaving you exposed. We’ll work with you to find the risks, lock them all down good and tight and make sure you know where to look in future as the Internet of Things finds its way into everything you do.