Internet of Things (IoT) devices provide ever-increasing opportunities for business-to-business brands to cater to customers, increase their profits, and boost competitiveness. However, IoT devices are nowhere near risk-free.
IoT devices collectively broaden the attack surface for cybercriminals to target. It doesn’t help that many B2B companies use IoT tech for crucial reasons, and perpetrators thrive on orchestrating the most damaging attacks.
A 2019 report found that the IoT devices used at 82% of health care organizations experienced a cyberattack within the past year. Software flaws caused the most vulnerabilities for respondents in the United States. Another worrisome finding was that 98% of the health care organizations using IoT devices agreed there was room for improvement with the security of those gadgets.
The widespread availability of IoT technology has also encouraged increased adoption. For example, a real estate professional could install smart locks at a property to let a painter or maintenance worker perform the required improvements before it goes on the market. That arrangement means the real estate representative does not need to make themselves available to let the person inside.
However, as homes get smarter, chances arise for mishaps to occur that could land real estate professionals in legal trouble. Incidents have occurred where disgruntled ex-partners wreaked havoc on occupants due to still having the access information for a connected home’s network. They could then turn on the lights, activate appliances and cause other unsettling events, despite not being inside the property.
Real estate professionals must stay mindful of the privacy implications associated with IoT tech and create contracts that free themselves of potential liability. Moreover, any company or industry that uses IoT gadgets or might do so should investigate ways to reduce risk. This may include changing default device passwords and working with vendors that prioritize security within all stages of a product’s development and regularly release patches to fix known vulnerabilities.
An often-overlooked reality is that cyberattacks associated with IoT devices can be so severe that they cause businesses to shut down. For example, ransomware could make a retailer’s point-of-service system inoperable. If it affects locations all across the country or world, the companies could suffer severe profit losses and experience a rise in customer mistrust.
Cybersecurity experts warn that criminals could target the most-essential IoT devices when planning their ransomware attacks. These attacks could potentially disable vital medical equipment at a hospital or lock someone out of their home. Experiments have also proved that hackers can influence the functionality of connected cars, which could introduce risks for companies that depend on corporate fleets.
These risks are not just hypothetical. In one case, a 90-bed community hospital could not use its cash registers or fax machines and had to temporarily refer patients elsewhere. Ransomware has also forced doctor’s offices to close for good, especially if the costs associated with restoring lost data proved too high to bear.
Despite the risks associated with IoT devices, they can help many businesses achieve goals that would otherwise be out of reach. For example, when COVID-19 forced long-term work closures due to lockdowns, businesses pivoted by using tools to stay connected as employees worked from home, such as Zoom and Slack
Unfortunately, these products come with risks. Zoom appeared in the headlines during the early stages of the pandemic for security issues that allowed unauthorized parties to access in-progress meetings. Businesspeople who use remote collaboration tools must ensure their devices have the latest software versions; otherwise, hackers can more easily affect the devices that run those tools, such as tablets and smartphones.
Another perk of IoT devices that became especially apparent recently is that they allow people to check the status of physical properties without leaving home. For example, a property management firm could remotely access the feed of an IoT camera to see what triggered an alarm at an apartment complex’s pool.
IoT sensors can detect problems before they happen, too, which aids facility management personnel in avoiding costly breakdowns. If a maintenance professional sees abnormalities in a refrigerator’s temperature, they could send someone to assess the matter before an outage happens.
Similarly, access control systems will help companies operate safely as they do business during the global pandemic. Some options on the market allow touch-free features like facial recognition for people clocking in for work. Then, business leaders do not need to worry about using processes that could help the virus spread, such as having employees type ID numbers into an electronic time clock or use a sign-in book to note their arrival and departure times.
Any B2B company representative thinking about using IoT devices must understand there is no such thing as an unhackable gadget. Cybercriminals evolve their tactics as security experts thwart attacks that once worked well.
However, proactive measures to prevent attacks can go a long way in removing many of the risks. The ideal approach is to view every person at a company as sharing responsibility for keeping cyberattacks at bay. That may mean implementing a strategy to screen all new IoT devices for issues before adding them to the network or ensuring auto-update features get enabled as soon as someone starts using a new connected gadget.
An excellent starting point is to hire a security professional to assess the current risks associated with a company and its IoT usage. Then, business leaders know which problem areas to address before security shortcomings get out of hand. People should not consider all IoT devices insecure, but they should acknowledge that these electronics can quickly become dangerous if users do not take the proper precautions for maintaining security.