Archive

Go to:

August 2017
SMTWTFS
12345
6789101112
13141516171819
20212223242526
2728293031
< Jul Sep >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

Hackers Coming Through the Fridge Door
Thursday, March 9, 2017 6:35 AM

Kevin Hood, CISA, IT Consultant, Credit Union Resources

Is your TV secure? What about your fridge? Who would have thought a few years ago that we would have to worry about these things! If you’re unfamiliar with the term “Internet of Things,” or IoT, don’t worry, it's still fairly new, and you should have plenty of time to start developing a strategy to manage it. IoT is the term used for all the smart devices available to consumers and businesses. From smart TVs to refrigerators, thermostats, and coffee pots, everything today seems to be connected.

While you may not have any of these devices in place currently, chances are you will in the future. Unfortunately, most IoT manufacturers are not concerned with cybersecurity. Most devices are configured with default passwords that are readily available on the Internet. Also, many of these devices have no configuration options for the end user.

While some of this security is out of your control, here are a few tips to ensure these devices are as secure as possible.

  • Only connect the device to your network if needed. This is the easiest way to protect your network. If you don’t need the functionality, don’t connect your device to your WiFi.
  • Choose wisely. Before purchasing a connected device, perform your due diligence/risk assessment and only purchase devices that comply with your security policy.
  • Isolate the network. If you need the online functionality of the IoT devices, consider installing a separate WiFi network with no access to your internal network.
  • Strong passwords. As with anything, if you have the option to set a strong password, do it. Make sure the password is complex, using uppercase, lowercase, numbers, and special characters.
  • Keep devices updated. Yes, even these devices need updates from time to time. If the device has an option for automatic updates, this should be enabled. Check the manufacturer’s website periodically for security patches.
  • Disable remote access. Some devices will have remote access functionality on by default. Turn this off when not needed.

Hopefully, as the usage of IoT devices increases, manufacturers will begin to address cybersecurity more aggressively. Until then, analyze each device and implement as many controls as you can.

______________________________________________________

Assess Your Systems and Manage Your Risk

As technology changes, every credit union faces new security issues. Let Credit Union Resources help you stay on top of it—your future could depend on it. Our team of technology professionals provides guidance on compliance, shares best practices, and performs audits. We have a vested interest in your success, and your cybersecurity matters to us. To find out how we can help you manage cybersecurity and operational risks, contact:

Idrees Rafiq
469-385-6799
800-442-5762, ext. 6799
irafiq@curesources.coop

Deanna Brown
469-385-6464
800-442-5762, ext. 6464
dbrown@curesources.coop

About Credit Union Resources Inc.
Credit Union Resources is a service corporation that provides industry-leading solutions and expertise to credit unions across the country. Credit Union Resources is a part of the Cornerstone Credit Union League, a regional trade association representing the interests of credit unions in Arkansas, Oklahoma, and Texas.