According to a 2018 report from Symantec, IoT devices have experienced a whopping 600% increase in cyber-attacks year-over-year. It’s not too surprise, though—hardware and software flaws have contributed to the proliferation of enterprise security incidents. That said, human error should not be overlooked.
In a recent article for Network World, Robert Burnett, Brother’s director of B2B products and solutions, summarized the five most common networking mistakes that companies make which lead to being open to malicious activity.
- Using default credentials
Securing devices from unauthorized admin access not only helps protect important machine-configuration settings and report information, Burnett explains, it also prevents access to personal information like user names which, in turn, could be used in phishing attacks.
- Inadequate end-user awareness
Taking the time to train your team of best practices for managing documents and devices should be part of everyone’s security plan. While you might have the latest and greatest in IoT security software, it will not eliminate human error like leaving important documents on the printer, or scanning documents to the wrong destination.
- Lack of access controls
In the past, cost control was the driving force behind managing who can use a machine and when their jobs are released. While this is still important, security is fast becoming the biggest reason to put management controls on all devices.
- Failing to update device firmware
Most IT pro’s spend their days keeping network infrastructure devices up and running, and ensuring the company’s infrastructure is both secure and efficient. One thing that is often overlooked are common devices like printers. And out-of-date firmware on these devices could expose the company’s infrastructure to new threats.
- Poor endpoint visibility
It is of paramount importance to understand who is using what device, as well as the capabilities of all devices in a given fleet. In addition, one must constantly review these devices using port scanning, protocol analysis and other detection techniques as part of an overall security review.