US flag signifying that this is a United States Federal Government website

  Official website of the Cybersecurity and Infrastructure Security Agency

The .gov means it’s official.

Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure.

The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

  1. Home >>
  2. About NICCS >>
  3. Featured Stories >>
  4. Securing the Internet of Things

Securing the Internet of Things

The term “Internet of Things” (IoT) is used regularly in daily conversations, but many people may not know what it actually means. IoT refers to the network of dedicated physical objects (“things”) that have the ability to communicate with other “things” through the Internet. They can also collect and exchange data.

These “things” fall into one of three categories:

  1. Things that collect and send information (e.g., GPS sensors collect and send data on your location)
  2. Things that receive and act on information (e.g., remotely unlocking your car)
  3. Things that do both (e.g., vehicle sensors tracking positioning on the road, and alerting the driver when the vehicle strays outside of its lane)

IoT devices are all around us, at home, in the workplace, and on-the-go. Often referred to as “smart” devices, they range in complexity, but all are meant to streamline and simplify our lives. From smart assistants like Siri and Alexa, to lighting systems and doorbells, these connected devices provide ease and convenience to life like never before. However, this constant connection does have a downside. Unsecure networks can leave IoT devices vulnerable to cyber-attacks and provide cybercriminals access to sensitive information.

Users know that hackers try to gain access to common technological devices such as computers, laptops, tablets, and cell phones. But consider your thermostat, baby monitor, outdoor security cameras, and/or TV; if they are connected to the Internet, they could be vulnerable to cyber-attacks as well.  In fact, attackers have compromised all of these devices at one point or another. If these or other Internet-enabled devices are not properly secured, cybercriminals can use your IoT devices as a gateway to access and steal your sensitive information.

To keep your IoT devices, networks, and data safe from hackers follow these basic steps:

  1. Change your device’s factory security settings from the default password. This is one of the most important steps to take in the protection of IoT devices. Create a unique, complex password for each IoT device.
  2. Update your devices with security patches. Even the simple act of regularly rebooting devices helps protect them, as malware is often stored in the temporary memory of a device and is removed upon reboot.
  3. When connecting IoT devices to a network, consider connecting them to an isolated network that does not connect to computers storing valuable data.
  4. Use a firewall to monitor the network traffic between the Internet connection and the IoT device. A firewall can detect unusual or suspicious behavior and prevent hackers from accessing devices on the same network.
  5. Decide if there is a need to enable Internet connectivity on all devices. Just because a device has the capability to connect and interface with a network does not necessarily mean it should.

IoT is becoming an increasingly important part of day-to-day life. When used correctly and securely, these devices can be convenient and helpful. But to maintain the security of your device and your data, applying security measures to keep your IoT devices safe is a necessary, critical effort. Stay informed and practice good security habits to ensure IoT devices connect safely and securely at home, work, and on the go.

You have been selected to participate in a brief survey about your experience today with National Initiative for Cybersecurity Careers and Studies.

Would you like to participate on a survey?