Networked devices like cameras, speakers, wearables, etc., can introduce security vulnerabilities. Learn how to reduce the risk.
Wednesday, February 19, 2025

When most of us think about cybersecurity, we think computers, phones, and tablets. We may not consider the myriad other devices—cameras, speakers, thermostats, wearables, and more—that also access our networks.

This internet of things (IoT) offers convenience but also introduces security risks. Many of these devices are less secure than computers, for example, making them attractive targets for attackers. 

From a security perspective, IoT devices expand the attack surface of campus and personal networks by adding potential points of vulnerability. Fortunately, a few basic practices can reduce the risks.

Potential IoT risks 

Connecting IoT devices to campus networks or networks you manage at home can create variety of security risks:

  • Unsecured devices: Many IoT devices ship with weak default passwords and lack security updates.
  • Data exposure: Connected devices can collect and transmit data, increasing the risk of breaches.
  • Compromised devices: Bad actors can use vulnerable IoT devices to launch attacks, mine cryptocurrency, or access sensitive information.
  • Network congestion: A surge in compromised IoT devices can disrupt campus operations.

How to secure IoT devices

Whether on campus or at home, you can close common security gaps by following these practices:

  • Change default settings: When you first set up an IoT device, be sure to give it a strong, unique password. Also, take a minute to disable any unnecessary features and services that may be turned on by default.
  • Keep software updated: Regularly check for new firmware and security patches and enable automatic updates whenever they’re available.
  • Segment IoT traffic: If you can, connect IoT devices to a separate network away from any critical systems, for example, a dedicated virtual local area network (VLAN) or a guest network.
  • Limit data exposure: Review device privacy settings to control data collection. Disable cloud-based access for IoT devices if you don’t plan to use it.
  • Monitor and audit devices: Track all IoT devices connected to your network and remove any outdated or unsupported devices.
  • Use secure connections: Enable encryption and disable open Wi-Fi access for networks you manage. Avoid using IoT devices on public or unsecured networks.

Check IoT-vendor websites for specific security information, and work with IT support teams when using these devices on campus. As always, it’s especially important to take security precautions if devices might interface with institutional data.