We were glued to our screens in January, watching events unfold in America. The big news which captured our attention, of course, was that Joe Biden’s Peloton exercise bike was to be banned from the White House for security reasons—but how is that relevant to you?
Peloton is an internet-connected bike for home use which links up to online exercise classes. It includes a built-in camera and microphone, which is the cause for concern. The worry about whether it should be allowed in the White House reminded us how easy it is for things to creep into your home and workplace with barely a second glance.
While we don’t actually know anyone with an internet-connected fridge (the common example used for this subject), we are increasingly surrounding ourselves with internet-connected technology, but rarely pay any attention to security.
- Amazon Echo, Google Nest or similar ‘home hub’ devices
- ‘Ring’-style video doorbells
- Security cameras & systems
- Thermostats / energy management, light bulbs (!)
- Smoke alarms, carbon monoxide monitors
- Baby monitors
- Gaming consoles
- Smart TVs
- Home appliances – fridges, washing machines etc. are now increasingly internet-connected for diagnosis, firmware updates
- Pet feeders
- Your car
At-home security risks present a much greater danger in our new lives, with more of us working from home. Many people have simply switched to using their home laptops / workstations, often with limited security configured on them.
This needs to be carefully managed from a business point of view, especially as it looks increasingly likely that home working is here to stay. Perhaps not full-time for everyone, but there will certainly be a larger number of people working from home post-Covid. The trends were already there, but the pandemic has certainly accelerated them.
We’ve covered a number of these issues in the past, but in the occasional chaos and unplanned changes many businesses have encountered over the last twelve months, it’s worth pausing to reflect, and ask yourself some questions:
- Have our systems changed in any way without planning or review over the past twelve months?
- Are we now using computers, which were configured to work on a secure work environment, in a less secure home environment? e.g. managed firewall and other restrictions at work, nothing at home
- Have we rushed to install new software, or purchased new hardware, without fully and entirely understanding its impact on our security?
- Are staff working in new ways, e.g. from a family computer, and have we fully reviewed what issues this might cause?
- Have we fallen into bad habits with remote working, e.g. sharing passwords between users by unsecure methods (text message, email etc.), running meetings in unprotected ‘rooms’?
- GDPR and data security: do policies and precautions need to be updated if people are accessing on personal devices or on home networks?
- If a family computer is being used, are there issues with local storage or caching of data?
- Are there lessons we can learn for the future? Do we struggle to share documents, passwords etc. in a safe and sensible way? How could we do it better?
It’s a lot to get your head around of course, and we make no apology for being honest about that. We’ve worked with a number of clients over the past twelve months to help them, initially, just keep the business functioning, but subsequently to make sure everything is being done with the same attention to detail as if everyone was still in the office.
If you’d like to chat through what you’ve learned, and review your new systems, we’re here to help.