Pub. 12 2017-2018 Issue 6

WWW.NEBANKERS.ORG 14 I FYOUWORKINTECHNOLOGY,YOUSHOULD be aware of the Internet of Things, also known as IoT. As a trendy and often misunderstood arena, the IoT has not historically been discussed in- depth during security awareness training. This means that even if you are aware of the dangers presented by the IoT, your employees may not be as mindful. What is the IoT? Think of the IoT as the global network of “things” that are connected to the in- ternet. This includes the obvious such as smartphones, computers, and wearables, and the less obvious such as AI devices, office automation, coffeepots, refrigera- tors, and smart TVs. Why educate employees about the IoT? If a device can be connected to your organization’s network, the device is part of the IoT and it can be used as a door into your network. The more devices that are allowed to connect to the network, the more opportunities exist for a malicious actor to enter. Employees need to be aware that their actions matter and, if they con- nect devices to the network, they could be putting your organization at a higher risk of a cyber-attack. How can I explain the IoT tomy employees? Using a metaphor of a house to de- scribe the IoT is helpful. For example, if you have a house and you lock the front door and all the windows, you’ve done a good job protecting your house. If you forget to lock the back door though, it doesn’t matter if you’ve locked down all other access points to the house. All some- one needs is one weakness to get into the whole house. The same is true of your bank’s net- work. We’re often trained to think about securing the obvious things—the items THE INTERNET OF TH Alyssa Pugh, Security+, CoNetrix TECH TALK