- Contact Us
I’m sure many of you have seen or heard of the recently released viral video showing a young girl being yelled at in her room via her internet connected Nest camera. Obviously, this was on a home network, but it occurred to me that a large amount of commercial entities also have internet connected cameras and some of them are indeed Nest branded.
Fixing the Nest camera issue is actually very simple and just requires the user to turn on two-factor authentication. The guide to set this up can be found here.
The larger underlying issue that companies face is that they may be leveraging several different brands of cameras, thermostats, internet connected printers, refrigerators, among other Internet of Things (IoT) devices. To defend these devices, it is important to remember the concept of “defense in depth”.
Defense in depth essentially removes your reliance on a single point of failure and requires an attacker to overcome several hurdles before any access can be gained. If access is gained, defense in depth makes it very difficult to further exploit the environment.
Below are some quick examples of creating defense in depth with a Nest camera (this would work at home or at the office).
I’ve attempted to lay out these steps in order of their levels of complexity. None of these steps are particularly difficult and you should not feel they are outside your level of expertise. Many home network admins don’t realize the power they have to secure their networks, or they feel it is too difficult. It isn’t! Compass IT Compliance has spent the past decade assisting organizations in securing their networks and IoT devices. Contact us today to learn more about the threats posed by these devices!