- Limiting which devices need to be connected online and when:
Are the smart speakers required to be turned on during Night time when everybody is asleep, or the Smart Coffee maker is required once we had the coffee? In industries and factories are the smart sensors required to be on when the machinery is not running and when the works have gone home? So we need to consider when we are adding a new IoT device to the network whether it needs to be online all the time or only when required thereby limiting the scope of that device getting hijacked for nefarious purposes.
- Use Strong, unique passwords and enable MFA wherever possible:
Passwords act as the first gateway when a hacker is trying to deliberately enter a network or while attacking. Therefore, Passwords need to be strong and unique so brute force attacks (although not common) cannot crack the passwords. Storage of the passwords in plain text on machines should also be avoided. If the