Small and mid-sized businesses are embracing the Internet of Things (IoT) like never before. From smart sensors in manufacturing to connected thermostats in offices, the rise of IoT offers undeniable productivity gains. But it also introduces new attack surfaces, especially for businesses without dedicated security teams.
IoT adoption has skyrocketed in SMBs across sectors—retail, agriculture, logistics, healthcare—driven by cost savings and operational visibility. Devices like smart locks, IP cameras, climate sensors, and connected POS terminals are becoming commonplace.
Unfortunately, many IoT devices come with default passwords, unpatched firmware, and no built-in encryption. Attackers exploit these weak links to gain a foothold into broader business networks.
Segmenting IoT from core systems is key. SMBs should use VLANs, firewall rules, and dedicated Wi-Fi networks to separate IoT traffic. This helps prevent lateral movement in case of compromise.
A logistics client in New Zealand deployed smart environmental sensors and connected forklifts. After an incident involving unauthorized remote access, Virtus Group redesigned their network. We isolated IoT devices, implemented firewall rules, and onboarded them to our security monitoring platform. Visibility increased and risk was reduced significantly.
Don’t treat IoT as an afterthought. Design your network and procurement strategy around security from day one. Enforce minimum security standards when onboarding any connected device.
Here is a practical checklist to help assess your current environment and reduce risk from IoT devices in your business.
Eduardo Wnorowski is a Technologist and Director at Virtus Group Ltd.
With over 27 years of experience in IT and consulting, he brings deep expertise in networking, security, infrastructure, and transformation.
Eduardo helps New Zealand businesses navigate change with clarity, security, and trust.
🔗 Connect on LinkedIn