The internet of things (IoT) continues to grow as more and more devices are equipped with sensors, cameras, and other technology designed to streamline and automate processes. With the growing number of devices accessing the local area network (LAN), network security teams are forced to address vulnerabilities that come with this aspect of digital transformation.
In many situations, businesses aren’t able to track all of the devices that are running on the LAN or the risks that they may bring. An unmonitored or unidentified device on the LAN can offer a potential attack opportunity, putting the entire organization at risk. While IoT technology is generally welcomed by businesses, there still needs to be a security strategy that both protects the organization but doesn’t hinder the benefits that these devices offer.
Quantifying the Risk
A new report by Palo Alto Networks entitled the 2020 Unit 42 IoT Threat Report shows that IoT makes up over 30% of devices on the network for the average organization. Among these, 57% are considered vulnerable to attack.
Part of that risk stems from the fact that a whopping 98% of all traffic tied to IoT devices is unencrypted, meaning that information sent over the network or public internet can be seen by anyone.
To get a better understanding of the risks that IoT security introduces to the LAN, here are five elements that tend to contribute to a problem:
- Variety: The number of different technologies used in an IoT setting has a direct bearing on the vulnerability.
- Age: IoT devices may have a longer life cycle than what is supported by the update cycle from a provider.
- Self-Protection: Many IoT devices have some level of self-protection.
- Quantity: How many devices are accessing the network?
- Attack Surface: The business must examine how the number of IoT devices and their unprotected access expands the attack surface.
Improving IoT Security
IT security teams should begin by gaining better visibility into the IoT devices accessing the network since it is impossible to manage what isn’t measured. It’s not enough to scan devices in a traditional approach because this is limited to known assets and may cause technology to crash or even break.
Because of the variety of IoT devices any organization uses, it may be challenging to discover and classify all of them. IoT devices often don’t appear in the types of tools that businesses typically use to identify technology.
Machine learning and passive monitoring can provide a level of location and identification that then begins to track patterns and establish normal activity. Because it monitors not just the device but also its behavior, it delivers a clearer picture for IoT security.
Overall, the key to lessening the burden of IoT security is automating manual processes as well as improving visibility through machine learning. This way, businesses are able to determine what types of behavior are risky and which are normal.
From this point, the business embraces a data-centered policy that is informed by actual IoT activity and it can then be paired with cloud-based and on-site security tools that block both known and unknown threats to the device.
If you’ve been allowing shadow IT to take over your IoT security, contact us at Hudson Technology Partners. We can assist you in your efforts to improve control and reduce your risk to the LAN.