The Internet of Things (IoT) is rapidly becoming pervasive throughout both organisational and personal life, and there’s no end to its growth in sight. Corporate buildings, hospitals, industrial control systems and critical city infrastructures are host to countless heterogeneous connected things, or devices. These exciting new smart devices provide services and functionality that require network connectivity to move the data or images they capture to and from their receiving management systems and end-users. This connectivity often occurs via the Internet to enable services and allow for remote management capabilities by corporate resources or third parties creating security risks, according to Forescout.
Steve Hunter, senior director, systems engineering, Asia Pacific and Japan, Forescout said “The combination of so many different types of IoT devices, unique management interfaces, varying network architectures, unpredictable network access and random deployments by various groups, creates the perfect storm of potentially uncontrollable risk and management inefficiencies.”
In January 2020, California’s Senate Bill 327 enforcing mandatory basic IoT security controls becomes law. While Australia has yet to introduce such legislation, the work being done by both government and private sector agencies includes the same challenges that Bill 327 aims to address. Importantly, we do not need to wait for local regulatory change before taking steps to address IoT-introduced risk.
To address the risks connected IoT devices pose, it is important organisations come up with a strategy that will ensure every device is monitored and managed to optimise both device performance health and security posture, while also dynamically embracing new IoT deployments or changes.
Four key considerations for consistent management and security of IoT devices to embrace their benefits are:
- Have an overview of all devices on the network. Visibility is the key for vast, interconnected networks with tons of devices joining at all times. It’s important to find a solution that will discover and monitor any device, anywhere on the network and look closely at its activity, performance health and security hygiene. Equally important is the ability to see every connected device and determine any deviation from the norm, without relying on endpoint agents. Whenever there’s something new or unusual happening, the organisation should be the first to know.
- Have the ability to act quickly across many devices simultaneously. Missing firmware patches can expose IoT devices to malware. Organisations should employ a system that can reduce management overheads by automating processes such as identifying all non-compliant devices on the network and updating them. This not only benefits the organisation’s IT, security and business operations but it also safely allows for new innovations. The key is to set intelligent policies that drive remediation actions automatically when anomalies or non-compliant devices are detected.
- Have richer IoT data and utilisation. Organisations need comprehensive and cohesive contextual insight that combines multiple methods to gather: device type, classification, function, location, security profile, performance health, firmware version, etc. While point-in-time data collection may be helpful, it is not sufficient to truly combat risk. Collecting data in real time provides situational accuracy to apply policies against and address issues immediately as they arise. Continuous real-time data collected over time enables more accurate baseline setting and anomaly detection. The more contextual IoT device data organisations can gather; the more granular security policies can be created and the more confident organisations can be in automating effective policy-driven actions to more proactively mitigate and remediate risk without negatively affecting operations.
- Have consistency, agility and scalability. IoT devices keep coming and going and can be deployed by different departments or business units, sometimes without the IT team’s awareness. Organisations need the ability to dynamically discover, identify and continually assess devices upon connection. Also, upon connection, devices should be immediately onboarded into a consistent platform to cohesively manage, monitor and secure them all at enterprise scale to reduce security gaps and management costs. Being able to automate processes including real-time device discovery, onboarding, compliance enforcement and remediation will definitely help organisations deploy new IoT innovations while simultaneously minimising risk.
Steve Hunter said, “It’s important to build a consistent, dynamic solution that lets organisations embrace the storm of IoT innovations without increasing risk.”