1 Feb 2017

According to research firm Gartner, by the year 2020, each of us will each have 26 connected devices that gather, send, and correlate data, and which will demand a new security management approach.

The IoT (internet of things) demands that organisations review and prepare their network security stance. According to various industry commenters, almost all of such connected devices are using on complimentary software components. This opens up a wider scenario of security risks especially for enterprises, where employees will sync their personal smart devices, connect to the corporate WiFi network and even remotely connect to the cloud-based services deployed across the corporate network.

To generally combat security threats, many solution providers are using thousands of unique combinations of software, and implementing dozens of technologies (WiFi, Bluetooth, NFC, zigbee, RFID, etc.) on billions of new devices.

However, many security commenters believe that the traditional approach of layering security onto basically unsecure devices will no longer possible as IoT devices are “headless”.

Headless devices cannot be patched, updated, nor have a client installed on them. Instead, enterprise security professionals need to adopt a vastly different security strategy, said one of the security commenters, Michelle Ong (pic below), who is also country manager for cybersecurity specialist Fortinet Malaysia.

The 1980s approach

“The emergence of IoT is pushing security from being a network afterthought and bolt-on technology to an integral, persistent, omnipresent part of the network,” said Ong. “The 1980s approach – to install an MDM client on smartphones and tablets, which we still do today – just isn’t an option for IOT devices any longer.”

“Secured, trustworthy networking is preferred over networking plus security,” she said. “To limit the scope and exposure of an exploited device, we now need to create even smaller security domains.”

Ong added that network security professionals should adopt the following strategies when “bracing for the tsunami” of data and devices:

1. Control network access
The vast majority of these new IoT devices are headless, so one needs to weed out high-risk, compromised or unauthorized devices and traffic before letting them enter your network.

2. Assume you will be breached
Most organisations spend the majority of their security dollars on building a better front door. Instead, those resources need to be shifted to actively monitoring your network and identifying anomalous behaviour inside your perimeter.

3. Intelligently segment your network
The attacks that do the most damage are the ones that can move freely inside your environment once perimeter security has been bypassed. Secure internal segmentation ensures that a breach is limited to a small area of your network, and that attempts at unauthorized lateral movement can be detected. It also allows you to quickly identify infected devices for quarantine and remediation.

4. The answer to complexity is simplicity
It is important to use tools that scale dynamically, are provisioned easily, and that work together as a cooperative security fabric in order to share threat intelligence from across the company’s distributed environment and coordinate a response to a threat.

“IoT needs economical security inspection services at the actual connection point for every device, as opposed to trying to funnel all traffic through a small number of typically over-burdened systems that are hard to maintain and upgrade given the continued expectation of always-on, always available connectivity,” said On.

Source: MIS Asia