Security at the Device and Network Level is Critical to the Successful Operation of IoT
The Internet of Things is ubiquitous. It’s now so entwined in our lives that many of us do not even realize how many daily interactions we have with IoT devices, which can be as simple as voice-commanding the living room lights or as complex as modifying settings in an industrial plant. The promises delivered by this exciting technology sector are a key pillar in the fourth industrial revolution – one in which data drastically improves the efficiency of our businesses and organizations.
However, we can’t march forward blindly without addressing the unique security, privacy and compliance challenges the technology presents. Protecting the millions of IoT devices expected will require secure provisioning and connectivity of the cloud for the bits of data traversing the network. Working against such a utopia of functionality however, are resource-constrained devices and the highly distributed nature of the IoT model that makes it more susceptible to external threats.
Given these security concerns, choosing the right IoT security strategy will be mission critical. Enterprises need to completely rethink the way they manage security across internal and external elements. Just recently, we saw hackers meticulously implement a power outage hack in the Ukraine. This was part of a widespread and coordinated series of cyberattacks and served as a stark warning to countries around the world that they need to protect their critical infrastructure. We’ve also seen the power of IoT vulnerabilities come to light during last year’s Mirai DDoS bot attack against domain-name service providers.
Safeguarding emerging IoT ecosystems involves embedding visibility and protection into the fabric of the IoT network. The only solution is to take a security-first approach, embedding it to leverage the network itself, both to enable real-time monitoring, and to provide defense and protection. The network sees every piece of data created by the business, third parties and even hackers – leveraging this data enables a strong and dynamic security posture for the business, preventing hackers from gaining access to, manipulating and stealing high value business information.
Building Security from the Bottom Up
Stitching together individual pieces of IoT software and services provided by a variety of vendors introduces gaps in security, privacy, transparency, and compliance which may be hard to detect, let alone fix. On top of that, the state of perimeter defense has long been ineffective, posing threats from all corners of the network.
Let’s back up for a moment. Perimeter defense is based on the trust/no trust model – trust what’s inside the network, don’t trust what’s outside coming in. This model is no longer pertinent nor sufficient, especially in an IoT world as both the software embedded in IoT devices can be a Trojan horse. Advanced threats can easily bypass traditional perimeter security defenses, enter trusted areas and stay there undetected for as long as they want. That greatly increases the surface area of an attack because the perimeter has now been dissolved.
Businesses need to look to their networks not just to connect IoT devices, but to leverage for solutions and strategies to help secure their overall use and mobility. More importantly, networks themselves and the operators responsible will need a more unified defense mechanism across multi-vendor environments and private and public clouds that not only isolates these rogue devices but has the intelligence to defend itself. Here’s how a network first approach works:
● Holistic network approach for threat detection and enforcement: The network can make up for shortcomings in the devices and platforms themselves; or, where it is present, work in collaboration with their native security functionality. Deeper visibility into IoT devices’ network utilization and behavior improves both network management and network security. More effective protection, more active and dynamic use of edge network devices to implement security policies has two main benefits. It moves enforcement closer to the problem to increase security responsiveness; and it can also take some of the load off centralized solutions.
● Leverage the economy of the cloud to share threat intelligence at scale and accelerate threat detection to make it adaptable in real time. A cloud security provider can examine network traffic for known attack patterns and pass only legitimate traffic to the application layer. This allows the solution to stop attacks in the cloud before they reach the target agency’s data center or applications.
● Automate the network end-to-end with endpoint security to adapt and enforce policy in real time to improve both compliance and business agility. To understand normal traffic flows and therefore spot threatening variations through analytics solutions, data is needed at every level and segment of the network; from edge to edge. Solutions that abstract insights from network automation tools can quickly turn vast amounts of log files into meaningful, actionable data and dynamically pinpoint problem areas in a sea of information.
● Drive intelligence: The network can help with IoT security by providing broader and deeper visibility into the network utilization habits of IoT devices. Granular and historical monitoring data allows analytics tools, whether built into the network or simply drawing data from it, to establish a baseline for normal activity and thereafter spot anomalies and threats as they start to materialize.
Security at both the device and network level is critical to the successful operation of IoT. The same intelligence that enables devices to gather data or perform tasks must also enable them to preemptively recognize and counteract threats. And that means developing a comprehensive security platform that can tie together and coordinate various threat analytic platforms.
With the damaging costs of cyberattacks for small businesses to global enterprises, security needs to be part of every
IT business initiative. Above all, it’s imperative to be able to leverage the entire network, not just the perimeter, as a threat detection and enforcement solution. The strategies currently in place must be properly audited and sufficiently fortified if IoT is truly going to become the next game changer and not just another headache for business.
