Why securing IoT devices at the network level is key

Why securing IoT devices at the network level is key
Simon has a long history in Cyber Security, Networking and Information Technology in general, and has spent most of his career in global sized organisations both in the private and public sectors including 12 years at a international law firm. Simon heads up iboss engineering services for the EMEIA region and also advises customers and executives on cyber and IT security strategies relating the iboss cybersecurity platform. Simon has held various certifications throughout his career, is a Certified Information Systems Security Professional (CISSP), and a member of the Institute of Information Security Professionals (IISP)

Gartner estimates there will be 25 billion devices connected to the Internet by 2021. Even today there are almost twice as many internet-enabled devices than there are people. IoT is already enriching our lives, adding convenience and efficiency but from an organisational perspective, it’s become difficult to manage. Not least, the sheer variety of devices is overwhelming.

Many IoT devices are not secure ‘out of the box’ with easily ‘guessable’ default passwords and require a level of technical expertise before they should be plugged into the network. How can any business be certain that this is taken care of, particularly when many IoT devices will be installed by third parties such as a contractor?

Bring your own IoT device 

And just as ‘bring your own device’ has brought challenges for IT departments, the same is true for IoT. Walk into almost any office and one will typically see a plethora of IoT devices that are potentially unmanaged by the IT organisation such as WiFi music speakers, smart assistants and iPad-enabled coffee machines. Yet these devices should be treated in the same high-risk category as laptops and mobile devices with network controls put around them. 

The IoT security debate is now supercharged

This debate has been supercharged by the rollout of 5G – seen as a crucial enabler to the next generation of IoT devices. One manufacturer, Huawei has already been ‘banned’ from certain countries such as the United States and Australia from operator networks given concerns over state involvement and the what some fear could lead to data ending up in the hands of a foreign power. And fears of state involvement in IoT are not unfounded given that Microsoft has recently claimed to have observed a high-profile suspected Russian state-sponsored hacking group known as ‘Fancy Bear’ to be actively attacking businesses through devices including a VOIP phone, office printer and video decoder.

The security concerns are therefore fundamental – at both device and network level. How do we solve this?

Managing IoT devices at the network level

Securing IoT devices can only be done at a network level. Whilst configuring every endpoint to make it as secure as possible should be a necessity, it’s unrealistic to presume that this is practical or that there won’t be a weak link in the chain that can’t be exploited. Instead, the focus should be on monitoring network traffic to ensure that is reaching its intended destination so that intrusion can be quickly detected.  Most IoT devices have the benefit of being predictable in their day to day function and behaviour. Take an Echo device – it will typically only exchange data with an Amazon server. A coffee machine will typically only activate when it needs to order supplies. This consistency makes it a little easier to spot changes in behaviour which could then be flagged as a potential issue. 

Firms should aim for a single ‘pane of glass’ – a management console that presents data from all IoT devices in one place. At a network layer, this means directing all IoT traffic to the cloud via secure ‘tunnels’ that are entirely independent of the network carrying them. Cloud connectors are agnostic of the network they sit on – it doesn’t matter whether its 5G, 4G or fixed broadband, traffic is securely routed to cloud security gateways so that destinations can be checked as safe, content can be checked for malicious data, and behaviour can be monitored for anomalies and risk levels.

By managing traffic in this way, it is possible to restrict IoT traffic only to destinations that are authorised and safe mitigating risk of these becoming compromised. Most attackers would seek to try and redirect network traffic to a phishing URL or watering hole but polices can be enforced that would restrict network traffic to only trusted websites or IP addresses, providing an essential security layer against both cybercriminals and nation-state actors.

Another approach firms could adopt is to check that devices are not sending traffic to known bad destinations with systems integrated with ‘lists’ including Indicators of Compromise (IOC), collated by security industry professionals and vendors. These approaches can be further supplemented by using artificial intelligence that over time can take an even deeper analysis looking into how IoT devices ‘behave’ so that anomalies can be quickly identified and remediated. This approach almost means that organisations can scale securely as much as they need to and for whatever the next generation of IoT will bring.

 Interested in hearing industry leaders discuss subjects like this? Attend the co-located 5G Expo, IoT Tech Expo, Blockchain Expo, AI & Big Data Expo, and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London, and Amsterdam.

View Comments
Leave a comment

Leave a Reply

Your email address will not be published.