Is the Internet of Things (IoT) helping or hurting us? Regardless, IoT is rapidly becoming pervasive throughout our business and personal lives, and there’s no end to its growth in sight. Our corporate buildings, hospitals, industrial control systems and critical city infrastructures are host to countless heterogeneous connected things, or devices. Oh yes, and we now have “smart” assistants in our homes listening and ready to “help” us. These exciting new “smart” devices provide services and functionality that require network connectivity to move the data or images they capture to and from their receiving management systems and end-users. This connectivity often occurs via the Internet to enable services and allow for remote management capabilities by corporate resources or third parties.
The combination of so many different types of IoT devices, unique management interfaces, varying network architectures, unpredictable network access and random deployments by various groups, creates the perfect storm of potentially uncontrollable risk and management inefficiencies. We have to somehow balance the need to holistically manage and secure these devices (aka potential threat vectors) without slowing the pace of innovation. Even seemingly innocuous heating, ventilation, and air conditioning (HVAC) systems and lighting that are part of building automation system (BAS) can cause risk exposure, as explained in fascinating detail in this research paper. Despite efforts to resolve at the vendor level, a myriad of the affected BAS devices tested in this research are still available online and can be exploited because they run unpatched firmware. It’s easy to understand why facilities managers may unknowingly increase security risk. This story is similar across many forms of IoT.
To address the risks these connected IoT devices pose, it’s important to come up with a strategy that will ensure every “thing” is monitored and managed to optimize both device performance health and security posture, while also dynamically embracing new IoT deployments or changes. Here are four key considerations for taming the tornado of IoT devices to embrace their benefits while reducing the headaches and harm they may cause.
- You must see all connected things and what they’re doing on your network to reduce risk
Visibility is the key for vast, interconnected networks with tons of devices joining at all times.. It’s important to find a solution that will discover and monitor any device, anywhere on the network and look closely at its activity, performance health and security hygiene. Equally important is the ability to see every connected “thing” and determine any deviation from the norm – without relying on endpoint agents. Whenever there’s something new or unusual happening, you should be the first to know.
- You need to be able to act quickly – even across many devices simultaneously
The aforementioned research paper exposed the fact that missing firmware patches can expose IoT devices to malware. What happens if that’s the case for thousands of devices in different network locations? Do you know where all the non-compliant IoT devices actually are on the network? Do you need to send someone to each location to apply the patches or update the firmware? Can you easily control the network access of all these risky devices until they’re remediated? Are your teams even monitoring for such issues as missing patches, out-of-date firmware or other indicators of compromise (IOCs) on IoT devices? Reducing management overhead by automating processes that both answer and respond to these questions not only benefits your information technology (IT), security and business operations, it also safely allows for new innovations. The key is to set intelligent policies that drive remediation actions automatically when anomalies or non-compliant devices are detected.
- The richer the IoT data and utilization, the greater the security, performance and innovation
As they say, “data is king”. To manage, secure and innovate with the IoT is no exception. And we’re not just talking syslog data. You need comprehensive and cohesive contextual insight that combines multiple methods to gather: device type, classification, function, location, security profile, performance health, firmware version, etc. While point-in-time data collection may be helpful, it is not sufficient to truly combat risk. Collecting data in real time provides situational accuracy to apply policies against and address issues immediately as they arise. Continuous real-time data collected over time enables more accurate baseline setting and anomaly detection. The more contextual IoT device data you can gather, the more granular security policies you can create and the more confident you can be in automating effective policy-driven actions to more proactively mitigate and remediate risk without negatively affecting operations.
- Consistency, agility and scalability helps safely embrace the future
IoT devices keep coming and going and can be deployed by different departments or business units, sometimes without the IT team’s awareness. Organizations need the ability to dynamically discover, identify and continually assess devices upon connection. Also upon connection, devices should be immediately onboarded into a consistent platform to cohesively manage, monitor and secure them all at enterprise scale to reduce security gaps and management costs. Being able to automate processes including real-time device discovery, onboarding, compliance enforcement and remediation will definitely help your organization deploy new IoT innovations while simultaneously minimizing risk.
Visit Forescout in the VMware Edge™ and IoT Zone at VMworld 2019 in San Francisco Aug. 25th – 29th
It’s important to build a consistent, dynamic solution that allows you to embrace the storm of IoT innovations without increasing risk. Speaking of innovation, come visit Forescout and VMware in the VMware EdgeTM and IoT Zone (Booth #1255 right next to main VMware booth) at VMworld® 2019 to see a live demo of how we’re simplifying and securing IoT. Plus, learn more at our joint VMworld® IoT technical breakout session on August 29th at 9am. Hope to see you there!