Today’s IoTruth is: Traditional security approach using agents will work fine in the world of IoT
Well, let’s start talking about agents. Agents are a little piece of software that companies typically put on your computer to protect your device. If you look on your computer, you’ll likely see a logo of one of the big vendors in the space. They’re able to use software to secure your device: to be able to see it and to fully manage it.
It works just perfectly for these types of these devices because, frankly, there’s only a few operating systems in the world. You have Windows, Apple, and even your cell phones are all Android or iPhone for the most part. The problem with the Internet of Things (IoT) is there’s a huge proliferation of devices. Let’s take a look:
Here’s this big bad boy [pats printer]. To start, it’s a great printer. This actually has a computer in it and quite a bit of computing power. But let’s figure out: Where would I put an agent in here? Where’s the keyboard? Where would I actually install anything in this machine? And let’s assume I actually could do that, was able to install it. What happens on the other vendors of printers in my environment? They’re all going to be different operating systems. And, that’s just the printers.
Now imagine all the IoT devices you have in your organization. And how many different types of agents you would need. Most of these devices actually do not allow you to install the agents. So you have a problem of proliferation of devices and OSs that are closed, and you have a problem of scale. You simply can’t manage this because the number of devices are so broad and so different from each other.
So the IoTruth for today? The traditional agent security approach does not work for IoT. You need to take an agentless approach. You need to use that approach to get full visibility of all your devices and be able to control and secure these devices so you can access them properly.