Vikram Navali

-June 27, 2017

Prevent Threats of IoT from Sneaking Past Your IT Team

The Evolution of IoT

Business and consumer industries have witnessed an unprecedented growth over the last couple of years. This growth, primarily driven by evolution of technologies, provides a huge opportunity for organizations of all verticals but also presents a new set of challenges. IoT (Internet Of Things) evolved due to an increasing number of Internet users, demand in interconnecting devices, and exchange of data through a means of common channel or medium.

As the number of device connections increases with the advent of IoT, there is a serious concern at every enterprise to quickly identify the source of threat and mitigate the risk of exposing an organization’s sensitive data and information. It is now becoming a critical and top priority task to implement security policies to protect confidentiality and data through strong endpoint visibility and enforcement. Check out our strategy on securing IoT in enterprise environments.

IoT can be divided into 3 categories, based on usage and client base:

  • Consumer IoT – includes connected devices such as smart cars, phones, watches, laptops, connected appliances, and entertainment systems
  • Commercial IoT – includes things like inventory controls, device trackers, and connected medical devices
  • Industrial IoT – devices like connected electric meters, waste water systems, flow gauges, pipeline monitors, manufacturing robots, and other types of connected industrial devices and systems

According to Gartner, in 2016 there were more than 5.5 million new things connected every day, totaling 6.4 billion connected things worldwide,  an estimated 20.8 billion devices connected by 2020.

The Risk Factor

Some of the common IoT attacks include DDoS (Distributed Denial-of-Service.) This type of attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers with network traffic. Such an attack is often the result of multiple compromised systems (for example, a botnet.) A botnet is the primary method of compromise of IoT devices, used to perform DDOS attacks, steal data, send spam, and allow the attacker access to the device and its connection. DDoS is becoming more common and frequent. Read how two major U.S. Law Firms fell victim to DDoS attacks.

Pulse Policy Secure to the Rescue

Pulse Policy Secure provides endpoint profiling with techniques (Nmap scanning, DHCP Fingerprinting) to determine the endpoint connections of IoT devices on the network. Profiler uses MAC based authentication to profile endpoints on the network and categorize based on the MAC address, IP address, location and type. It also allows admins to configure role-mapping rules based on the device attributes and create regular expressions in the role mapping rules to detect spoofing attacks.

For example, if a device such as an IP camera or Printer has been profiled and categorized to the appropriate role and later the same device behaves differently, it is detected. Profiler applies the configured enforcement policies to mitigate the threat of IoT access and automatically remediates based on a restricted VLAN that admins have configured.

 

Are you prepared for the future of IoT? Do not wait until 2020 when an estimated 20.8 billion devices will connect worldwide. As technologies advance, it’s our responsibility at Pulse Secure to deliver Secure Access solutions for people, devices, things, and services. Pulse Secure’s Pulse Access Enterprise Suite (which includes Pulse Policy Secure) will prepare you for the future of IoT. Meet us half way to secure your networks in the landscape of IoT.

For more information please visit www.pulsesecure.net.

Check out the Pulse Policy Secure video:

 

References: 

http://iot.ieee.org/newsletter/march-2017/three-major-challenges-facing-iot

http://www.gartner.com/newsroom/id/3165317

 

 

 

Categories