Ashur Kanoon

-October 1, 2018

A smart device doesn’t mean a safe device

In 2016, the number of smart devices shipped was 60 million. By 2020, this is projected to grow to 31 billion worldwide. While these devices are often marketed as enabling the Smart Home, these devices are finding themselves on enterprise networks. Why should that concern your network security team?  Simple, because smart, unfortunately, doesn’t mean safe.

Smart devices have default passwords. Most smart devices come with a default password that is used during initial configuration. In some cases, these passwords are never updated and have been used in the past.

Smart devices are running software that you’re not sure about. Smart devices have embedded software systems that may or may not be Linux-based. While these devices are supposed to perform certain functions, what it really does is not always known. In some instances, smart devices have been known to be doing many things that compromise security.

Smart devices may need to connect to outside services. This connectivity is sometimes needed to update software, and sometimes needed to do its job. For example, a Nest camera may be connecting to Nest Aware for continuous video monitoring.

So, what can you do and how can Pulse Secure help? First, recognize that you’re not going to know about everything on your network. Policies and the trust system only get you so far.  Having an active Profiler, like you’d find in Pulse Policy Secure, will automatically use all of its active and passive methods to discover, classify, and create an audit trail for everything connected to your wired, wireless, and remote networks. These discovery methods will also help you find systems still using default passwords and will flag it for the admins.

Once the device is on your network, leverage Pulse Policy Secure’s NGFW integration to provide access to the outside ports and services needed only. Everything is blocked. When devices are using trusted and known ports, leveraging NGFWs or Pulse’s vWAF can also do deep packet inspection and in some cases notify the access-layer in your network to further segment the device or completely kick it off the network for good while letting your admin know where they can find the device to investigate further.

To experience how quickly you can discovery devices on your network and using simple enforcement via SNMP, download and install the trial version of Pulse Policy Secure here.