How to secure IoT-driven network in three steps

Contributed Article
May 10, 2021 7:50 am
Jacob Chacko, Regional Business Head - MESA, HPE Aruba.

The Internet of Things, IoT, is more than just the next stage in technical development. For many businesses it represents a valuable source of data which can be used to gain new insight into processes, operations, and customer activity. Offering the potential to spot and fix inefficiencies, identify new revenue streams, and much more, it has real economic potential for those who are able to correctly develop, network and generate an investment return.

However, crucial to the realisation of this potential is security. As the breadth and complexity of devices on the network continue to grow at a staggering rate, many organisations are struggling to secure this rapidly expanding attack surface. If they are unable to get a handle on the situation, then it will prove difficult to tap into the efficiencies and outcomes which make any IoT investment worthwhile.

Of course, this is not the first time IT teams have faced a device-based security challenge – the rise of BYOD and remote working both introduced an influx of mobile devices into the business environment for IT to deal with. And the way we got through it then is the same as we will now – by taking three simple steps to ensure a secured network.

#1 Put simply, you cannot secure what you cannot see. Before you can take any other steps, it is crucial that you are able to accurately map what devices are connected to your network, who is operating them, and how and why they are connecting to your network. As well as getting a handle on your own official devices, shadow IoT, whereby staff connect devices to the network without informing IT teams or taking necessary precautions, is also something you must consider.

With many of today’s devices built with generic hardware and software or coming from emerging vendors who do not follow standards; discovery, profiling and identification is proving more and more challenging. And if you cannot figure out what something is in order to label it good or bad, how can you create a reliable profile and keep operations moving?

The answer is to increase our focus on context and machine learning. If we cannot rely on being able to identify exactly what is using our network, we need to look at the behaviour of the device instead. In many scenarios a combination of what protocols a device is using and what data, applications, or URLs it is accessing is the only way to build up an accurate picture of what the device is, and whether the device is malicious.

#2 AI is also important in the next stage of securing IoT, enforcing policy. Today’s IT teams need closed-loop, end-to-end access control from the moment a device joins the network. Given the sheer quantities of IoT devices, however, manual intervention is no longer practical.

IoT devices are likely to be operating around the clock, or with some devices connecting at non-specific times to carry out a task before returning to sleep mode. If a heart monitor on ward B begins to transmit its data to a network across the country at 3AM, the reality is that a manual monitoring process is highly unlikely to catch the transfer in time for the device to be quarantined and investigated.

Instead, deploying AI allows teams to develop policies that leverage context, such as the user role, device type, certificate status, and location or day of week, to make quick and accurate decisions every time. When an IoT device joins a network or starts to act suspiciously, it can be automatically segmented, keeping traffic separate and secure, with the policy consistently enforced across wired and wireless networks.

Machine learning-based analytics can also build baselines for normal functioning of IoT devices – like authentication, remote access, and internal access to high-value resources and cloud app usage – across network and log data.

#3 Once you have used the above steps to allow a device onto your network, you cannot just leave it unchecked. You can only accurately enforce and create a relevant and applicable access policy if you are continually monitoring activities. Active monitoring is essential to keep your network secure, looking for authenticity, new behaviours, and new vulnerabilities, profiling and analytics are key here.

Jacob Chacko, Regional Business Head - MESA, HPE Aruba.
Jacob Chacko, Regional Business Head – MESA, HPE Aruba.

A friendly device may not always be friendly, and you should always be on the look out for recognised devices acting in unusual ways or trying to access different parts of the network. Security is a constantly evolving and changing landscape, and unfortunately the job will never be done.

The advent of IoT has the potential to revolutionise business critical applications. We should not shy away from this potential because of concerns about risk instead, we must plan, adapt, learn, and secure. This is crucial to enabling the huge potential of this technology to be realised.

By setting up comprehensive visibility as an essential foundation, and then building machine learning and artificial intelligence on top of it, teams can stay one step ahead, and reduce the escalating number of risks facing the business. Security is not a barrier to IoT adoption, it is the cornerstone for successful adoption.

Key Takeaways:

  • Security is not a barrier to IoT adoption, it is the cornerstone for successful adoption.
  • The advent of IoT has the potential to revolutionise business critical applications.
  • Active monitoring is essential to keep your network secure.
  • We should not shy away from this potential because of concerns about risk instead, we must plan, adapt, learn, and secure.
  • Security is a constantly evolving and changing landscape, and unfortunately the job will never be done.

Jacob Chacko of Aruba writes about three simple steps to protect the IoT-driven network and how security is the cornerstone in its successful adoption.

Tags: