In a galaxy not so far away loads of Internet of Things devices are showing up on corporate networks. Business networks are being invaded by security cameras, projectors, Thermostats, Coffee Machines, iPads, headsets and all sorts of new IP enabled devices without much thought of security.
In 2016 we all witnessed the rise of IoT botnets, as tens of thousands of CCTV cameras and DVRs were compromised and used to launch massive DDoS attacks, some above 500Gbps. Arbor Networks tracked the activity of many of these IoT botnets and found that these large attacks are just the tip of the iceberg, more than 11,000 DDoS attacks were launched by IoT botnets between November 2016 and February 2017.
So What are IT pros doing about it?
32% of IT Pros are proactively taking measures to deal with IoT invasion.
43% of IT Pros are relegating these devices to a separate network.
60% of IT Pros are investing in better infrastructure and security.
12% are investing in management tools for IoT.
What are some recommended steps to combat the security risks?
- Education - Users need to be educated about the risks of wearables and other devices that are brought in on the corporate network.
- Expand Network Capacity - Fiber is more readily available and IoT is not going away so you need to increase bandwidth to accommodate the additional devices and traffic before critical traffic is bogged down. Fiber Internet and even private fiber links is the best way to improve bandwidth.
- Network Security - This includes changing the default manufacturer passwords, disabling default services that aren't needed, and generally exercising sensible security practices. Isolating IoT devices is also important. Many don't require access to the entire network or the internet, so it is good practice to only allow them to connect to the infrastructure they need.
- DDOS Strategy - Organizations can defend against DDoS attacksby using a best-practice, multilayer DDoS protection strategy. This strategy includes both on-premise and cloud based components. On-premise solutions allow businesses to immediately detect and mitigate attacks before there is any service impact. However, on-premise solutions can't handle the increasingly common, large attacks that can saturate internet connectivity. This is where the cloud based service steps in to deal with the higher magnitude attacks.
The IoT is transforming our world. It is an enabling technology that offers many uses and benefits. The use-cases will only broaden as technology matures. Gartner predicted there were 6.4 billion connected things worldwide in 2016, up 30 percent from 2015, and predicts 20.8 billion by 2020. Business networks are being are experiencing an invasion of IoT devices and as the number of devices increases so does the threat to businesses. Companies need to proactively prepare for the growing IoT trend in order to avoid disaster.
To read other articles about how IoT is effecting business...