3 steps to secure your network for the Internet of Things

everything connectedThe number of devices that rely on network connectivity to do their jobs is skyrocketing — mobile-connected devices will outnumber people in the world by the end of the year, according to Cisco. All those smartphones and tablets are improving productivity and access to data, but they can also become security risks that open your network to attacks. The vulnerability of network connections has always been a problem, but the more devices are linked, the more risks you’ll have to manage, and the more stringent your security will have to be.

No potential threat is greater than the Internet of Things (IoT). As the IoT takes hold in organizations, it will exponentially multiply the number of devices on your network, connecting everything from thermostats and HVAC systems to vehicles and manufacturing equipment. Experts expect 26 billion connected units by 2020.

Every organization is facing the inevitability of the IoT and must take a stand against future security risks now. Here are three things you should do to take control of your connectivity and head off any risks as we brace for an explosion of devices as part of the IoT.

1. Awareness. You must understand what device connectivity exists on your networks — either through a wired network port or a wireless connection. It’s important that your organization has a policy and a process for introducing new connectivity to the network, whether through a tablet, virtual private network (VPN) tunnel, or wireless carrier. Organizations at higher levels of the IT operational maturity model must document and monitor these connections as part of their governance, risk management, and compliance (GRC) program.

2. Identification. Your organization should have the technical ability to identify what is connected to your network. Organizations can do this through regular network discovery sweeps, annual vulnerability assessments, and more. These activities seek to identify rogue or unauthorized devices before they negatively impact your environment. Additionally, there are many technical controls, such as security information and event management (SIEM), intrusion detection systems (IDS), intrusion prevention systems (IPS), identity- and application-aware next-generation firewalls (NGFW,) and unified threat management (UTM), that provide robust automated reporting. It’s important to note that identification is a continuous process. Not only does it require regular reviewing, it also requires recurring tune-ups in all but the most static environments.

3. Control. Connectivity needs to be managed with operational and security controls. Everything from port security to identity- and application-aware appliances should be deployed to restrict privileges and connectivity where necessary. These should be supported by a change management and control program that gives IT and operational departments the visibility they need to effectively and securely introduce new communication channels to the network.

Though there are benefits to allowing fleet tracking, personal fitness, facility infrastructure, and other connected devices in your organization, this communication can pose a threat to your environment that, if left unchecked, could wreak havoc on your organization’s security.

With new devices being developed and introduced to your environment daily, now’s the time to make sure your security protocols are updated to handle the IoT. SHI’s security architects can help your organization handle this growing threat. To speak to someone about evaluating the security of your IT environment, as well as introducing controls that can help prevent a data breach, please contact your local SHI account executive or email SecuritySolutions@SHI.com.

You may also be interested in:

3 takeaways on the future of IT from Dell EMC World Dell and EMC’s merger was the largest ever in tech, and created the new Dell Technologies. We finally saw the “super” IT company at last month’s Dell ...
3 perimeter security challenges, and how organizations can fix them IT administrators have plenty of perimeter security tools at their disposal, from firewalls to spam filters to intrusion detection solutions. But desp...
4 must-see technologies at Cisco Live 2016 The holy grail of IT might be the single pane of glass, but it eludes many IT professionals because of all the segmented technologies and platforms th...

Submit a comment:

Your email address will not be published.

Please note: All comments will be moderated

4 − 1 =