macrovector - Fotolia

Tip

Answering the top IoT risk management questions

Vulnerable IoT devices are commonly installed on enterprise networks, putting IT on the lookout for security issues. Here are answers to the biggest IoT risk management questions.

Considering the number of IoT devices that are expected to be installed on enterprise networks, odds are that IT admins will have to deal with an IoT breach at some point in their career.

Many low-cost IoT devices use hardcoded passwords, weak authentication mechanisms and insecure encryption keys. Also, it's common for IoT devices to run on poorly written firmware rife with vulnerabilities. It's critical that IT security personnel closely monitor their deployments to be certain they haven't been compromised and have the answers to pressing IoT risk management questions.

What are the best IoT hack prevention methods?

Preventing IoT from getting hacked in the first place should be a top priority, but detecting a breach that has already occurred is just as important. For businesses that understand the importance of IoT risk management, they're looking to AI-based network detection and response (NDR) technologies to monitor IoT device behavior and alert security staff when the AI detects changes to baselined behavior.

IoT security challenges

These NDR platforms monitor the entire network and all endpoints that connect to it, but interest in these tools is growing within enterprises because of what they can do from an IoT monitoring and risk detection standpoint. Most platforms work by collecting packet data as it traverses the network. metadata is then extracted from the packets and analyzed to identify and categorize all devices. This step alone provides visibility to security administrators that may not be aware of what types of IoT devices are on the network.

Once devices are identified and categorized, NDR will continue monitoring packet and flow information to build a network baseline for each IoT device. This baseline includes details on where the IoT devices reside, what they communicate with on the network, and at what frequency and rate those communications occur. If an IoT device does get compromised, its network communication behavior changes. The NDR platform can identify that change and quickly alert security staff of the potential threat.

What are the risks of running IoT devices on 5G?

At first glance, 5G and IoT are a marriage made in heaven, and in most cases, this is true. As 5G is becoming more widely available in the United States, many enterprise IT leaders are seeking to use 5G to extend their IoT reach in a way that was previously not possible. Considering 5G's throughput capabilities, low latency and dense coverage capabilities, expect businesses to use 5G to deploy IoT devices that can take advantage of these benefits. That said, there are a few risks that emerge when combining the two technologies.

The traditional secure enterprise network perimeter will not be able to protect IoT devices that reside outside the corporate network.

5G does introduce several useful security advancements, such as stronger authentication, encryption and the ability to create network segments to protect data as it traverses the carrier's wireless network. But it's important to remember that this is a new technology, and there are likely to be unforeseen bugs and vulnerabilities.

Second, note that, as enterprise organizations begin deploying IoT devices on carrier networks, many of the traditional network-centric security measures may not be available at the IoT edge. The traditional secure enterprise network perimeter that consists of firewalls, intrusion prevention systems and other security tools will not be able to protect IoT devices that reside outside the corporate network boundaries.

Last, the sheer number of IoT devices being deployed on 5G carrier networks should give IT leaders pause. There are plenty of IoT devices that don't have the proper level of baked-in security. If hundreds of thousands of IoT devices are simultaneously compromised and used as a botnet, similar to what happened in 2018 with the Mirai botnet, there is the potential to bring a 5G network to its knees, even with the added security features that come with 5G.

That's why the enterprise IT security industry has been busy deploying new, AI-powered IoT monitoring and threat detection tools. Without them, organizations won't have the necessary visibility to know when IoT devices have been compromised. Additionally, a great deal of effort will be needed to segment IoT devices from the rest of the network and the internet. If mistakes in security policy are made, it could be disastrous.

Is it safer to run IoT on premises or in the public cloud?

IoT architectures consist of two primary components. First are the IoT endpoints. These devices commonly serve to collect data such as temperature readings, inventory counts, surveillance video, etc. These devices are often deployed both inside and outside of the corporate network.

The second component is the intelligence services behind the IoT platform. IoT endpoints send data to a centralized collector, where the data can be used and analyzed in any number of ways. The collection and analysis portion of the IoT platform can be deployed on premises or inside a public cloud service provider's network.

Thus, the question of whether it's safer to run IoT on premises vs. in a cloud service provider's network is not an easy one to answer. In some situations, it might make more sense to collect, store and analyze data within the confines of a private network. This is especially true if the data being collected is highly sensitive in nature. Many business leaders feel more comfortable knowing that this sensitive data is being managed by in-house IT staff, as opposed to a third-party service provider.

That said, IoT data is only as secure as the infrastructure it operates within. Your organization might struggle to find and keep the necessary IT security administrators, or business leaders may be unwilling to spend money on security infrastructure. Therefore, shifting IoT management and security roles to a public cloud provider may be the safest choice.

In fact, many IoT platforms offer customers a choice on whether they want to deploy an IoT platform inside their own data centers or in a fully managed cloud using a SaaS model. SaaS products are typically considered highly secure for most data collection and analysis situations. It's no wonder why SaaS-based IoT is becoming so popular.

Another popular choice for enterprises is to simply deploy IoT platforms through their IaaS cloud provider. Customers can access cloud marketplaces to purchase and deploy virtual IoT appliances in their existing IaaS cloud. Additionally, many of the larger cloud providers are beginning to offer their own IoT services. This is a great option as it provides the right balance among control, security and low upfront cost.

Dig Deeper on Network security