In a report from the NASA Office of Inspector General, hackers gained access to the NASA’s Jet Propulsion Laboratory network and stole roughly 500MB of data relating to the Mars Missions. The point of entry? A simple Raspberry Pi device that you could buy from Amazon that is under 100 USD.
As security professionals, we’re well aware of the risk of IoT devices. Yes, the attack surface has expanded. Yes, there’s a host of unknown vulnerabilities. Yes, device manufacturers don’t always design their products with security top-of-mind. Yes, it’s difficult or impossible to run security agents on IoT devices.
But this isn’t the first time we’ve faced down security challenges. As security professionals, we dealt with the influx of mobile devices. Before we overcame the sky-is-falling challenges of BYOD, we secured laptops, desktops, servers and all sorts of endpoints. And we’ll secure IoT devices, too.
3 Steps to Improving IoT Security
Securing IoT devices comes down to three simple steps:
1. Accurately identify what’s on your network. It may seem obvious, but most network operators simply don’t know the details about every device that’s connected to both their wired and wireless networks, and IoT makes it even more challenging. Battery-powered IoT devices can be especially problematic, because they may wake up only briefly to a perform a function or to check-in—which means they’re popping on and off the network all day.
You need visibility into what these devices are, who is operating the devices, and what they’re doing all day. To get that visibility for IoT, it’s necessary to expand beyond traditional methods of fingerprinting. Innovations like machine learning and deep packet inspection are simplifying the challenge. Machine learning can be used to analyze device attributes and automatically group similar devices together. Deep packet inspection can be used to provide additional context and behavioral information to accurately identify hard-to-detect devices.
2. Enforce policy automatically. You need closed-loop, end-to-end access control from the moment a device joins the network. Given the sheer quantities of IoT devices, automation is necessary. Manual intervention is no longer practical. Develop policies that leverage context, such as the user role, device type, certificate status, location or day of week. When an IoT device joins a network, it can be automatically segmented, keeping traffic separate and secure, with the policy consistently enforced across wired and wireless networks.
3. Monitor for suspicious behavior. Context is critical to understanding what an IoT device is doing. You need to understand the actual behavior of a device—what protocols are being used, what applications and URLs are being accessed. If a security camera begins sending huge amounts of data at 3am outside the country, for example, you need the ability to automatically quarantine it until you can investigate, fix or replace it.
Banish the Fear with Good Planning
With a good plan and effective tools, you can mitigate the risks of IoT devices while enabling your organization to benefit from their many gains, whether that is improved physical security, monitoring equipment on the factory floor, or automatically adjusting the building’s temperature and lighting for employee comfort and to save energy.
Learn how Aruba ClearPass Device Insight can help you tackle your IoT security challenges.