Security changes required to protect corporate networks from non-business IoT devices
Cyber adversaries know that a small IoT sensor can provide access to a corporate network to launch ransomware attacks and more. According to a survey of IT decision makers from Palo Alto Networks, 78% of respondents (among those whose businesses have connected IoT devices to their network) reported an increase in non-business IoT devices on corporate networks over the past year.
Smart lightbulbs, heart rate monitors, connected fitness equipment, coffee makers, game consoles, and even pet feeders are some of the strangest devices identified in the study on such networks.
Non-business IoT devices that create risk
In the second year, survey responses warn of necessary security changes to protect corporate networks from non-business IoT devices. This year, 96% of the same group said their organization’s approach to IoT security needs improvement and 25% said it needs a full overhaul with the greatest need for security features around threat prevention (59%) , Risk assessment (55%). IoT device context for security teams (55%) and device visibility and inventory (52%).
“The introduction of the IoT has become a crucial business enabler. It poses new security challenges that can only be addressed when employees and employers share responsibility for protecting networks, ”said Ryan Olson, VP of Threat Intelligence, Unit 42, Palo Alto Networks.
“Remote workers need to watch out for devices at home that can connect to corporate networks through their home router. Organizations need to better monitor threats and network access and create segmentation to protect remote workers and the company’s most valuable assets. “
It is noteworthy that of the 1,900 global IT decision-makers surveyed, 51% stated that IoT devices are segmented on a different network than the one they use for primary business devices and business applications (e.g. HR system, email Server, financial system). and another 26% of respondents said IoT devices are micro-segmented within security zones – an industry best practice in which companies establish tightly controlled security zones on their networks to isolate IoT devices and keep them separate from IT equipment, to prevent hackers from moving sideways on a network.
There are other worthwhile steps you can take to mitigate the IoT security risk in your home and business.
Top 3 IoT Security Tips for Employees Working From Home (WFH)
- Familiarize yourself with your router. All of your IoT devices will likely connect to the internet through your router. Start by changing the default settings – the settings that each router comes with – to something unique. Then encrypt your network by simply updating your router settings to WPA3 Personal or WPA2 Personal.
- Keep track of which devices are connected. You can access your router’s web interface and search for “connected devices,” “wireless clients,” or “DHCP clients” to view a list and disconnect older devices that you no longer use and disable remote management on the devices you don’t need it.
- Segment the home network. Network segmentation isn’t just for large companies. You can segment your home network by creating a guest WiFi network. The easiest way to do this is for IoT devices to use a guest WiFi network while other devices use the main network. This helps to logically group devices in your home and isolate them from one another. If you keep them on a separate network, your computers will be difficult to access from a compromised IoT device.
The 3 most important IoT security tips for businesses
- Know the unknown. Get a full view of all the IoT devices connected to the company. An effective IoT security solution should be able to identify the exact number of devices connected to your network, including those you know and those you are not aware of – and those that you have forgotten. This discovery helps to gather an up-to-date inventory of all IoT assets.
- Perform continuous monitoring and analysis. Implement a real-time monitoring solution that continuously analyzes the behavior of all your network-connected IoT devices in order to contextually segment your network between your IT and IoT devices – and their workloads. Securing and managing WFH setups as branch extensions of the company requires a new approach.
- Implement zero trust for IoT environments. An IoT security strategy should be based on the zero trust principle in order to enforce guidelines for access control with the least privilege. From there, look for an IoT security solution that uses your existing firewall investments for a comprehensive and integrated security concept. Coupled with the capabilities of your firewall, the solution should automatically recommend and natively enforce security policies based on the level of risk and the extent of untrustworthy behavior detected on your IoT devices. In addition, a single solution can expand a company network and offer WFH employees uniform security policy management and Secure Access Service Edge (SASE).