When was the last time you thought of your security appliance, which is meant to secure your network and sensitive data, as just another IoT device?
It all starts with one question: Why are security officers hesitant to let go of their security appliances and move on to software or cloud-based offerings? There could be many answers to this question, but the fact is that these appliances largely live up to their namesake, i.e., emulate an overall feeling of security. CISOs don’t need to grapple with system managed devices, they have full control over their appliances, and there’s no need to report back.
These are all valid answers to the above question. However, there’s an alternative answer as to why CISOs are so attached to their security appliances: politics. The fact of the matter is that security appliances provide CISOs with a feeling of peace and quiet. To be frank, few within the organization care about which OS runs on the appliance, when the last upgrade was or when the appliance was last patched.
This is where the security appliance becomes a double-edged sword. Security appliances are, in effect and by definition, connected devices that run software, which makes it similar (if not the same) as any other IoT device. Therefore, security appliances are inevitably vulnerable to the same threats as any other IoT device for enterprise. Once hackers decide they want to get into the corporate network, it’s a walk in the park for them to gain control over an unpatched and unsafe security appliance or IoT device and gain uninterrupted access to the network. And because security patches for security appliances are usually discovered after the fact, there is ample room for hackers to carry out potential and actual breaches.
How can CISOs make sure that their security appliance is not just another unsecured IoT device? Here are five steps that can help CISOs keep their appliances secure, while giving them much needed peace of mind:
- Visibility — Ensure that you can see all the existing IoT devices in your network, including managed and partially managed devices.
- Profiling — Understand each device type, what operating system it is running on, and which applications and processes are installed.
- Segmentation — Affirm that an IoT device is not running on the same network segment as other devices, or within reach of the organization’s mission-critical systems and data. Firewalls must be deployed between these segments to prevent IoT devices from reaching the “crown jewels” of your network.
- Detection — If segmentation is properly implemented, then detection of IoT devices on your network should be a cinch. Once an IoT device joins the network, your network security technology should be able to immediately detect it and carefully verify whether it behaves similarly to other typical network devices. A compromised or rogue might look the same, but will behave differently.
- Response — Employ a network technology that delivers automatic actions once a breach is discovered. Manual actions take time — hours or even days — and can incur a hefty cost. Automated breach response can block, quarantine or limit access for a specific device in a matter of seconds.
IoT holds great promise for enterprises in a variety of industries– from government to retail and healthcare to education — with its power to link formerly static devices to the internet, bringing with it tremendous benefits for productivity and corporate expansion. However, in line with the benefits of IoT for business, the technology expands the attack surface as new types of devices join the corporate network. Your security appliance could be one of those. Don’t let the security of your network fall through the cracks by gaining full visibility and control over your appliances.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.