The IT Certification Resource Center

Featured Deal

CompTIA certification training - free for a week.
Learn More ❯

A Vital Cert for IT Pros Charged with Securing the Internet of Things

The fast-growing Internet of Things has many security vulnerabilities. Many of the solutions to this problem will sound familiar, but there's a key cert that can help IT pros stay abreast of emerging challenges.

Man on train using wireless deviceBrowse the shelves of your local home improvement or appliance store and you likely won’t be able to move two steps before encountering a device bearing the adjective “smart.” From televisions and microwaves to toothbrushes and sprinkler systems, almost every conceivable consumer device comes with WiFi or Bluetooth connectivity.

 

While exciting, the Internet of Things also introduces a whole new world of security risks, providing hackers with millions of new targets for their nefarious activities. A recent IDC report predicted that 90 percent of all networks will experience an IoT-related security breach by the end of 2016. That’s a sobering statistic!

 

IoT devices aren’t just popping up in homes — they’re also appearing in offices and on factory floors. In some cases, these are the results of well-planned IT projects designed to improve automation or facilitate data collection. In other cases, well-meaning employees may simply plug an IoT device into an available network port without recognizing the risks such a device can pose to enterprise security.

 

Security and networking professionals must understand the scope of IoT efforts within their organization. And they must also have the tools and techniques at their disposal to help protect against the new threats that ever-expanding connectivity introduces.

 

Network Security in a World of Things

 

Fortunately, the controls used to secure IoT devices aren’t really all that different from the network and device security technology that organizations have used for years to protect other networked devices. Security professionals simply need to consider IoT requirements in their work as they deploy and configure their security technologies.

 

Network Inventory: Securing IoT devices begins with an accurate network inventory. It’s hard to deploy security controls when the organization doesn’t have a strong understanding of what is connected to their network. Most organizations already have some type of network inventory tool and it’s likely that this same tool will detect and inventory IoT devices connected to the network.

 

The results of a network scan are an excellent way to catalog the organization’s current IoT status and may also serve as the basis for a network vulnerability scan that probes those devices for misconfigurations and other vulnerabilities that may require immediate attention.

 

Firewalls: Maintaining strong firewalls is the first line of defense for IoT devices, particularly those that might have other security vulnerabilities. Firewalls filter out undesirable network traffic before it reaches protected devices. In an IoT deployment, they may play a special role, creating a segmented network specifically designed to house IoT devices.

 

In this model, the IoT devices can freely communicate with each other and their command-and-control servers, but they are not reachable from the remainder of the organization’s network. This segmentation approach prevents, for example, a guest using the organization’s Wi-Fi network from connecting directly to the organization’s IOT devices.

 

Secure Wireless: In most cases, IoT devices make use of wireless networks due to their location and, in some cases, mobility requirements. After all, it would be difficult to use a wired network connection for a smart car! As administrators configure the wireless networks that support IoT devices, they should choose strong encryption options.

 

It is vital to configure the use of Wi-Fi Protected Access (WPA) technology to prevent outsiders from eavesdropping on the communications exchanged between IoT devices and their servers. Those exchanges contain commands from the server, as well as, data reported back by IoT sensors, both of which should be protected.

 

Authentication: Strong authentication measures play an important role with IoT devices, just as they do other network devices. Organizations should choose devices that integrate with the organization’s identity and access management infrastructure for authentication.

 

This centralized approach provides consistent security, reduces management overhead and makes it easy to remove a user’s access when he or she leaves the organization. Administrators may simply mark an account as disabled in the centralized authentication console and immediately disable access to all systems using that authentication server, including IoT devices.