subscribe: Daily Newsletter

 

Learn, segment and protect in the IoT world

0 comments

Experts predict that by 2020 there will be 4,3 Internet-connected devices for every man, woman, and child on the planet.
Each of these connected devices generates data that is pushed, pulled, collected, sorted, analysed, stored, and examined. This data, and the information being extracted from it, has become the foundation for what is being called the new “Digital Economy”. Revenue resulting from IoT is estimated to exceed $300-billion in 2020, with a global economic impact of $1,9-trillion.
“Sometimes it’s helpful to characterise the IoT with some more precision; I like to place them in three categories,” says Phil Quade, chief information security officer at Fortinet. “The first, Consumer IoT, which includes the connected devices we are most familiar with, such as smartphones, watches, and connected appliances and entertainment systems.
“The other two, Commercial IoT and Industrial IoT, are made up of things many of us never see. Commercial IoT includes things like inventory controls, device trackers, and connected medical devices, and the Industrial IoT covers such things as connected electric meters, water flow gauges, pipeline monitors, manufacturing robots, and other types of connected industrial controls.”
Quade explains that increasingly, Commercial and Industrial IoT are co-habiting within local, national, and global infrastructures, creating hyperconnected environments of transportation systems, water, energy, emergency systems, and communications.
Medical devices, refineries, agriculture, manufacturing floors, government agencies, and smart cities all use Commercial and Industrial IoT devices to automatically track, monitor, coordinate, and respond to events.
In addition, he points out, architects and operators often link IT (information technology) and OT (operations technology) networks together. “Data collected from IoT devices that is processed and analysed in IT data centres, for example, might be used to influence real-time changes on a manufacturing floor, or deliver critical services, such as clearing traffic in a congested city in order to respond to a civil emergency,” he says.
“Because of the hyperconnected nature of many systems, untrustworthy IoT behaviour could be potentially catastrophic. OT, ICS, and SCADA systems control physical systems, not just bits and bytes, where even the slightest tampering can sometimes have far-reaching – and potentially devastating – effects. While compromising things such as transportation systems, water treatment facilities, or medical infusion pumps and monitors could even lead to injury or death,” he adds.
According to Quade, the security challenges of IoT are ones of both depth and breadth. He highlights that many IoT devices were never designed with security in mind, and their challenges include weak authentication and authorisation protocols, insecure software and firmware, poorly designed connectivity and communications, and little to no security configurability.
“Many are ‘headless’, which means that they cannot have security clients installed on them, or even be easily patched or updated,” he continues. “And, because IoT devices are being deployed everywhere, securing them requires visibility and control across highly distributed ecosystems. This requires organisations to tie together what is happening across IT, OT, and IoT networks, on remote devices, and across their public and private cloud networks.”
Integrating distinct security tools into a coherent system enables organisations to collect and correlate threat intelligence in real time, identify abnormal behaviour, and automatically orchestrate a response anywhere along an attack path.
To accomplish this, Quade says enterprises need to implement the following three strategic network security capabilities:
* Learn: Enterprise security solutions require complete network visibility to securely authenticate and classify IoT devices. Realtime discovery and classification of devices allows the network to build risk profiles and automatically assign them to IoT device groups along with appropriate policies.
* Segment: Once armed with complete visibility and management, it is necessary to understand and control the potential IoT attack surface. Segmenting IoT devices and communications into policy-driven groups and secured network zones allows the network to automatically grant and enforce baseline privileges suitable for a specific IoT device risk profile.
* Protect: Policy-driven IoT groups combined with internal network segmentation enable multi-layered monitoring, inspection, and enforcement of device policies based on activity anywhere across the distributed enterprise infrastructure. An integrated and automated security framework enables the correlation of intelligence between different network and security devices, as well as the automatic application of advanced security functions to I-IoT devices and traffic anywhere across the network, especially at access points, cross-segment network traffic locations, and in the cloud.
“Finally, IoT cannot be treated as an isolated or independent component of your business. IoT devices and data interact across and with your extended network, including endpoint devices, cloud, traditional and virtual IT, and OT. Isolated IoT security strategies increase overhead and reduce broad visibility. To adequately protect IoT, organisations require an integrated and automated security architecture,” stresses Quade.
The Fortinet Security Fabric is designed to do just that. It spans the entire networked ecosystem, expands and ensures resilience, and secures distributed compute resources – including routing and WAN optimisation.
Value-added distributor, Networks Unlimited, distributes the Fortinet Security Fabric throughout Africa.