Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT

The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago. The market persevered, weathering the “end of perimeter security” claims and adapting to become more flexible and dynamic, reaching beyond traditional PCs and servers to new mobile and external endpoints. Those network security vendors that adapted are now poised to take full advantage of the IoT and the billions of connected devices set to revolutionize the enterprise. 

Transformative Effect

Today the IoT is having a similar transformative effect on the enterprise considerably expanded the pool of connected devices that can now be found on a network, with the devices in play no longer limited to the PCs, servers, and smartphones with which IT staff are familiar. They now need to know about air-conditioning units and lighting sensors, fitness bands, and fire alarm panels. Despite the growing proliferation of IoT devices, most enterprises are still trying to discover these new devices. In fact, one of the most difficult issues enterprises now face is visibility; discovering new and unknown devices on their networks, and then establishing those devices’ identities in order to apply the appropriate authentication and access control mechanisms.

Raising Risk Profiles

Often, most traditional network security appliances are unable to identify new IoT device connections, and visibility into the enterprise networks is, therefore, significantly reduced. This becomes problematic, as unknown devices can easily become attack vectors and raise risk profiles.

hacks

(Image Source: Shutterstock)

To move forward, IT teams need to create new security policies suited to the plethora of IoT connected devices, and perhaps employ new tools to fit them into enterprise networks in a way that adheres to internal requirements. The Target breach is an excellent, if unfortunate, case study of what can happen when IoT endpoints are not properly controlled.

A number of companies are making headway in adapting traditional network security to the IoT, including Bastille, ForeScout, Cisco, Fortinet, F5 among many others.

The New and The Unknown

Identification and localization of specific nodes will become a fundamental issue with the billions of IoT devices envisioned to appear in the near future. Security vendors that are able to help enterprises overcome the obstacle of discovering new and unknown devices on their networks will also need to figure out how they can provide security features or, at the very least, integrate with those appliances that can.

cloud-security-attacks-vendors

Beyond that, authentication and access control will become critical. Certification can provide a level of authentication and access control for IoT nodes. Alternatively, authentication mechanisms for the perception and network layers can prevent impersonation attacks. A PKI can help to achieve strong two-way authentication. Access control technology can be correctly implemented simply so that certification technology is able to ensure identification. Various authentication protocols can be employed, such as hash-lock, hash-chain, distributed RFID inquiry—response authentication, LCAP, clap agreement, re-encryption mechanism, etc. The use of such protocols will depend, for example, on the suitability of the various RFID applications and the desired level of security.

At the network level, various mechanisms can be used, including end-to-end authentication, key negotiation, key management or even intrusion detection mechanisms. Various distribution protocols are enabled through key management that can be applied to the IoT, including simple key distribution, key pre-distribution agreement, dynamic key management protocol, and hierarchical key management protocol.

Sensor Networks

Intrusion detection and prevention is not widespread for sensor networks in IoT. In fact, due to the complexity of many of these networks and the relatively low computation resources available, traditional IDS/IPS systems are simply not effective in these scenarios. However, next-generation research presages just such technologies adapted for the IoT. Methods have been proposed to develop a system of intrusion detection according to the past access frequency of a Thing’s label or for various time-based models (PDR, P2DR, P2DR2, etc.). Another novel approach seeks to simulate real-time defense of IoT environments by studying artificial immune system concepts that imitates the mechanisms of a biological immune system.

Security and safety in the IoT essentially boils down to establishing trust: in the integrity of the applications, in the security of the networks, in the confidentiality of the data, and in the safety of the devices. The IoT is a complex space, and any tool that can simplify management and control of IoT devices will be highly valuable.

By Michela Menting

About Michela Menting

Michela Menting, Research Director at ABI Research, delivers analyses and forecasts concerning digital security. Through this service, she studies the latest solutions in cybersecurity technologies, critical infrastructure protection, risk management and strategies, and opportunities for growth.

Her past experience includes working as a cybersecurity policy analyst for the United Nation’s International Telecommunication Union in Geneva, Switzerland.

Michela obtained both an LLB in English and French Law and an LLM in Information Technology, Media and E-commerce from the University of Essex.

View Website
View All Articles

Sorry, comments are closed for this post.

Comics
The Rise Of BI Data And How To Use It Effectively

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the business world as a whole. In 1983, the first commercially handheld mobile phone debuted and provided workers with an unprecedented amount of availability, leading to more productivity and profits. More recently, the Cloud has taken…

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Security It’s no secret many organizations rely on popular cloud providers like Amazon and Microsoft for access to computing infrastructure. The many perks of cloud services, such as the ability to quickly scale resources without the upfront cost of buying physical servers, have helped build a multibillion-dollar cloud industry that continues to grow each…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping…

Digital Twin And The End Of The Dreaded Product Recall

Digital Twin And The End Of The Dreaded Product Recall

The Digital Twin  How smart factories and connected assets in the emerging Industrial IoT era along with the automation of machine learning and advancement of artificial intelligence can dramatically change the manufacturing process and put an end to the dreaded product recalls in the future. In recent news, Samsung Electronics Co. has initiated a global…

The Key To Improving Business Lies In Eye-Interaction Tech

The Key To Improving Business Lies In Eye-Interaction Tech

Eye-Interaction Technology Analysts at Goldman Sachs predict virtual reality revenue will surpass TV within the next decade. More than just some gaming fad, VR represents a whole new way for organizations to train, research, and explore vast amounts of data. Despite its popularity, however, VR is still not in the hands of the majority, and…

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Secure Third Party Access Still Not An IT Priority Research has revealed that third parties cause 63 percent of all data breaches. From HVAC contractors, to IT consultants, to supply chain analysts and beyond, the threats posed by third parties are real and growing. Deloitte, in its Global Survey 2016 of third party risk, reported…

Cyber Security: McAfee on IoT Threats and Autonomous Cars

Cyber Security: McAfee on IoT Threats and Autonomous Cars

IoT Threats and Autonomous Cars Autonomous cars are just around the corner, there have been controversies surrounding their safety, and a few doubts still hang in the minds of people who don’t like the idea of a computer driving their car. However, the biggest news stories surrounding this topic have been to do with how…

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

Embracing The Cloud We love the stories of big complacent industry leaders having their positions sledge hammered by nimble cloud-based competitors. Saleforce.com chews up Oracle’s CRM business. Airbnb has a bigger market cap than Marriott. Amazon crushes Walmart (and pretty much every other retailer). We say: “How could they have not seen this coming?” But, more…

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Once upon a time, only a select few companies like Google and Salesforce possessed the knowledge and expertise to operate efficient cloud infrastructure and applications. Organizations patronizing those companies benefitted with apps that offered new benefits in flexibility, scalability and cost effectiveness. These days, the sharp division between cloud and on-premises infrastructure…