'Shadow' IoT devices pose a risk to organizations everywhere
By Max BurkhalterFebruary 5, 2020
The sheer number of devices connected to the internet of things offers convenience and possibility for the average person that was previously just fantasy. However, these devices can serve to weaken an organization's cyber defenses when connected to networks that they shouldn't be.
Hidden devices
Personal internet-connected devices are ubiquitous in modern society. Beyond just the basic smartphone, a variety of wearable technology, such as smart watches, fitness trackers, medical devices and more have grown in popularity in recent years. These devices are harder to notice than a laptop or cell phone and need access to the internet in order to function to their full extent. Their IoT-enabled features are convenient for their owners, and as a result, they connect to any network they can to make use of them, including those at their workplace.
This practice only serves to exacerbate security concerns in the age of information. According to cybersecurity company Infoblox, almost half (46%) of all organizations report that they have found "shadow" IoT devices connected to their networks. Only a quarter of organizations surveyed reported that their networks were free of these unauthorized devices. Few companies had guidelines in place regarding which devices could be connected to work networks and which could not. As a result, employees had free reign to connect whatever they saw fit to their office's internet, compromising their organization's informational security in the process.
Compromising security
These "shadow" IoT devices function as holes in an organization's proverbial cybersecurity wall. They bring an increased risk of cyberattacks and hacking and are favorite targets of criminals. According to a study done by TechRepublic, devices like smart watches and fitness accessories create vulnerabilities due to their connection to the IoT and their inferior security architecture. Surprisingly, 47% of all IoT-enabled devices that are compromised by hackers are security cameras, which use simple blueprints that are often shared between different IPs - if one product is compromised, then so too are others.
This unique risk applies to "shadow" IoT devices as well. The cheaper and lower-tech a device is, the weaker its security measures are, and the easier it will be for a hacker to use it to gain a foothold in a secure network. This risk only grows when these cheap devices are made from blueprints that are used by several different companies. Organizations that want to keep bad actors out of their networks need to invest in high-quality network hardware and implement rules regarding what devices can be connected to work networks.
Perle offers powerful connectivity tools that can help organizations maximize their network security strength. Our industrial-grade Ethernet switches and console servers are designed to work within big data environments where the security of sensitive information is a top concern. Read some of our customers' reviews to find out more.