Using Wi-Fi to create a cybersecurity 'buffer' for IoT devices
By Max BurkhalterApril 20, 2020
As internet-of-things technologies grow more popular with consumers and enterprises, IT professionals are having to develop new cybersecurity strategies to insulate vulnerable devices from hackers. The issue is that most IoT devices lack the built-in firmware and security features needed to consistently prevent data breaches and malware infections. With an estimated 5.8 billion enterprise and automotive IoT endpoints expected to be in use by the end of 2020, according to Gartner, it's never been more important for companies to rethink their IT posture.
While consumers need only protect a few internet-connected devices in their home, a single organization could be using hundreds (even thousands) of IoT devices across multiple sites. Enterprises that allow personal devices in the workplace - laptops, smartphones, wearable fitness trackers, etc. - face an even greater challenge, as IT administrators often struggle to maintain visibility of these gadgets, according to Infosecurity Magazine. So how can companies manage a massive fleet of active endpoints while also minimizing the risk of a security breach?
IoT networking
IoT devices send and receive information over the internet, often through a Wi-Fi connection managed by an organization's IT security team. But when multiple internet-connected devices share the same access channel, hackers have a more direct means of infiltrating internal systems and networks. This is because a single unsecured device can allow malicious actors to path into a company's routers, bypassing its outer defenses, ZDNet reported. To help close this security gap, many IT professionals recommend using a micro-segmentation process that allows administrators to create several virtual networks (VLANs) on the same Wi-Fi router.
Securing vulnerable IoT devices
In 2019, the Federal Bureau of Investigation published a brief segment on managing IoT that discussed how consumers and enterprises can safeguard their vulnerable devices. First, users should change the factory settings and credentials of all IoT equipment before connecting them to the internet. This will help ensure hackers can't exploit default passwords to gain control over newly deployed devices. The FBI also recommended that users keep all computers and IoT devices that have access to sensitive information on a separate system or Wi-Fi network. If this separate access channel were ever compromised, hackers would not be able to leverage the IoT devices connected to it to launch wider brute-force attacks.
As noted by ZDNet, IoT devices do not need to be on the same network as core systems if they're not critical to an organization's key services. By isolating IoT devices in a dedicated VLAN, companies can reduce the risk of serious data breaches and other forms of hacking. That said, it's important to conduct regular audits to ensure new devices aren't unwittingly added to the central network. IT administrators should also keep a detailed inventory of all company-owned IoT devices to keep track of new deployments and critical updates.
Securing enterprise networks has become much harder with the introduction of IoT technology, as every device represents a possible attack vector. In times of crisis, companies rely on the durability of their networking hardware to keep operations running and data flowing to key business applications. Perle offers industrial-grade connectivity tools designed for today's fast-paced world, including our fiber media converters and device servers. Read some of our customer stories to find out how our networking hardware can support your organization's long-term goals.