Subscribe to Email Updates

Subscribe

rsz_17404793095_8688655ddd_b.jpg

Gartner warns CIOs of attacks of IoT devices that might compromise corporate networks

By Razvan Muresan on Sep 20, 2016 | 0 Comments

By the end of the decade, Internet of Things (IoT) devices will outnumber users with laptops, tablets or smartphones by more than three times, research and advisory firm Gartner predicts. From the total of 21 billion of IoT devices that will be in use worldwide, nearly 6 percent will be used for industrial IoT applications.

IT organizations have issues identifying these devices and marking them as part of current network access policy, said Gartner. Infrastructure and operations (I&O) leaders must therefore update their network access policy to address the onslaught of IoT devices.

"Having embraced a bring-your-own-device strategy, organizations must now get employee devices on the enterprise network and start addressing the 21 billion IoT devices that we project will want access to the enterprise network," said Tim Zimmermann, research vice president at Gartner. "Whether a video surveillance camera for a parking lot, a motion detector in a conference room or the HVAC for the entire building, the ability to identify, secure and isolate all IoT devices — and in particular "headless" devices — is more difficult to manage and secure.

"Many IoT devices will use the established bandwidth of the enterprise network provided by the IT organisation (wireless 1.3 Gbps of 802.11ac Wave 1 or 1.7 Gbps of 802.11ac Wave 2). However, it is important that the IT organisation works directly with facilities management (FM) and business units (BUs) to identify all devices and projects connected to the enterprise infrastructure and attaching to the network,” Gartner says.

Once all devices attached to the network are identified, the IT organization must create or modify the network access policy as part of an enterprise policy enforcement strategy. This should determine if and how these devices will be connected, as well as what role they will be assigned that will govern their access.

To monitor access and priority of IoT devices, I&O leaders need to consider additional enterprise network best practices. These can be defining a connectivity policy, as many IoT devices will be connected via Wi-Fi; performing spectrum planning — many IoT devices may be using 2.4GHz, but may not be using 802.11 protocols such as Bluetooth, ZigBee or Z-Wave, which may create interference; or considering packet sniffers to identify devices that may do something undesirable on the network.

While more IoT devices are added to the enterprise network, I&O leaders will also need to create virtual segments. These will allow network architects to separate all IoT assets (such as LED lights or a video camera) from other network traffic, supporting each FM application or BU process from other enterprise applications and users.

As the concept of virtual segments matures, the capabilities will allow network architects to prioritize the traffic of differing virtual segments as compared with the rest of the traffic on the network. For example, security video traffic and normal enterprise application traffic may take priority over LED lighting.

By 2020, 34 billion devices will be connected to the Internet, or four devices for every human on Earth. Gartner predicts 20 billion devices will be shipped by 2020, while IDC says 30 billion and Cisco expects to see 50 billion IoT gadgets delivered in the next five years. Nearly $6 trillion will be spent on IoT solutions over the next five years, while spending on IoT security is expected to reach $547 million in 2018, almost double last year’s $281.54 million.

 

    • continuous sec
Share This Post On

Author: Razvan Muresan

Former business journalist, Razvan is passionate about supporting SMEs into building communities and exchanging knowledge on entrepreneurship. He enjoys having innovative approaches on hot topics and thinks that the massive amount of information that attacks us on a daily basis via TV and internet makes us less informed than we even think. The lack of relevance is the main issue in nowadays environment so he plans to emphasize real news on Bitdefender blogs.