Ponemon Institute research shows IoT devices are the most challenging technology to secure. With a Gartner estimate that 20 billion IoT devices will be connected by 2020, and projections that 25% of identifiable attacks will involve IoT devices, securing these devices is crucial. This is especially concerning since a recent Ponemon Institute study found 75% of organizations are not confident or have no confidence that they know all of the IoT applications in their network.
Hackers are constantly scanning networks for vulnerabilities, and IoT devices are an easy target because most firewalls cannot see or protect these endpoints. There are two main use case scenarios:
Unwitting accomplices and shadow IT: Many corporate staff members are unaware that they are compromising network security when they purchase everyday devices such as internet-enabled coffee makers, refrigerators and projectors. When a legitimate attempt to simplify a business challenge results in the addition of a new technology, such as a router or printer, without IT notification, a vulnerable open portal can be created. This is frequently referred to as “shadow IT,” a term created to describe how rogue devices can appear on the network without the knowledge of the IT team.
Unsecured enterprise-approved headless devices: When organizations add security cameras, HVAC sensors, medical equipment and thousands of other similar devices, many are IoT-enabled to deliver better operational efficiency. Unfortunately, such devices have little or no inherent security, and in the absence of a user to authenticate, most existing firewalls and security equipment cannot authenticate and secure them. The same issue exists with other headless devices, such as industrial control systems (ICS) and programmable logic controllers (PLC), which lack a user to authenticate and cannot be secured using a persistent agent. Often the IT team does not even realize devices are IoT-enabled or that the existing firewall and security solutions cannot close the security gap caused by these devices.
Real-time visibility into all connected endpoints is a crucial first step in closing security gaps since it is impossible to secure a device if an organization does not know it exists. FortiNAC provides IoT security with real-time visibility into every device connected to the network. The solution ensures that organizations can identify every switch, router, IoT and BYOD device, and provides a live inventory of everything connected to the network. In addition, FortiNAC provides an easy-to-use, one-step solution specifically designed to close the IoT security gap left open by firewalls. While providing full visibility into all endpoint devices, it also simplifies IoT device onboarding and management, supports micro-segmentation right to the network edge, and enables network lockdown.