Multicloud + IoT: Securing IoT Applications in Diverse, Distributed Environments

IoT and Network Threats are Not One-dimensional

It’s not just the consumer market driving the rapid proliferation of connected gadgets. The latest connected toys and appliances might be the most visible during the holiday season, but enterprises are also integrating Internet of Things (IoT) applications and devices into office spaces and day-to-day operations across industries. From drones to smart switches and HVAC systems, it’s clear IoT technology can offer businesses a competitive edge through increased convenience, connectivity and the massive amount of data generated by connected devices. 

Although vast amounts of data alone do not necessarily add value, through analytics, important insights can be extrapolated and applied to improve business. But the potential advancements enabled by IoT also introduce new cybersecurity and compliance risks to the non-stop sophisticated threat landscape that already strapped security teams are grappling to protect against. To complicate things further, defined network perimeters are disappearing, weakening the effectiveness of traditional security postures. And on top of that, workloads, apps and ecosystems are all becoming more diverse and complex.

Despite this new, unfamiliar cyber-terrain, organizations are moving from small IoT pilots to large-scale implementations. The results of a recent survey launched by the Internet of Things Institute and Juniper Networks illuminate key challenges and learnings for how organizations can prepare their security posture for IoT implementations at scale.  

Multicloud, meet IoT

Following a trend across various areas of IT, organizations are now running IoT application workloads in diverse locations that create complex ecosystems for IT and security personnel to oversee. To be more specific:

• Over half (51 percent) of survey respondents reported IoT application workloads run in private data or control centers, 36 percent maintain deployments at the network edge and the remainder (13 percent) run their workloads in a public cloud. 

• Twenty-six percent of respondents run their IoT application workloads on one cloud and 29 percent have workloads in two or more clouds, indicating that many IoT workloads are in a multicloud environment. Only 45 percent of respondents are not currently running IoT applications on any cloud. 

Part of the challenge of securing IoT applications and workloads is the inherent distributed complexity of these technologies. As enterprises prepare to scale IoT deployments, they need to be concurrently planning to address these complexity issues, especially with regards to security. While running these applications in public, private and on-premises environments is a natural next step that provides more flexibility, increased connectivity also exposes organizations to additional security vulnerabilities. 

Truly securing IoT workloads demands more than just securing a device or endpoint. Leverage IoT deployments as opportunities to provide a much-needed chance to review features and configurations with an eye to the future. 

Diverse risks

From IoT malware proliferation across the organization to protecting privacy, the survey also found that the majority of enterprises are extremely concerned or very concerned about a wide range of IoT security challenges – and they should be. No enterprise wants to be hit with malware or an advanced cyberattack, but poorly implemented security creates vulnerabilities that hackers are only too happy to exploit. Look no further than the destruction caused by Mirai variants that have ensnared hundreds of thousands of IoT devices, from the widescale DDoS attack on Dyn’s managed DNS infrastructure to the Satori attack. Threat researchers believe that the number and variety of malware on the hunt for IoT device vulnerabilities will continue to increase.  

Understandably, 51 percent of survey respondents overwhelmingly reported their top IoT security challenge is hard-to-detect sophisticated IoT threats such as zero-day attacks. But it’s doubtful this comes as a surprise to anyone in the cybersecurity industry. 

Activate all defenses 

I’ve said it once and I’ll say it again, the traditional network perimeter is stretching and evolving, and perimeter-based firewalls will not provide sufficient security for IoT workloads operating in diverse environments. IoT and network threats are not one-dimensional, so neither should be an organization’s security. Securing IoT workloads at scale requires establishing a holistic approach from the inside out. 

When it comes to securing our organizations, the network is our friend, not a liability. Survey respondents couldn’t agree more – 72 percent of respondents believe the role of the network is very important or even critical for their organization’s IoT security. Organizations that have already implemented multiple IoT projects are even more likely (26 percent) to rate the network’s importance as critical than respondents who have implemented only one project (9 percent). 

Put a mix of security in place: invest in on-premises solutions such as DLP or IDS/IPS, secure the cloud, include advanced threat prevention and install virtual firewalls. Activating all of a network’s defenses provides greater scale with near-real-time protection to protect against new threats that are continuously being discovered.

Original author: Laurence Pitt