This post is next in a three-part series. In the first blog post, we discussed how the past has driven today’s device management obstacles, and outlined how today’s experiences help us prepare for tomorrow.
In this next part of the series, we look at today's challenges with IoT devices and how they teach us about the future.
IoT devices track just about everything, from thermal conditions and energy consumption in the office or home, to the real-time inventory of goods in a warehouse.
IoT devices can even tell you how much coffee is left in a pot. Seriously.
Along with today’s explosion of IoT device adoption come a host of challenges.
An IoT sensor averages about 40¢, making IoT assets easily replaceable — and temporary. As for connectivity, IoT devices and the associated data they provide are only useful if they’re always on. Without a continuous connection, finding meaning in the data is beyond difficult.
Finally (and unfortunately), when cost is the reason for adoption, the trade-off is often security. For many IoT assets, security is compromised for inexpensive devices.
Today’s obstacles with IoT devices
The skyrocketing rates of internet-connected products brought along some distinct asset management challenges.
Knowing what IoT devices are in the IT environment
An accurate inventory of cloud instances or on-premise devices is tough enough. Then tack on inexpensive IoT assets with various purposes, operating systems, and unpredictable life spans — and understanding which devices must be secured becomes really complicated.
The key word here is understanding. Grouping together internet-connected assets isn’t helpful. For example, a sensor on a smart shelf used for warehouse inventory management needs to be treated differently than a security camera.
To conduct an asset inventory, manage, and implement security priorities for IoT devices, keep these questions in mind:
- INTENT: What’s the device used for?
- CRITICALITY: What happens if it breaks?
- LIFE SPAN: How long should the device live?
Understanding configuration options
While monitoring for IoT assets, make sure internet-connected devices aren’t at risk with weak security settings.
Case in point: Back in 2016, there was the attack of “zombie baby monitors”. Hackers exploited hordes of IoT devices like baby monitors and webcams. The devices — all set with default usernames and passwords — were infected with malware and attacked popular websites with garbage traffic.
The lesson here? Ensure IoT assets aren’t using default security settings so they can’t be easily compromised.
Identifying when IoT devices will fail
The life span of IoT assets is short. Sometimes internet-connected devices last a year. In other cases, a device lives for only a week.
Having parameters and metrics in place when an IoT device is about to stop working is critical.
What the future holds for IoT asset management
With the ever-increasing rates of IoT adoption, everything about the computing environment is changing. Where data and storage live will be different, along with how security controls are implemented in the future.
Whenever an IoT device deviates from policy, there needs to be a plan in place to automate response actions. And knowing which tools should protect which IoT assets is foundational to ensure these devices are secured.
Take a deeper dive into the state of IoT devices and download “Back to the Cyber Future”.
