The truths and lies of IoT security: monitoring connected devices
The world of managed security services is changing rapidly, expanding with Managed Detection and Response (MDR) services. According to Gartner’s 2018 Market Guide for Managed Detection and Response Services, 15 percent of organizations will be using MDR services by 2020, up from less than 5 percent today. This new turnkey approach is designed to accelerate threat discovery and response time, but what is MDR? How is it different from traditional services provided by managed security service providers (MSSPs), and how do you know if you need it?
What you’ll learn
- How to monitor endpoints vs. “things”
- Key security considerations for IoT
- How network segmentation applies
The difference between MDR and traditional security services
Many assume that end-point detection tools can be applied to connected IoT devices, making it easy to monitor hundreds or even thousands of connected things. But that’s a fallacy.
These models cannot be practically applied to IoT. Why? Because of the lack of standardization. Not every connected device is running on the same operating system, which causes logistical and scalability challenges. The end-point
detection and response tools we have today aren’t fit for IoT because:
- Devices use a variety of communication protocols,
- Potential vulnerabilities come from disparate proprietary systems, and
- Security patches are not easily available or deployable (much less available for testing and quality assurance)
Therefore, we can’t apply monitoring standards across all devices and manage that complex operation from a central system. Our technology simply isn’t there yet.
Yes, enterprises should isolate IoT devices on their own network, separating device traffic from other critical network infrastructure. But, it’s important to note that segmentation is just one of many security strategies that should be deployed with IoT.
Network segmentation is highly effective for IoT because it’s a primary approach for security and isolating threats from within. As one of the strongest techniques for security, it improves access control, monitoring, response to incidents, and containment. Creating isolation zones (discrete virtual networks and Layer 3 VPNs) puts layers of protection in place with incremental gates that help limit the attack surface in the event that a connected device is compromised. Isolated zones are helpful because IT teams can write security policies and rules for each one depending on the type of traffic originating. This helps create granular controls that can be applied only to those connected devices.
Key security considerations for IoT:
- Corporate security policies for connected devices
- Network design flexibility and separate network instances to support IoT infrastructures
- Deep network visibility to efficiently investigate suspicious behavior
- Monitoring backed by machine learning and behavioral analytics
- Risk from vulnerability exposure to help protect against botnets searching for target IoT devices
- Patches and updates for all the connected devices
Interested in learning more about Managed Security?
Call us now to arrange a consultation (855) 238-1463.
Or arrange for a consultation through our request form.
The top 5 cybersecurity threats to watch out for now
The threat landscape is constantly evolving, so awareness is crucial. Every organization should be prepared for these top five security threats.
Learn more about The top 5 cybersecurity threats to watch out for now
Build or buy? Eight factors for measuring TCO on security operations centers
Eight cost factors and two key trends can help you decide between expanding in-house resources or trusting a provider for managed security services.
Learn more about Build or buy? Eight factors for measuring TCO on security operations centers
IoT readiness: 5 network and security necessities
IoT success relies heavily on IT infrastructure. This quick guide offers a list of necessities that ensure scalability, control, and simplified management.
Learn more about IoT readiness: 5 network and security necessities
Managed Detection and Response vs. Managed Security services: The difference and how to choose
Managed Detection and Response services are still new to many IT professionals. This quick guide explains the basics and how it expands traditional services.
How to secure IaaS/PaaS effectively: customer responsibilities in the shared security model
Cloud-based IT environments require customers to shift their security focus. Understand the critical changes needed and how to effectively improve security posture.