Scalable Security for IoT Deployments: Privileged and Permissioned

11

JANUARY 2022

By: Mohie Ahmed

IoT and Industrial IoT present the greatest network, data and application security challenges in recent history.

In fact, some experts believe that the business potential for the connected world is being held back due to security concerns, and rightfully so.

What’s holding IT, OT and network operations teams from large implementations, whether smart buildings or smart factories, smart campuses or smart cities, is fear of attacks and security breaches.

In a recent survey about IoT security, researchers found that 97 percent of respondents believe unsecured IoT devices could be catastrophic for their organization.

For those who had implemented IoT technologies, only 29 percent reported actively monitoring connected endpoints and systems for related third-party risks.

The Ponemon Institute, an independent research firm focused on privacy, data protection, and information security policy, and the Shared Assessments Program, the industry-standard body on third-party risk assurance, published The Internet of Things (IoT): A New Era of Third-Party Risk, confirming what many CIOs already believe: that we’re still early and that there are clear and present dangers when security is not implemented properly.

Real-world cyber-attacks against the IoT has heightened awareness over the last few years. Here are a few examples of the most well-known attacks:

  • In the US, IoT devices were turned into BOTS, and then controlled and used to participate in a DDoS (Distributed Denial of Service) attack like the one that targeted Dyn, bringing down Netflix, Twitter, Amazon, Airbnb, CNN and the New York Times.
  • In Germany, a steel mill was the target of a cyberattack, when hackers successfully took control of the production software and caused significant material damage to the site.
  • In Ukraine, an entire power grid was taken offline, impacting 86,000 homes.
  • In Dallas, Texas, 156 tornado alarms were hacked and continued to go off in repeating 90-second cycles, causing panic and fear of WWIII.
  • In the UK and elsewhere, hospital devices were hit with ransomware, causing a state of emergency to be declared, because the hospitals were unable to continue critical services.

It’s no wonder those responsible for enterprise networks, applications, and sensitive data are slow to roll with large IoT deployments, despite their business logic including cost savings, more competitive offerings, more efficient supply chains, and stronger bottom lines.

They’ve spent the last few decades trying to keep up with threats to their basic infrastructure – servers, networks, phone systems, and clouds, putting into place Identity Access Management and Privileged Access Management Systems, to control who has access, or the ability to access, from what devices to the infrastructure, and what level of access they have.

To secure these and more modern devices, privileged access management (PAM) is essential for ensuring IoT networks cannot be hacked, but with the increased number of endpoint devices due to IoT, the demands on PAM are becoming much more distributed, complicated and expensive.

PAM helps to manage the people and the hundreds of thousands of “things” that are connected to a network, and is already in place in most large enterprises today.

However, PAM for IoT is substantially different from traditional PAM. Security specialists must treat PAM for IoT as a specialized domain and not simply as an extension of traditional PAM, because there are huge differences when it comes to securing a variety of IoT devices, supported on over nearly 500 different IoT platforms.

There is no one single security tool/solution for IoT, as is the case with traditional IT and OT.

Traditional security solution approaches are not the only option.

There are and will be privileged accounts for IoT end devices, gateways, and servers that are used by humans and applications.

When considering PAM for IoT and not just core IT infrastructure and networking, scalability is a major concern, which is why Ironsphere knows our carrier-grade solution is much more scalable, compared to more traditional PAM providers.

To learn more about how Ironsphere’s PAM solutions can secure IoT and IIoT deployments, contact us.

Similar Blogs

It Is High Time to Invest in Advanced Threat Detection, Now More Than Ever

It Is High Time to Invest in Advanced Threat Detection, Now More Than Ever

The impact of the global pandemic has brought the requirement for more intelligent, sophisticated threat analytics, given the damage being done as attacks on networks, applications and databases increase, and new threats surface that could take down entire mission critical systems, including those which are needed more than ever in times of medical and environmental crises.

read more