Manufacturers are incorporating IoT devices and sensors to capture data and communicate with devices that reduce unplanned interruptions, improve quality, and transform the supply chain. They can use IoT devices to track energy consumption, heat levels, goods in transit and much more.
The Challenge of IoT Devices
While IoT devices can drive numerous positive changes in the manufacturing industry, one of the biggest challenges is cybersecurity.
Built for autonomous machine-to-machine connection, IoT devices change how organizations collect data, automate services and structure interdependent systems.
Since most IoT devices have little or no inherent security, they present an easy target for cyber attackers. Hackers can quickly scan a network, identify these weak spots, and then use the IoT devices to access and move throughout a network.
Lax IoT device security is a known network weakness and a security gap that is particularly concerning for critical infrastructure organizations and the U.S. government.
“The growing dependency on network-connected technologies is outpacing the means to secure them,” Jeh Johnson, secretary of Homeland Security said.
The amount of unsecured IoT devices connected to networks is exploding and as a result, the attack surface is growing exponentially. With today’s global environment, most networks are accessed by a vast array of endpoints in varying locations. It is critical to ensure IoT and other endpoint devices do not compromise network security.
Securing IoT Devices
One of the easiest and most effective ways for critical infrastructure manufacturing organizations to secure IoT devices is to use an advanced Network Access Control (NAC) solution as a compensating control.
Comprehensive NAC security should provide complete visibility, control and automated threat response. Advanced NAC security can not only secure IoT devices, it can also secure programmable logic controllers (PLCs), BYOD devices and other endpoints common to manufacturing organizations.
There are three critical components of NAC security:
Visibility: Since it is impossible to protect the network from a threat you cannot see, visibility is a crucial first step in securing IoT and other endpoint devices.
Visibility simplifies centralized management and ensures that if a device is compromised, it can be located quickly, even if the device is in a remote location. It should also be able to identify a new headless device, and notify the device sponsor to authorize the device onto the network.
A good NAC security solution should see and verify headless devices every time a device connects or re-connects to the network. In addition, a complete visibility solution records every action taken by every device and provides contextual information that speeds time to remediation.
Right now, many organizations receive alerts of suspicious activities for a specific IP address, then spend hours trying to manually track down the suspect device.
Critical infrastructure organizations cannot risk this dwell time – it is crucial to deploy a solution that provides the requisite visibility to immediately pinpoint a suspect device. A good NAC security solution solves this challenge in seconds, and also satisfies several National Institute of Standards and Technology (NIST) requirements.
Control: Critical infrastructure organizations require advanced NAC security for granular control of endpoint access policies and permissions. The ability to customize individual levels of access is crucial for many regulatory requirements, as well as a safety precaution that can limit access to an organization’s most sensitive data and devices.
In addition, a good NAC security solution simplifies and supports network segmentation right to the network edge, creating numerous VLANS that limit cross-talk and secure the network from the spread of lateral or east/west virus attacks.
If critical infrastructure organizations segment IoT devices on separate VLANs from other data and critical systems, this further secures the wider network and critical data in case of a breach.
Automated response: Reducing dwell time can reduce the impact of most threats. By implementing NAC security with real-time automated threat response, organizations can reduce dwell time from months to seconds.
For example, if an IoT device starts pinging your DNS server, it can be tracked, an alert can be generated, and the port can be immediately locked down, while the situation waits for analyst review.
Advanced NAC security solutions can also scan BYOD, guest and contractor devices on a pre-connect basis to ensure they comply with minimum network security standards.
In addition, these solutions can continuously monitor the devices while connected, and automatically isolate a device if it falls out of compliance or begins to behave in a suspicious way.
Once a device is isolated, the best solutions can triage and deliver the alert, along with all the contextual information, to an analyst. This speeds time-to-resolution and reduces the burden on strained IT resources.
intlx Solutions is a Fortinet partner.