There is an explosion of new devices in the enterprise. 8 billion devices in 2017, growing to 20 billion by 2020, according to Gartner. Some of these devices are brought in by employees. Some by the organization itself. Some by contractors or 3rd parties (think of the package tracking device that a delivery person carries). Most of these devices are invisible to businesses and their current security tools.
YOU CAN’T PROTECT WHAT YOU CAN’T SEE
Based on the IoT Security Assessments we have conducted with customers, businesses cannot see 40% of all the devices in their environment. They can manage even less. And this makes sense given traditional security solutions require an agent on the device. Or worse, they can’t manage the device because it is not even connected to the corporate network, it is connected to a rogue or shadow network. In either case, IT is blind to the device and what it could be doing to threaten the environment.
A WORLD OF CONNECTED DEVICES
There are so many of these new types of devices. Each with the ability to not simply connect wirelessly to networks, but even create their own networks or hotspots. Some of the types we have encountered are:
- Smart TV – Connected wired and wirelessly, can connect with the network and the devices around it
- Tablets – These are used as point of sale solutions, mobile worker application devices (retail, manufacturing and energy), reception and scheduling tools, and more.
- Amazon Echo and Google Home – Designed to listen, gather information, and transmit. These are showing up more and more in business environments.
- Wireless Keyboard or Mouse – Often connected via Bluetooth, these devices connect to authenticated, privileged corporate devices. Hackers will use these new protocols as new gateways to the enterprise.
- VOIP Phones – A standard in the enterprise, but when improperly secured, these can connect to the wrong network, expose passwords and credentials, They even allow spoofing of corporate numbers.
- Smart HVAC or Lighting Systems – Bringing new efficiencies and savings, these typically cannot have an agent on them, so businesses cannot to track their behavior, connections, and communications.
- Hotspots – With mobile devices able to set up their own networks, there is no real edge to the network. And then there is the pineapple, a rogue device that actually sets up its own network; a honeypot that tricks users into connecting. A device costing less than $100 can cost an organization millions if it successfully gains access to devices, systems, and data.
AGENTLESS IOT CONTROL
Using an agentless technology, Armis lets you see and control every device (managed or unmanaged) in your environment. It also sees the connections those devices make. From traditional laptop to smart phone, Smart TV, or Amazon Echo, you can see the device, its connections and profile, to determine its connections and profile, and determine if it is behaving in accordance with policies. If not, you can automatically disconnect the device until you are sure it is safe.