How To Manage And Harden Your IoT Environment In The New Normal
November 10, 2020 / Unisys Corporation
The term “remote worker” typically brings to mind individuals who are building products, collaborating on business and marketing strategies and selling solutions. But as a CIO, CISO, CTO or manufacturing vice president, you know that once products and strategies are created, purchased and installed, someone needs to secure them and keep them up and running.
In the past, when IT and other connected equipment or IoT devices malfunctioned or an outage or security incident occurred, tech experts traveled to the impacted site to assess and address the situation. But in the new normal in which organizations often want employees to work from home to safeguard their health and prevent the spread of Covid-19, employees or field support people cannot always visit a site in person to identify, manage and fix such problems.
Even if support personnel can travel to a site, it’s often difficult for people to understand and act on problems at the speed and scale required in our complex and fast-moving world. After all, there are many IoT devices out there, and the importance of quick action to ensure business continuity and provide customers with the kind of experiences they expect is paramount.
That’s why organizations should manage and harden their IoT environments and why they should do so in a way that accommodates the world in which people and IoT coexist today. Having an accurate and complete inventory of connected devices, along with a catalog of software versions running on them, will streamline efforts to keep the environment up to date with the latest hardware and software.
Take Inventory Of What You Have And What You Need
To create a plan to make your IoT environment more secure and resilient, take an inventory of the devices you have and identify the solutions that you need.
Look at the IoT devices within your connected landscape. Are they running on older operating systems? If so, they may be vulnerable to compromise, and you should examine them more closely.
You can replace these IoT devices with newer, more secure models. However, if these devices are working well, you may want to simply protect them with an edge network virtual gateway. (Full disclosure: my company offers virtual gateways, micro-segmentation and cloaking solutions and managed security operations.)
Get To The Root Of The Problem
Managing and hardening your landscape of connected devices requires a secure communication path to your IoT devices and the ability to get to the root of IoT problems.
Let’s say a capacitor issue has resulted in a faulty process controller. You should focus on the capacitor rather than on determining if any data was corrupted by that process controller.
Once you establish a secure tunnel to the information, it’s easier to see the cause and limit the impact of the issue. You can then address the security problem instead of getting lost in the surrounding noise.
Control And Contain The IoT Environment
To make sure your overall infrastructure is not getting hacked, ensure that your communication paths to your IoT devices use secure tunnels. Tunneling is valuable because the data is encrypted such that potential hackers are prevented from stealing or spoofing your data.
Cybersecurity efforts aren’t foolproof, of course. There are situations in which bad actors will hack into your IoT devices. When that happens, your existing systems may flag that unauthorized access. While that’s important, it doesn’t do anything to limit the damage.
With micro-segmentation and cloaking, you can contain the threat almost instantly via automated response. The IoT device that is exhibiting anomalous behavior will then be unable to propagate the problem.
Apply EDR And Vulnerability Assessment Tools
You may also want to consider extending endpoint detection and response (EDR) technology and vulnerability assessment tools to safeguard and strengthen your IoT environment.
Consider an IoT device that has been breached but does not have a clear identifier tag. You may have few methods to reach the IoT device remotely. One possible approach is to extend your EDR solution beyond traditional IT environments to your less-commonly monitored IoT environment and to leverage a secure virtual gateway (SVG) to establish a connection with the IoT device.
In addition, your vulnerability assessment tool can help you get ahead of potential problems by letting you know if your IoT environment is vulnerable in certain areas. You can then fill those gaps.
Leverage Managed SOC For Incident Response
Recent research from Emsi (via Security Magazine) shows that cybersecurity talent is in short supply. So, if you need some help with incident response, you may want to call on a managed security operations center (SOC) to provide assistance.
A managed SOC can investigate incidents to see if they need attention or are simply false alarms. It can provide you with the skills and technology for prevention and mitigation.
For example, as my colleague recently explained, advanced field services organizations are responding to the new normal by employing augmented reality. This could allow experts to assist customers and field technicians who are wearing devices like Google Glass to locate and fix problems.
Reduce Risk, Increase Uptime And Move Forward With Confidence
The time is right for the next generation of automation in the IoT arena, but your IoT environment can also benefit from security and hardening best practices from the IT world.
To select the best solutions in these categories for your organization, ensure you have coverage for the right prevention, detection and response as well as any other critical security frameworks that you have adopted. Seek solutions that offer ease of interoperability. Consider whether you need open standards, API libraries, opportunities for data sharing, orchestration workflow integration or professional services and support. Find a solution that provides meaningful analytics regarding actions to take and the right security and compliance investments to make.
When you apply the best of both worlds to your IoT environment, you can reduce risk for your associates — who won’t have to be as hands-on in handling security and maintenance issues — and for your business, which will be able to prevent problems and move quickly to limit damage when incidents do occur. You can avoid downtime and become more agile and resilient.