HOW CAN
ORGANISATIONS
BALANCE THE
BENEFITS OF IOT
WITH THE POTENTIAL
CYBERSECURITY
RISKS IT BRINGS?
I
nfoblox, the
network control
company
that provides
actionable
network
intelligence, has
announced new research that exposes
the significant threat posed by shadow
devices on enterprise networks.
The report titled What’s lurking on your
network: Exposing the threat of shadow
devices found that enterprise networks
across the US, UK and Germany have
thousands of shadow personal devices
such as laptops, kindles and mobile
phones and Internet of Things (IoT)
devices such as digital assistants and
smart kitchen appliances connecting to
their network. Over a third of companies
in the US, UK and Germany (35%)
reported more than 5,000 personal
devices connecting to the network
each day. Employees in the US and UK
admitted to connecting to the enterprise
network for a number of reasons,
including to access social media (39%),
as well as to download apps, games and
films (24%, 13% and 7% respectively).
These practices open organisations up
to social engineering hacks, phishing
and malware injection. Conversely, just
16% of IT directors in the UAE reported
having more than 500 personal devices
connecting to their networks.
www.intelligentciso.com
|
Issue 03
network on a typical day, with 12% of
UK organisations reporting having more
than 10,000. The most common devices
found on enterprise networks included:
• Fitness trackers, such as FitBit or
Gear Fit (49%)
• Digital assistants, such as Amazon
Alexa and Google Home (47%)
• Smart TVs (46%)
• Smart kitchen devices, such
as connected kettles or
microwaves (33%)
• Games consoles, such as Xbox or
PlayStation (30%)
Ashraf Sheet, Regional Director Middle
East and Africa at Infoblox, said: “It is
clear that organisations cannot rely
upon employees to follow their security
policy for connected devices. Network
and security professionals must actively
manage the threat introduced by shadow
devices by restricting access to certain
sites, adopting a solution that provides
full visibility of all devices and securing
the enterprise DNS infrastructure.”
A third of companies in the US, UK
and Germany have more than 1,000
shadow IoT devices connected to their
Such devices are easily discoverable
by cybercriminals online via search
engines for Internet-connected devices,
like Shodan, which provides even lower
level criminals with an easy means of
identifying a vast number of devices on
enterprise networks that can then be
targeted for vulnerabilities. For example,
in March 2018:
• There were 5,966 identifiable
cameras deployed in the UK
• There were 2,346 identifiable Smart
TVs deployed in Germany
• There were 1,571 identifiable Google
Home deployed in the US
27