E R T N
P
X
E INIO
OP
Protecting
the IoT-driven
network – a
multi-stage
approach
Simon Wilson, CTO HPE Aruba UK and Ireland,
gives us invaluable advice on deploying a multi-
stage strategy to ensure protection vulnerable
IoT-driven networks.
T
he Internet of
Things (IoT) is
more than just
the next stage
in technical
development. For
many businesses
it represents a valuable source of
data which can be used to gain new
insight into processes, operations and
customer activity.
Offering the potential to spot and fix
inefficiencies, identify new revenue
streams and much more, it has real
economic potential for those who are
able to correctly develop, network and
generate an investment return.
However, crucial to the realisation of this
potential is security. As the breadth and
complexity of devices on the network
continues to grow at a staggering rate,
www.intelligentciso.com
|
Issue 22
many organisations are struggling to
secure this rapidly expanding attack
surface. If they are unable to get a
handle on the situation, then it will
prove difficult to tap into the efficiencies
and outcomes which make any IoT
investment worthwhile.
Of course, this isn’t the first time IT
teams have faced a device-based
security challenge – the rise of BYOD
and remote working both introduced an
influx of mobile devices into the business
environment for IT to deal with. And the
way we got through it then is the same
as we will now – by taking three simple
steps to ensure a secured network.
Step one: Start with visibility
Put simply, you can’t secure what you
can’t see. Before you can take any
other steps, it’s crucial that you are
Simon Wilson,
CTO HPE Aruba
UK and Ireland
able to accurately map what devices
are connected to your network, who is
operating them, and how and why they’re
connecting to your network. As well as
getting a handle on your own ‘official’
devices, shadow IoT – whereby staff
connect devices to the network without
informing IT teams or taking necessary
precautions – is also something you
have to consider.
Traditionally identification has been
fairly straight forward – IT teams worked
against a narrow set of devices using
well practised techniques and then
employed profiling to say what each
person or device should or shouldn’t
be allowed to do on the network. But
with many of today’s devices built with
generic hardware and software, or
coming from emerging vendors who
don’t follow standards; discovery,
profiling and identification is proving
41