The recent Internet of Things-based DDoS attack on Dyn heralded the beginning of a new era for businesses. For better or for worse, industry experts’ warnings about the need to consider all “endpoints” rather than limiting security efforts to workstations and servers were vindicated.
The event should be a wake-up call. Already six in 10 organizations report having some form of Internet of Things (IoT) initiative underway, and only 15 percent of businesses have no plan to adopt IoT devices, according to a recent report by my organization, CompTIA. By 2020, the number of connected devices is expected to reach 50 billion, a new, massive and complex expansion of the security landscape.
IoT networking norms are still a work in progress, complicated by competing standardization efforts. Without a unified set of behavioral expectations, business leaders must confront a “Wild West” of connected devices. This places an emphasis on defending their organizations through proactive security focused around monitoring, threat isolation and operational contingency.
Security monitoring and planning
Now more than ever, organizations are dependent on their service providers. From DNS and web hosting to public cloud platforms, a rogue army of connected devices can do immense damage without ever penetrating your organization’s defenses. In the past, only the largest and most sophisticated actors could hope to disrupt the services of major vendors, but billions of unsecured IoT devices place everyone at risk.
While there are some steps organizations can take to protect their own publicly-facing assets, like DDoS protection services on high-traffic websites, many areas are out of their direct control. As a result, relying on a single vendor for a critical service exposes organizations to immense risk. Where possible, businesses should diversify their vendor relationships to ensure operational continuity even when one experiences a service disruption.
Multi-cloud solutions will also play an important role in ensuring operational integrity. Mission-critical functions in the cloud should not be dependent on any single provider, or your business operations can become extremely fragile. An outage at one of your vendor’s own partners — a firm you’ve potentially never contracted with or even heard of — can interrupt your own operations. Many cloud platforms offer multi-cloud support for precisely these situations, mitigating the liability of using just one vendor.
Being a good digital citizen
Business leaders also need to keep a close eye on their own networks, especially with regard to IoT devices. While this doesn’t directly affect your own firm’s security, organizations that negligently allow connected devices — like beacons or machine asset control devices — to become compromised and join in an attack are unlikely to inspire trust in their customers or the media.
Many connected devices lack the security capabilities common to servers and workstations, forcing security professionals to concentrate their efforts at the network level. Businesses have long made use of traffic monitoring and shaping tools to improve network reliability and efficiency, but these will become essential to ensuring your firm is not an unwilling participant in the next major DDoS attack.
Thankfully, many businesses have already invested in some technology that will prove vital to long-term security as connected devices grow and diversify. In particular, network intrusion detection and prevention systems provide the oversight necessary to protect your firm’s connected devices from becoming part of a malicious botnet.
If they have not already, now is the time to invest in network traffic monitoring tools, paying special attention to where IoT devices are connecting and how much traffic they generate. With only a minimal level of effort, organizations can use their existing firewall to monitor and control the flow of traffic from connected devices.
Preparing for a more connected future
There are already nearly 23 billion IoT devices connected to the internet, a number that will more than double within four years. Organizations need to invest time and resources in defending their own connected devices from infection through enhanced network security, while reducing susceptibility to service interruptions caused by IoT DDoS attacks.
By focusing on both traditional security measures like intrusion detection and newer strategies like multi-cloud infrastructure, businesses can prepare to face the challenges and opportunities in connected devices without fear.