<img height="1" width="1" src="https://www.facebook.com/tr?id=1046809342117480&amp;ev=PageView &amp;noscript=1">

VSEC Blog: IT Security Channel News brought to you by Infinigate UK

Share the Infinigate UK Blog on LinkedIn Share the Infinigate UK Blog on Twitter Share the Infinigate UK Blog on Facebook Share the Infinigate UK Blog on Google+ Share the Infinigate UK Blog via Email

How to Mitigate IoT Security Risks with Aerohive - VSEC CyberTalks

Topics: IT Security, Data Security, SECaaS

Posted: 16 September 2019

IoT Risks

We have all heard of hacked baby monitors, transport ticket machines infected with ransomware and internet connected vehicles being hacked. But, what does this have to do with enterprise networks?

With the McKinsey Global Institute estimating that 127 new IoT devices are added to the internet every second; and Gemalto reporting that only 33% of IT teams believing they have control over IoT devices on their networks, it feels as though a storm is brewing.



Consumer IoT Devices Always End Up on Enterprise Networks

In this episode of VSEC CyberTalks, we hear from Marko Tisler – Director of Product Marketing and Solutions, about how IoT is being used in the workplace, what threats it poses and how Aerohive  have been helping their customers.

When asked why IT leaders should even be thinking about IoT devices and their lack of security, considering they are consumer level devices, Marko eloquently described a scenario which we are most likely all familiar with.

Devices which are sold on the consumer market almost always end up in the enterprise space, whether we want them to or not. Be it simply a desire to connect to a WiFi network, or a senior member of staff wanting to use their latest gadget – many an IT team have found themselves forced to onboard IoT devices – even when the software or hardware doesn't contain sufficient security for the enterprise space.


An Estimated 1bn IoT Devices on Enterprise Networks

When asked how prevalent IoT devices are in enterprise networks today, he was careful to warn that it is very difficult to estimate such numbers because of a lack of visibility. However, there are 5-6 billion IoT devices connected to the internet (and rising) based on market estimates. Even if 30% of those were to be present on enterprise networks, it would reach a number of 1 billion devices.

Marko went onto say that in his experience, the most shocking case of IoT device risk being exploited was the Dyn DNS attack in the US, in late 2016, which brought down major businesses such as Amazon and Twitter for an entire day.

The scale of this attack was unprecedented with an estimated 100,000 IoT devices taking part simultaneously.

In response to the lack of security exhibited by IoT devices entering enterprise networks, Marko was able to offer some recommendations to IT teams. Firstly, increase visibility and understand what is connected to your network, who owns it and what access is authorised. Then establish a good state or a baseline in order to detect anomalies and take action later.


How Aerohive Protects Against IoT Threats

Aerohive have a strong history of working with customers who have IoT security concerns. Marko was able to provide three key features of Aerohive solutions for this purpose.

  1. Use of their cloud-managed wireless LAN controller which can process and understand devices at a higher velocity than an on-premise equivalent.
  2. All Aerohive access points have a built-in firewall which means networks are segmented to provide protected before devices are connected.
  3. Aerohive uses one most comprehensive device databases in the world, which means devices can be identified at connection and have an access policy applied to their communications which are appropriate to that device type.

For value-added resellers and the alike, Marko was keen to explain what assistance Aerohive can provide to the channel. Channel partners benefit from training and enablement programmes; save time with simplified licensing schemes; easy to deploy solutions which are highly scalable, particularly in the case of the cloud; and the chance to work with a dynamic and constantly evolving vendor.


New call-to-action

Infinigate UK
Posted by: Infinigate UK
Share via:

Subscribe to VSEC Blog Updates

Terms and Conditions:
  • When completing this form, you are indicating your consent for this processing activity. By doing this you are providing Infinigate UK with lawful consent to process your submitted personal data for one or both of the marketing purposes below:
    • We will use your details to send you blog updates.
    • We will match your answers to areas of interest which believe you have and may send you additional marketing materials related to those areas.
  • We will keep your personal data for nine months, upon which we will delete your personal data unless you have consented to further processing or we have legitimate interests to retain it. You are free to withdraw your consent at any time by contacting our marketing department or using one of our unsubscribe links in our communications.
  • In some cases where you indicate consent for supplying you with additional promotional marketing material, we will share your personal data with one of our reseller partners, should your areas of interest match a solution or service they provide. We instruct all our reseller partners to communicate this data transfer with data subject affected.
  • Your personal data is stored in a marketing automation solution database, access to this is limited to authorised users and all necessary steps to ensure data security is maintained.

For further information about this form, your rights under the General Data Protection Regulation or how to exercise them, please contact Infinigate's marketing department here.

Popular Posts