Network Segmentation: A Key Measure for IoT Security

Share :

Not long ago, the number of connected devices within the Internet of Things (IoT) was a mere fraction of  installed base of PCs and smartphones. Times have changed.

In 2018, there were 7 billion IoT devices. By 2025? That number is expected to grow to a staggering 75 billion devices

There are several reasons why IoT is expanding so rapidly. At its core, it offers virtually endless options for extending IP network connectivity to domains that have traditionally lacked it. Every sector from health care to manufacturing will be able to leverage IoT to connect disparate systems and achieve new operational efficiencies.

For example, hospitals could use noninvasive IoT sensors to monitor patients and send key information to the cloud for delivery to other systems.

However, the IoT also creates many new security-related complications. IT administrators must now manage an increasing variety of IoT devices—some without traditional interfaces for receiving patches. Small and medium enterprises (SMEs), in particular, face challenges in ensuring their IoT initiatives are safe enough to use. What are their options?

A Smart IoT Security Practice for SMEs

We dove further into a number of these challenges in a  virtual conference hosted by SC media, which was focused on endpoint protection through controlled access and privileges. In addition to that event, let’s examine one of the most effective countermeasures to the vast spectrum of IoT threats: network segmentation.

The Basics of Network Segmentation

Network segmentation refers to the division of a network into subnets, typically for purposes of improved performance and enhanced security. With a segmented network, you can separate the traffic of internal users from that of guests and external contacts. Moreover, you can further fine-tune the segmentation so there are individual segments for your web servers and databases, as well as employee devices.

Physical segmentation is even mandated under specific regulations such as PCI DSS. In addition to standardized compliance, segmentation also makes it more difficult for outsiders to penetrate your network via an unsecured IoT device, while shielding sensitive data from overly curious insiders.

How Does Network Segmentation Work? 

Consider a guest Wi-Fi network, which is the IT equivalent of a visitors’ parking lot. It has a limited, self-contained scope, as well as key restrictions on its use.

Visitors log on to this guest Wi-Fi, while employees use a restricted access network. The separation is critical, since outsiders inevitably use unmanaged hosts and endpoints not provisioned by IT. This issue will only become more pronounced as IoT expands the overall number and variety of possible devices.

IOT graph with connection to icons of phones, laptops, buildings, WiFi, and more

How to Keep Untrusted Devices in the Guest Network:

  • Create a unique SSID for the network, leading to an isolated VLAN that connects to the internet separately from the internal network. A dedicated circuit for the guest network may also be installed.
  • Require passwords be entered through a captive portal. This not only prevents network overuse, but also enables logging of every visitor and the enhanced access controls – including session termination – that comes with it.
  • Monitor all traffic on the guest network. It may be segmented and have its own circuit, but you don’t want it to become a blind spot in your IoT defenses. Managed detection and response (MDR) via a security information and event monitoring (SIEM) solution can ensure you keep tabs on network activity and spot anomalies quickly.

These measures and others help reduce the total attack surface, even as your IoT infrastructure expands. Your internal network structure remains invisible to guest users. Plus, if there is a security incident involving a guest, it’s relatively easy to contain and won’t spread to more important assets.

Ultimately, network segmentation works by restricting the flow of traffic between zones. Your security team gains granular control over who has access to what, allowing them to head off common IoT threats such as botnet-enabling malware that thrive on easy proliferation across devices.

For example, IoT endpoints like IP cams and “smart” home security devices are notorious for their security vulnerabilities. The Persirai botnet alone, discovered in 2017, exposed 120,000 such cameras  according to Dark Reading. Implementing network segmentation and MDR and SIEM within a security operations center (SOC) is your best defense against these types of cyberattacks.

What to Do Next to Secure Your IoT Initiatives

Segmentation is just one of many actions you can take to better protect your organization from IoT vulnerabilities. Having a diverse set of cybersecurity protections is ideal, in light of today’s abundance of attack vectors, which are always evolving.

And for more information about SIEM strengths and weaknesses, check out SIEM: A Comprehensive Guide

 

Arctic Wolf

Arctic Wolf

Arctic Wolf provides your team with 24x7 coverage, security operations expertise, and strategically tailored security recommendations to continuously improve your overall posture.
Share :
Table of Contents
Categories
Subscribe to our Monthly Newsletter