Outdated Security Creates an IoT Danger

 
 
By Karen A. Frenkel  |  Posted 06-21-2016 Email
 
 
 
 
 
 
 
 
 
  • Previous
    Outdated Security Creates an IoT Danger
    Next

    Outdated Security Creates an IoT Danger

    Many companies are using outdated security methods to secure IoT devices, and they’re failing to include IoT in their security policies.
  • Previous
    Low Perceived IoT Penetration
    Next

    Low Perceived IoT Penetration

    Asked what percentage of devices on their network they believe are IoT devices, 66% of respondents say less than 25% of devices on their network are "things."
  • Previous
    Low Awareness of Networked Devices
    Next

    Low Awareness of Networked Devices

    85% of respondents are not confident that they are aware of all the devices on their network. Less than 33% are reasonably certain that they know about and can control all the things as soon as they are connected.
  • Previous
    Average Number of IoT Devices
    Next

    Average Number of IoT Devices

    Asked how many IoT devices they have on their network, respondents reported an average of nine IoT devices. 25% had five or fewer devices, and 62% had 6 to 15 devices.
  • Previous
    Respondents Who Reported No IoT Devices
    Next

    Respondents Who Reported No IoT Devices

    Of those respondents who say they have no IoT devices on their network, 75% had three device types the authors consider gateway threats and highly risky printers. 50% had additional device types that are risky or are gateways.
  • Previous
    More on Respondents Who Reported No IoT Devices
    Next

    More on Respondents Who Reported No IoT Devices

    The average number of IoT devices among those who say they have none is eight, compared to those who recognize them, who reported having nine. So there is no significant difference in what is on the networks of the two categories of respondents.
  • Previous
    High Risk IoT Devices
    Next

    High Risk IoT Devices

    25% of respondents have IoT devices that the authors consider high security risks. These are: Storage (cloud drives): 47%, Video surveillance: 47%, Scanners: 46%, Door/security alarms: 44%, Smart TVs: 38%, Video (chromecast, Apple TV, etc.) 33%
  • Previous
    IoT Devices and Security Policy
    Next

    IoT Devices and Security Policy

    Asked whether their company has a security policy for IoT devices, 44% of respondents said yes, but 25% did not know whether their security policy includes these devices.
  • Previous
    Security Policy and Home Networks
    Next

    Security Policy and Home Networks

    33% of respondents' companies have policies that include home networks, which is troublesome because the "intelligent home" is one of the first widespread IoT implementations.
  • Previous
    Importance of Discovery and Classification
    Next

    Importance of Discovery and Classification

    Asked how important it is to discover an IoT device on their network, 89% of respondents say it is important. Asked how important it is to classify the type of device, 87% think it is important.
  • Previous
    Importance of Discovery and Classification Without an Agent
    Next

    Importance of Discovery and Classification Without an Agent

    86% of respondents think it is important to discover/classify IoT devices without using an agent.
  • Previous
    Most Methods of Securing IoT Devices Ineffective
    Next

    Most Methods of Securing IoT Devices Ineffective

    Respondents are using traditional security methods designed for intelligent computing devices that are ineffective for Things; 50% use passwords and similar security. Only 19% use specialized agents to monitor their network. 25% either don't know, or know that they use nothing.
  • Previous
    Two Biggest Challenges For IoT Security
    Next

    Two Biggest Challenges For IoT Security

    41% of respondents say IT and OT functions working together is the biggest challenge for IoT security. The next most chosen challenge is acknowledging IoT devices, according to 34% of respondents.
 

The IT community must immediately address Internet of things security because there is a dire need for advanced security for agentless devices, a study revealed. IoT devices are often not addressed in companies' security policies, if indeed any policy exists. In addition, the perceived penetration by respondents of IoT devices is low and they are not confident that their perception is accurate. "When respondents were asked which devices were networked, the current penetration of IoT devices is actually quite high—and uncontrolled," the report stated. The study, "The Internet of Things Isn't Coming, It's Here," was commissioned by ForeScout Technologies, a security company specializing in devices, and conducted by Webtorials in March and April. Respondents are members of the Webtorials community who identify themselves as IT and telecommunications professionals involved in some aspect of installing, operating, planning and/or designing an enterprise communications network. Students from the SIP School, which trains and certifies IT professionals, also participated. The sample represents a wide range of company sizes worldwide in a broad range of markets. 

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...