How Did THAT Get on My Corporate Network?
Palo Alto Networks’ IoT survey underscores the importance of shared accountability among remote workers and IT teams in order to secure their business.
The distinction between corporate and personal gadgets is blurring as the barriers between work and home environments blur. According to IoT Analytics, there will be more than 30 billion IoT connections by 2025, or about four IoT devices per person on average.
According to Palo Alto Networks’ The Connected Enterprise: IoT Security Report 2021, 78 percent of IT decision-makers (those whose company has IoT devices connected to its network) reported an increase in non-business IoT devices connecting to corporate networks by remote workers in the previous year. The oddest items discovered on such networks include smart lightbulbs, heart rate monitors, connected gym equipment, coffee machines, game consoles, and even pet feeds.
While the array of odd IoT gadgets discovered on networks is fascinating, attackers just need one employee to have a single vulnerable device. Personal devices quickly become a big challenge for corporations at that point. Starting the oven from your smartphone may be easy, but it could also be a point of entry into your corporate network.
Cyber Secure at Home
Vulnerability management and improved cyber hygiene are now everyone’s duty in the new work-from-home (WFH) culture. When a hacker gains administrative access to a home router, all devices connected to it are effectively rendered useless. The first point of improvement for the WFH employee is to safeguard their wireless router and develop a strong Wi-Fi password. This simple action can greatly limit the likelihood of a hacker obtaining access to your home network.
Employees at WFH should also take advantage of the micro-segmentation capability present in most Wi-Fi router firmware. This allows users to have two networks: one for visitors and IoT devices, and another for business. In the workplace and at home, network segmentation is essential for excellent overall cyber hygiene. According to the IoT survey, 51% of IT decision-makers (who have IoT devices connected to their organization’s network) believe that IoT devices will help them save money. indicated that IoT devices are segmented on a separate network. They are separate from the one they use for primary business devices and business applications (e.g., HR system, email server, finance system).
With the release of Palo Alto Networks Okyo GardeTM, staying cyber secure at home has never been easier. That cybersecurity is aimed at the emerging hybrid workplace, where a kitchen table or spare bedroom may be just as productive as an office desk. Okyo Garde blends hardware, software, and security services in one seamless, straightforward subscription, which is currently accessible in the United States for personal and small business use. In early 2022, Okyo Garde Enterprise Edition with Prisma® Access integration will be available in the United States.
Proactive Cyber Health
To prevent unauthorized devices from connecting to their networks, organisations should use least-privilege access policies. Only allowed devices and users should have access to what is required. The best method to ensure that these devices don’t expose data or have a negative impact on business continuity is to use Zero Trust. Organizations, in particular, require a real-time monitoring solution that continuously monitors the behaviour of network-connected IoT devices for IoT security. These can make use of current firewall investments to recommend and enforce security policies automatically. This would be determined by the level of risk and the extent of untrustworthy behaviour found in those devices. WFH personnel can benefit from a point solution that extends a business network and provides unified security policy management and secure access service edge (SASE).
IoT Security from Palo Alto Networks combines machine learning with patented App-IDTM technology to deliver the most accurate and deep level of visibility into IoT and OT devices for effective baselines of their regular activities. Security teams can use the solution to proactively avoid threats, monitor device risk, discover abnormalities, and recommend policies for implementation.
For the past two years, nearly all respondents to the IoT survey (96 percent in 2021 and 95 percent in 2020) have stated that their organization’s approach to IoT security needs to be improved. In 2021, 25% of respondents said a comprehensive revamp would be the best option. It’s time for businesses to rethink how they’ve dealt with cybersecurity in the past and cultivate a culture of proactive cyber wellness that spans from the C-suite to all employees. This transition will allow for more investment and focus on cyber hygiene measures, which will help to thwart cyber attacks and mitigate the consequences of a cyber incident.