How DNS Security Can Help Combat the IoT Challenge

The Internet of Things (IoT) is not a new concept. For years, IoT devices have been widely and deeply integrated into our homes and businesses. However, the pandemic spiked our professional reliance on these systems and once again shifted the security goalposts. 

As most people began to access their work and educational environments remotely, the digital attack surface expanded significantly. Not only were IT teams responsible for making sure staff were set up with the right equipment and those systems were optimized for the cloud, but teams found themselves scrambling to make sure employees had basic security protections wherever they were located and whatever device they were using. Many IoT devices already present within employees’ homes – such as televisions, thermostats, even light switches – are poorly secured, making matters worse. Each poorly secured device presents a new vector through which malware can enter the employee’s home network. This malware then can jump to and infect the corporate network if employees are switching between the two. 

IoT risks associated with remote sites – or home offices – have quickly become a major headache for security teams throughout the pandemic. With remote working here to stay for many, and IoT devices set to proliferate, failure to address security issues now could spell disaster in the long term. 

The New, Remote Chapter in IoT 

With living rooms becoming home offices and the daily commute a distant memory, the lines between professional and personal have never been more blurred. In some cases, this has transformed how individuals are using their IoT devices, which is problematic for a couple of reasons. 

Firstly, employees are naturally less risk-averse at home. Many will willingly use their work devices to engage in behavior that they might think twice about in an office environment, such as browsing social media, shopping or streaming entertainment services. Many will not realize that this use of insecure Wi-Fi connections, unsanctioned applications, and browsers with insecure plug-ins can compromise the whole business network.  

Conversely, whether due to a lack of resources or personal preference, many employees have been using their own devices to access corporate networks over recent months. Using personal devices that are unknown to the IT team can let in shadow IoT threats resulting from lateral compromise. Given that IT teams can’t easily enforce corporate security policies on devices and applications that sit outside their infrastructure, each device is a potential landmine, just waiting to go off. Even before the pandemic, this was a common problem, with research discovering that a staggering 80% of IT professionals had discovered shadow IoT devices connected to their network within a 12-month period. This figure is only likely to have increased in our current remote work landscape. 

Organizations need to take this time to embrace a more strategic approach to security, rather than hanging onto a network model that isn’t compatible with our new cloud-based environments. There is no longer a center with everything around it, and security practices need to reflect this. 

Taking Back Control 

One of the most powerful ways IT teams can protect their network against shadow IoT threats is by increasing visibility. This is where DNS (Domain Name System) tracking can help. DNS knows exactly what every IoT device is doing and provides a viewpoint of the entire organization through a massive pool of forensic data. It doesn’t rely on a device being authorized or known to IT. Instead, DNS needs a device to access the internet. 

In fact, by merging DNS, DHCP (Dynamic Host Configuration Protocol) and IPAM (IP Address Management), businesses can address many of the IoT challenges that come with our current remote working landscape. These three technologies – also known as DDI – can pinpoint threats at the earliest stages, identify compromised machines, and correlate disparate events related to the same device. By providing an up-to-date view of all devices connected to a network, regardless of location, they help to diminish some of the strain placed on IT professionals. They can even help teams automate the provisioning of security services on remote endpoints, removing the need to ship devices back and forth for on-site patching.  

Every day, an increasing number of businesses are announcing their plans to keep some form of remote work in place post-pandemic. With this in mind, defending from the network edge and protecting against shadow IoT threats is likely to be a priority for security teams moving forward. Using core infrastructure like DDI as the security control plane will give organizations the upper hand and enable them to protect their networks and their employees, no matter where they’re logging on from.  

What’s Hot on Infosecurity Magazine?