IoT: Combating Latency & Closing Security Gaps
With IoT deployment on the rise, the time is now to tighten defenses.
Adding in a wave of IoT devices and opportunities to existing infrastructure is going to be a challenge. But you can't forget about security along the way, either. According to TIA, nearly half of companies surveyed are already actively engaged in IoT deployments. With that level of enterprise adoption, keeping things in good working order and secured has never been more important.
The point is, your IT staff needs to be making improvements now.
There are several things that enterprise network administrators can do to tighten security and reduce the number of incidents, losses, and disruption to business. The worst thing is doing nothing, either as a result of becoming overly confident or just plain complacent.
A first suggestion is to move the cheese. By this I mean regiment the software updates on a schedule, if you don't already have one in place. SolarWinds, a provider of IT management software, recently reported that less than 30% of businesses are on a schedule (monthly or weekly) to perform patch management and updating of their wares.
Moving to monthly updating is a good start, but aim to move the frequency to bi-monthly for several months and then make it a weekly affair. I don't make this suggestion lightly; according to SolarWinds in its recent cybersecurity report, "Detection, response, and resolution times are all growing." I recently wrote about this in IoT Security: How Elastic Are You?
While AI certainly holds a lot of promise when it comes to leveraging it to decrease the time to detect, defend, and resolve security issues, you can't ignore the human element of IT management. Staff need to exercise due diligence. This translates to stepping up and moving towards weekly updates of servers, workstations, infrastructure (firewalls, switches, routers, etc.), and other connected gear. You need to keep up this regimen until these processes are automated.
AI will come with its fair share of resistance, as people expect AI to replace more menial tasks and thus eliminate jobs. But this resistance is misplaced and there will always be a need for knowledgeable IT staff. Network admins need to prepare for patch management for AI applications because essentially that's where we are headed.
Think about it -- how many nights at home with the VPN connection have you've had? It's common practice to connect remotely and do patching and change management tasks, hopeful that you aren't introducing new problems that will require you to make the drive back into the office. These are menial tasks; agree or not, it's a process that can and should be automated to reduce latency in rolling out the updates and improve accuracy in detecting anomalies with those rolled out changes.
Still, the saying that many people do resist change rings true, because when it comes to change management, network administrators don't want to disrupt users. And ultimately, executive management must be onboard with the idea that change is no longer an option, but a requirement.
A second recommendation that I would like to make is to review configurations and always strive for consistency. This was also touched on in the SolarWinds report.
In larger organizations, IT staff tends to be pigeon-holed into doing one thing for an extended period of time. This is often because when alternating roles, you run into staff with different opinions, a lack of up-to-date information, and the need for training. This often leads to inconsistency. Further, these issues go unchecked because organizations don't always have mechanisms in place to test their configurations and detect their internal vulnerabilities concurrently.
Combing over configurations again and again in order to eliminate inconsistent programming, policies, and settings is a painstakingly detailed process. But when done correctly, it will eliminate anomalies and unnecessary security risks. These are the kind of details that matter, and troubleshooting consistent issues is much easier than those that are consistently inconsistent, random, and seemingly inexplicable as to their root cause or source. People do make mistakes, and Expressworks finds that employees cause 66% of errors related to cyber security incidents. This is why it is so important to educate users so they do not just rely on IT to fix security problems they caused. But SolarWinds reports that only 16% of those surveyed consider security awareness training a priority.
The last suggestion I want to make is to layer in security -- not just with solutions but also with regard to policies and access control. Many view a cloud migration as losing control. But the fact is that not everything should be migrating to the cloud. There are instances where the TCO for cloud versus on-premises simply won't make sense for an organization. But remember, having control carries risk.
The time to optimize IT operations is now! People need to be retrained on change management, and the business needs to be investing in user education about cyber security. Better get to work!
Follow Matt Brunk on Twitter!