IoT Is Only Getting Bigger
The Internet of Things (IoT) is growing larger day by day. With thermostats monitoring and virtual personal assistants listening, it’s getting quite easy to become surrounded by things. Things are great! They can help you turn on lights and buy dog food and find out what the weather is like without having to look out a window. But things do come with risks. These things could risk your network security, data, users, intellectual property (IP), and even your entire company!
It’s to be expected, really, if you think about it. Each device asks to connect to your network and then monitors something, often communicating out to the Internet. Each thing is now a new window or door into your network – a new safety vulnerability disguised as a handy device.
People Forget About Security
Often, people add smart devices in their homes and offices without any thoughts of security. It’s assumed that the company who created the device was smart enough to add in some measure of safety. Sometimes this is true with the more conscientious manufacturers, but many times network safety is sacrificed for speed to market (gotta get those sales numbers up). This isn’t safe for your home network, and it can be disastrous for your office network.
Imagine an enemy agent out there watching your company. Suddenly, a thing pops up on his radar. To you, it’s just a little monkey on your desk that opens its umbrella when it is going to rain (and if that doesn’t exist, it really should). To the enemy agent, it’s a poorly protected entry point to your company’s network. The monkey might tell you that it’s going to rain, but what it isn’t telling you is that the rain is really the tears of your company as all its important information is exploited.
Insecure IoT Can Ruin Your Company
The monkey might be a simplistic and dramatic example, but the main points are solid. Adding unsecure items to your office network can be disastrous. Though we highlighted a frivolous IoT toy, there are many things that are very valuable and useful to businesses and organizations: the aforementioned thermostat, moisture sensors, factory automation things, HAL 9000, security devices, and even a fishtank in a casino!
The first thing to do is make an IoT security plan (i.e., what to do when someone wants to add a new device to your network), and the first step of that plan is to take the new device to the IT department for evaluation. Is it from a known and/or trusted manufacturer? Does it have any safety features built into it? Does it often get its firmware updated? Who will monitor and make sure updates are done in a timely manner (this one is really important)? In short, is this good for the company (read: worth the risk to your network)?
Making a plan gets everyone in the habit of thinking before they add a new thing – and, to be quite blunt, users should never stop thinking. But we want to make your IoT security easier and safer – with Fognigma.
Fognigma takes a multi-prong approach in protecting your things by protecting everything on your network. In a nutshell, Fognigma creates a Mission Partner Network (MPN) in parts spread out across multiple cloud platforms, which function as one. This creates an invisible-to-outsiders network in which your data, your communication tools, even your current network (depending on your Fognigma deployment) live. Your IoT devices are also inside the protection of your MPN, as well.
IoT devices connect to the MPN through a bit of hardware called a Wicket. Depending on how you have your IoT spread out through your organization, each device can have its own Wicket, or they can clump into little IoT hives and several devices can connect through one Wicket. Once connected to the MPN, your things are now invisible to external threats.
MPNs prevent metadata snooping (a key way third parties discover networks to exploit), which means network threats won’t even know your IoT devices exist. Fognigma is already in line with the NIST’s recommendations for IoT security by wrapping each connection inside an MPN with the recommended AES-256 encryption. Only, Fognigma doesn’t just use one layer of AES-256 encryption – everything inside your MPN is double wrapped for extra security.
A company that uses Fognigma will have a major advantage in the IoT world, as Fognigma makes sure your IoT remains only your IoT. That’s the magic of Fognigma. We’d like to chat more about this, but the thing on our wrist (which is connected to our phone, which is connected to the refrigerator) is telling us it’s time to get up and get a snack.