IoT and How We’ve Given Control Back to IT Departments
“First off, A3 offers a capability called device profiling. Each type of device (e.g. a Windows laptop, MacBook, Android phone, iPhone, Chromecast, etc.) has a unique electronic signature, which is also called a device fingerprint. It is made up of different characteristics like it’s DHCP fingerprint, vendor, the MAC vendor, the user agent for browser-based devices, and more. Now A3 includes the world’s largest database of these electronic fingerprints, and we can use it to automatically profile the different devices that are coming onto the network, by comparing their fingerprints to the database. This works for all types of devices, including IoT.
And once the IoT are identified, Aerohive A3 can onboard them into dedicated IoT VLANs with appropriately defined network access rights.”
Internet of Things security is something we’ve been thinking about a lot, and we wanted to take some time to explain what IoT is and why it’s hard to secure.
What is IoT?
Internet of Things is a general term for devices that are not controlled by an end user. End-user devices in your office are laptops and desktops. These devices are well supported with software updates, have traditional input methods, and are secured by traditional methods. Internet of Things devices, usually, have none of those things. It can often be controlled only by a web interface, can go years without software updates, and only work with basic network security methods. That sounds bad, but IoT can and will do a lot of interesting things for enterprise IT markets. They will be able to alert facilities staff when paper towels are low in the restrooms, learn and manage heating and cooling based on traffic patterns using Machine Learning and AI, build automated plan-o-gram reports based on customer traffic through sensors, and a lot more. The use cases are endless. Some industry experts think the number of IoT devices in the enterprise will surpass by 2x or 3x the number of end-user devices in the next decade. By 2025 there will be almost 10x more network-connected devices in the world than people. Facilities wise, having a network connection – likely Wi-Fi based – will be the default for new products.
Why is IoT Hard to Secure?
IoT devices, while generally inexpensive, don’t always come with support for advanced authentication methods. They’ll likely support PSK, but not advanced enterprise methods like 802.1x. Our Private Pre-Shared Key (PPSK) technology comes in handy when securing IoT devices. PPSK will allow IoT devices to connect to the network, but you’ll be able to easily revoke their authentication, tunnel them to the right VLAN, and monitor what they do (using Aerohive A3). PPSK bridges the gap when enterprise-grade security is needed, but IoT devices don’t support it. In the past, IT managers could simply deny network access to devices that didn’t mean security requirements. In today’s environment, IT managers have to be seen as business enablers, and figuring out how to meet InfoSec requirements while also growing what the network can do is not only a good idea, but a requirement.
With technology like PPSK, Aerohive A3, and a cloud-managed network, Aerohive is uniquely positioned to be the go-to solution for IT departments working with IoT.
Learn more about Aerohive A3 in our on-demand webinar.