Protecting Connected Devices with Zero Trust Technology

Protecting connected devices with Zero Trust technology

In terms of data access, IoT devices pose an enormous security risk.

A non-representative study by BlackBerry shows that companies are aware of this. Among the 250 IT decision-makers surveyed in Germany, the operational technology infrastructure, which includes IoT devices, is considered difficult to defend by 71 percent. The threat to companies from the countless IoT devices as potentially vulnerable endpoints is therefore enormous. Market researchers from the Statista Research Department expect 75 billion networked devices worldwide by 2025. IoT devices can not only send or retrieve data via the local LAN or the corporate network. They often also connect to the internet via their own antennas.

IoT needs security everywhere

One of the advantages of IoT devices for cybercriminals is that they are sometimes continuously on the network for software patches or updated operating data. For example, an IoT thermostat constantly needs information about the temperatures outside or inside a building. This makes it possible for attackers to inject malicious code into the vast amount of temperature updates.

Given the sharp increase in vulnerable endpoints due to the IoT, those responsible not only have to deal with tight budgets and a shortage of skilled workers. It can happen, for example, that employees responsible for maintenance integrate new IoT devices and do not inform the security team due to ignorance. It has a similar effect when employees use untested cloud environments for their work and bypass security protocols. After all, devices that the company does not know about, of course, cannot be protected.

A unified endpoint management solution for all IoT devices could solve these security and privacy issues. It uses strong authentication technology to ensure that data is only transmitted to authorised parties and monitors the complete communication of IoT devices so that no one is able to misuse access authorisations.

Zero Trust Network Access and IoT

As the IoT introduces new risks through a virtually infinite number of endpoints that are constantly on the network, a shift in thinking about the cybersecurity solutions used is inevitable. Systems that grant full privileges and access for the entire session duration after a one-time verification of credentials now fall short. Zero Trust Network Access (ZTNA) is therefore a must.

A fixed component is continuous authentication. Not only is the respective initial access by a user – human or device – checked, but the system continuously monitors what the user is doing and whether he is authorised to do so. This is also done with the help of behaviour analytics, for example by checking whether the user presses the buttons at the speed typical for him or whether he holds his mobile device at the usual angle. It is also checked, for example, whether a user accesses his default folders, whether the access occurs at a suspicious time or at an unknown location, and whether an unusually large amount of data is downloaded.

Cybersecurity in the modern workplace

IoT devices trigger such an avalanche of interactions that human analysts cannot possibly capture them. That’s why technologies like AI and ML also play an essential role in detecting malicious actions quickly and automatically. A modern cybersecurity strategy for the IoT era also requires companies to reduce the complexity of their security stack. A positive side effect: by increasing efficiency, CISOs can also show better return on investment and total cost of ownership figures.

Furthermore, a modern security strategy must take into account the current working reality with IoT and cloud use as well as fast data transfers, including to mobile devices. A bolt-on approach, in which new defence measures are built on top of the old ones and incremental improvements only slightly increase security, no longer leads to success today.

Ulf Baltin of BlackBerry: “A ZTNA approach ensures the necessary protection of all endpoints. Since continuous, comprehensive and strong authentication runs in the background, employees feel that they are trusted as well as their devices, applications and systems. At the same time, authentication friction is reduced, which increases productivity. Solutions from our company reliably ensure secure collaboration, simplify processes, increase productivity and mobility while protecting a company’s reputation.”