We already know the scale of the various projections with billions of connected things ranging from industrial IoT to home connected devices and everything in between. This exponential growth brings its own share of uncertainty and risks. In fact, according to a recent survey data released by strategy consulting firm Altman Vilandrie & Company, nearly half of U.S. firms using an Internet of Things (IoT) network have been hit by a recent security breach, which can cost up to 13% of smaller companies’ annual revenues. From teddy bears to cars to warehouse equipment, anything with an Internet connection can be hacked, creating serious financial and legal exposure for companies and safety concerns for workers and consumers.
While large organizations have the financial and human resources to reduce the risk of being hacked, small and medium businesses(SMBs) lack the time or money to protect their thermostats, IP cameras or sensors as they open-up their gates through Wi-Fi onboarding. The problem is that these billions of browserless Wi-Fi products come with very weak security features.
These SMBs need not only a feature-rich guest Wi-Fi but also a solution that can secure their IoT footprint such as thermostats, IP cameras or sensors. It must deliver a seamless, cost effective and dynamic solution.
The three steps to secure their IoT should include device discovery, management and auto-prevention.
The right platform must automatically capture all the details from the end user connected devices or things and provide a complete “fingerprinting” of the device by categorizing them and providing information such as device type, hostname, IP/MAC address, etc.
Then the platform should store all logs (DNS, access etc.) of every device or IoT activity. These logs become reference lists that can then be cross-matched with pre-established IP reputation lists and when a black listed DNS is detected, the suspicious activity is stopped.
Another protection method is to establish what “normal” data transfer rates should these devices experience and detect any abnormal activity where data rates increase exponentially, for example in the case of a DDoS attack. All that intelligence about device activity is then centralized at the cloud and tested against normal or expected behavior.
Ongoing updates and learning
Users should then be able to associate different policies with these devices, ranging over quarantining, captive portal bypass, device notifications and capping of data throughput and bandwidth per device type. Out-of-the-box security should then rank IoT devices as high, medium, or low risk, and bad devices can be automatically isolated or quarantined. The lists and logs must be continuously updated and that activity contributes to enrich machine learning. Software updates must also be automatic and seamless to the end-user.
AI applied to Wi-Fi promises to solve a significant problem which is the cost of troubleshooting the many potential connection as well as securing the many devices onboarded. The idea behind AI applied to Wi-Fi is to implement an automated management system able to monitor the network, recognize normal operations, analyze deviations from these normal operations in real time, and apply suitable actions. Sort of a real-time self-healing system.
The platform runs its machine learning algorithms and artificial intelligence to find outliers and anomalies and take auto-corrective action including device quarantine, degraded speeds or inclusion on watch lists.
The benefit for SMBs is that the platform not only identifies the anomalies but also takes corrective decisions for them as SMB clients do not have neither the time nor the expertise to manage such decisions.
As the volume and severity of cybersecurity breaches continues to increase with the adoption of new technology products, SMBs must take the necessary steps to properly install, maintain and protect connected devices and things with the right platform. While DDoS attacks can’t be prevented entirely, proactive protection is a way to safeguard privacy and sensitive user information.
One such ongoing innovation is the work done by RaGaPa to provide seamless and secure device Wi-Fi onboarding. New IoT discovery, management, and protection functions in the CaptiveXS solution from RaGaPa detect all devices (cameras, sensors, laptops, mobiles, tablets, consumer electricals, etc.) connected to a Wi-Fi network and categorizes them. The venue can then manage these devices and apply certain policies such as – device quarantine, bandwidth throttling and bypass authentication. The near future innovation will include IoT protection with IP reputation and auto-corrective actions for SMB’s. Thanks to CaptiveXS, SMBs can enjoy great out-of-box experience and simplify the Wi-Fi onboarding of connected products.