of IT security professionals think connected devices are a major security threat to their business
of respondent companies still don’t have a dedicated plan for IT asset management
In today's digitally connected world, network transparency has become something of a ‘holy grail’ for administrators and systems managers. For quite a while now, network concerns have been eclipsing other aspects of IT. There is a growing emphasis on creating digital networks that are strong, robust and secure.
The reasons for this are evident — we all hear about big data breaches and cyberattacks continually, and we understand that network security is paramount. But many business leaders and executives are still coming to terms with key ideas about how to deal with network security issues.
One relatively new discipline emerging as a significant part of any CISO's playbook is network asset discovery. Network asset discovery strives to determine exactly what devices and nodes are part of a network at any given time. This sounds simple, and it's built on earlier and simpler systems, but these days, it's become a very complex task. The discovery zone has, after all, changed tremendously. What used to be as simple as a relatively flat network is now a bewildering barrage of devices, sensors and infrastructure owned by different stakeholders. Still, a TechWorld white paper points out that a full 80 percent of respondent companies still don’t have a dedicated plan for IT asset management.
Network asset discovery is critically important to IT security for a number of reasons.
First, in order into understand things like endpoint security and segmented network security, administrators have to know the blueprint of a network, and understand what's connected to that network.
Also, modern security has developed beyond a ‘perimeter approach.’ New security initiatives focus on issues that penetrate deep into the network, ones that can't be stopped at the perimeter. Network asset discovery is also integral to this approach: you have to know what’s connected, and how it’s working, to start to unravel thorny issues around authentication, traffic security and behavioral analysis.
Real network transparency and a full accounting of connected devices comes at a cost, but it’s part of what makes companies confident in an age where IT security is such a big priority. Studies show there is quite a bit of awareness of how important asset discovery is: in the Pwnie Express report for 2017, 92 percent of those surveyed cited connected device threats as a major risk this year and beyond.
Although they are exciting new phenomena that enhance our use of digital devices, both Bring Your Own Device (BYOD) and the Internet of Things (IoT) have proved difficult in terms of network transparency and network asset discovery.
With the emergence of BYOD, where more mobile devices were dynamically connecting to networks, is it important to do asset counts in real time, and the term “asset discovery” became more and more relevant.
According to a 2013 EdTech report showing, among other statistics, that only 38.2 percent of responding universities had recently updated a BYOD policy.
Our 2017 IoT Report found only 55 percent of respondents citing an existing BYOD security plan.
As the Internet of Things begins to emerge, roving devices aren't limited to smartphones anymore. There are smart security systems, dishwashers and medical devices.
Perimeter approaches don't work with it comes to IoT security protection as most devices can bypass a firewall, and they're online all the time increasing vulnerabilities.
Some comprehensive security solutions are emerging for asset discovery and transparency in the age of the Internet of Things, but companies still struggle to fully secure their data as networks proliferate.
This model involves dealing with individual devices, sensors and connections at the edge of the network — not at the perimeter, but just outside of it — or in other gray areas where incoming or interactive traffic can be closely monitored.
A similar idea to edge computing, it is based on strategic use of near-perimeter vantage points to monitor and assess traffic.
Our 2017 IoT report found 39 percent of respondents had budget allocation for "wireless device detection" and 40 percent for device threat detection.
Vanguard companies have developed highly evolved visual dashboard products and other resources to deal with network evanescence and help promote transparency.