A Raspberry Pi floating on your network may not be cause for concern – at first. But when did it join the network? What is it doing? Is it the only Raspberry Pi? These questions can help discern a benign connected device from a malicious product trying to infiltrate an organization.
"The amount of unmanaged devices has pretty much exploded in the last five years," said David Pearson, head of threat research at Awake Security, in a talk at last week's Interop Digital. More people are connecting to corporate networks with devices that aren't managed to the level you might expect corporate infrastructure and devices to be managed.
This is a growing problem, in large part because most Internet of Things (IoT) device traffic is unencrypted, he explained.
"There's so much information that gets shared, whether that's internal to internal, or internal to external, that's just completely in the clear," Pearson said.
Now, as people are bringing business data onto home networks, ensuring data security is even more important.
About a year ago, Pearson and the Awake Security team hypothesized they would be able to analyze the behavior of a device and, in doing so, distinguish IoT and operational technology (OT) devices from mobile devices, bring-your-own-device (BYOD) systems, corporate infrastructure, and enterprise devices. They not only learned this was possible but discovered myriad ways these connected devices put businesses at risk.
Pearson and his Awake Security colleague, lead network threat hunter Eric Poynton, began their talk with a discussion of key traits belonging to each device category so attendees could understand how to recognize them on a network.
Enterprise devices – the lap ..
Support the originator by clicking the read the rest link below.
