IoT devices such as card readers, sensors, and embedded devices usually don’t have a lot of computing power or RAM. Therefore, many of them cannot run security software to protect themselves on the network. In addition, it is almost impossible to update or patch firmware for over-the-air (over-the-air or OTA) connected objects when this technology was not the norm when it was deployed.
According to IDC projections, there will be 41.6 billion IoT devices in use by 2025. This large number of devices will produce 79.4 zettabytes of data by then. These numbers alone are enough to cause a major headache for any IT security professional.
Attackers already target organizations with a variety of threats and keep a close eye on vulnerabilities in IoT systems. Undoubtedly, there will be more on the horizon.
The proliferation of IoT devices has led companies to adopt one of the most classic approaches to IT security – segmentation and evolution, micro-segmentation – to protect their growing fleets of connected equipment.
What is partition?
Segmentation is a security process that divides a network into several segments or sub-sections that act as small networks. One way or another, this technology was developed along with corporate networks and the public Internet.
In the 5G network, fragmentation is called “network slicing”. This 5G functionality will become increasingly relevant to the Internet of Things as more devices are equipped with this cellular technology, rather than relying on 4G LTE links or LPWAN connections as is usually the case today.
Why choose hashing as a security method?
Despite the large number of security measures that administrators can implement, network fragmentation remains a critical defense against threats. Each isolated group of devices can access only the resources they need for authorized uses. IoT fragmentation can prevent ransomware infection or prevent an attacker from navigating the network.
Organizations are not specifically required to use hashing with certain security practices, but they can be added to existing security measures. Also, when applied to the Internet of Things, this method can improve overall performance. Separating different operational devices can reduce network congestion.
How to implement IoT segmentation
With the advent of the Internet of Things, network segmentation has become more and more important. With the spread of IoT devices, these vulnerable units must be isolated from other applications and systems on an enterprise network.
When deploying an IoT-based network segmentation project, IT administrators must first identify all IoT devices in the enterprise fleet. If the inventory has not already been prepared, the task may be difficult, because the types of equipment are numerous: cameras, sensors, industrial machines, beacons, etc. In addition, it is often necessary to take into account various communication technologies (Wifi, IP, Bluetooth, Sigfox, LoRa, LTE, NB-IoT, etc.).
Today, many companies use Network Access Controls (NAC) to implement an untrusted security policy on their networks. The NAC system constantly monitors the network and the devices connected to it. The NAC tool must discover and identify all users and devices before allowing access to the network.
During the initial setup of the NAC system, the organization’s digital security staff will determine the appropriate level of authorization for users and devices. For example, an engineer who uses a sensor to test temperature in an industrial section of a company’s network requires completely different access rights than automated lighting fixtures operating on the same network.
Some IT managers see micro-segmentation as the next step in network security, especially for IoT projects. This technology also reduces the parts of the network that IoT devices can access, thus narrowing down attack surfaces — system elements or endpoints — that are most vulnerable to hacking.
Unlike fragmentation, micro-fragmentation does not in principle rely on the processing of subnets, VLANs, and physical firewalls associated with the underlying infrastructure.
IT administrators can circulate policies to divide individual workloads running in a cloud environment. Technology expands east-west lateral traffic between devices, workloads, and applications on a network. The increasing use of Software Defined Networks (SDN) in architectures has contributed to the adoption of microsegmentation.
With micro-segmentation, connected objects can run on a common infrastructure that includes a shared network and security platform.
Because of this control at the software level, the policies applied to the IoT device remain in effect even if it is moved to another area of the network.
With micro-segmentation, connected objects can run on a common infrastructure that includes a shared network and security platform. This form of software isolation is intended to make it easier to manage and operate without giving hacked or compromised devices the means to infiltrate other parts of the corporate network.
However, this software architecture must respect certain principles. Where segmentation can be complex to manage when managing multiple gateways, associated firewalls, and connected stations, micro-segmentation requires controlling communications between devices within each micro-segment, and having software capable of creating and distributing these small network sections automatically. In addition, the system must dynamically adapt to the addition of new devices. Also, micro hashing does not replace, but rather complements, other mechanisms used in the context of a traditional security perimeter.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
