Addressing Your IoT Risks with FortiNAC

Across industries, businesses are busily engaged in digital transformation efforts to extend their capabilities and better meet consumer demand for accessibility and mobility. In this effort, the number of IoT devices being introduced to the corporate network is exploding. Across the globe, billions of devices are being deployed, with estimates that IoT spending will grow to more than a trillion dollars by 2021.

So, what does this mean for you?

The rapid influx of IoT devices and point products used to scale businesses are also introducing a wide variety of threat vectors for cybercriminals to exploit. In order to ensure you can reap the benefits of their digital transformation efforts without compromising your security posture, you need to be able to effectively identify, track, and segment the multitude of devices being deployed across your network.

With this in mind, Fortinet’s new network access control solution, FortiNAC, is a product that can tackle the security needs of your IoT deployment head-on. FortiNAC provides customers with the network visibility, control capability, and automation needed to effectively secure the modern influx of IoT devices, while addressing the security challenges unique to the IoT.

IoT Security Challenges Facing Your Customers

IoT devices are a cost-effective way to accelerate digital transformation, meaning IoT implementation is booming. However, there are several distinct challenges that these devices introduce to your security posture:

·       Multi-Vendor Ecosystems: With such a high demand for IoT devices across industries, there’s now a myriad of different vendors offering their own IoT products. Like point product solutions, incorporating a mix of devices from a variety of vendors introduces additional complexity to network security efforts. Namely, the wider the variety of devices you incorporate into your network, the harder it is for you to effectively track and secure those devices.

·       Limited Device Capability: IoT devices are designed with rapid and extensive deployment in mind. From the perspective of vendors, this translates to controlling development costs. As a result, these devices often have bare minimum software capabilities, and often lack the capacity to tack on point security to the devices themselves. In other words, IoT devices offer few features outside their intended purposes. In order to secure them, you need the capability to manage IoT security at the domain level.

·       Cybercriminals are Targeting IoT: In our Global Threat Landscape Report for Q2, we noticed cybercriminals are continuing to target IoT devices, with cryptojacking currently being the most prevalent purpose. Given the extensive number of devices you deploy, they provide a rich source of computational power for cybercriminals to leverage. What’s more, since these devices lack the security features to prevent the hijacking of CPU resources, the overhead required by cybercriminals to exploit them is low.

Securing IoT Devices

Given the unique challenges IoT devices present for your customers, IoT security needs automated capabilities that can perform at the machine speeds of modern cyberattacks. It’s crucial that network access control solutions provide:

·       Device Visibility: At any given point, hundreds, if not thousands of devices can be connected to a network. In order to ensure they’re actively secured, you first need the ability to identify and understand the devices connected to your network. In doing so, you’ll be better equipped to recognize devices that pose a threat.

·       Device Control: Once devices are identified, you'll need the ability to actively control them. Specifically, you need to match the access control of a device requesting access with the device type. For example, when a wireless printer requests access, IT personnel need to authenticate that the device is actually a printer, and not a machine posing as a printer in order to gain access to the network.

·       Micro-Segmentation: Given the overwhelming number of potential devices connecting to a network, these devices need granular, micro-segmentation that can accurately deploy segmentation based on device usage and purpose. For example, IoT devices meant to measure the efficiency of product development will have access to a wider range of segments than the devices connecting to guest WiFi.

·       Automated Containment: Cybercriminals are now leveraging agile development to identify vulnerabilities and exploit them at a rapid pace. For you, this means it’s no longer a matter of if they’ll experience an attack, but when. With this in mind, organizations that can rapidly respond to an attack and mitigate its impact will have the best chances to maintain their operations without significant losses. In aid in this effort, you need automated IoT containment that can perform device triage at machine speeds—allowing unaffected devices to remain operational, while automatically isolating devices that pose immediate threats.

Providing the Next Generation of IoT Security with FortiNAC  

FortiNAC provides you with a scalable, comprehensive solution to the cybersecurity risks being introduced by IoT devices. Specifically, FortiNAC provides you with the ability to identify and profile all endpoints, IoT devices, users, and applications. Based on the characteristics and behavior of devices operating within a network, you can then segment these devices appropriately. What’s more, FortiNAC continuously assesses risks and deploys automated responses for network access across third-party devices.

Offering three levels of protection licensing, FortiNAC can match the security capabilities you need to a price that aligns with your budget:

Basic: Comprehensive threat detection.

Plus: Threat detection and device control.

Pro: Threat detection, control, and automated response.

Final Thoughts

IoT devices are everywhere, and they’re showing no signs of slowing down. With this in mind, there are abundant opportunities to connect you with a solution that effectively secures this growing attack vector. In this effort, FortiNAC provides a comprehensive solution you can use to ensure you have the ability to reap the benefits that IoT devices provide while maintaining an effective security posture.

Article Type: 
Blog