The Importance of Micro-Perimeters in IoT Security
The Importance of Micro-Perimeters in IoT Security
What are micro-perimeters, and how do they relate to your IoT security concerns?
Join the DZone community and get the full member experience.Join For Free
Just as predicted, the Internet of Things is everywhere. From smart fridges to smart cities powered by real-time analysis, IoT equipment has become established as a core element of personal and business networks. And that's brought some novel security issues to the forefront.
IoT devices have been flagged up repeatedly as vulnerable to malware and hijacking attacks, and they can also be used in criminal data breaches. Botnet attacks are also becoming more common and can cost businesses as much as $300,000 (£225,000) in increased energy costs alone.
These reasons have prompted a trend among network managers to seek out innovative security solutions, and micro-perimeters have gathered a lot of attention. But what are micro-perimeters, and how do they relate to your IoT security concerns? Let's find out more.
What Are Micro-Perimeters, and Why Do They Matter?
In the world of cybersecurity, we talk a lot about "threat surfaces" and perimeters, and these are key concepts to keep in mind when securing any network. Perimeters are basically boundaries that describe the limits of a particular device or network. They mark where each specific device meets the network as a whole and how the various nodes on a network interact and can also be used to model the limits of the network itself.
In this blog, we're talking about the smallest scale of perimeters on an IoT-based network: micro-perimeters.
Why micro-perimeters instead of larger-scale boundaries? In many modern IT networks, it doesn't make sense to secure the network as a whole. The scale of networks and the existence of hundreds or thousands of discrete devices means that taking an all-round approach to cybersecurity can miss small details.
In a network based around the Internet of Things, each separate device could potentially represent a security risk, and each one needs to be secured individually. That's where micro-perimeters enter the equation.
By creating device-specific security solutions, network managers can lock down sensitive devices and ensure that 1) threats derived from third parties are minimized and 2) if threats break through the security cordon, systems are in place to quarantine affected devices.
Think of it this way. As the cloud has become a key aspect of networking solutions, and networks have expanded in size, the potential connections between network nodes and malicious actors have multiplied — sometimes exponentially.
Using Applications to Secure Network Locations
In that context, security specialists have adopted a strategy of shrinking their security approaches. This tends to entail a couple of core elements, starting with securing sensitive applications.
Firstly, IoT devices need to incorporate stringent authentication procedures. This allows legitimate employees or users to access the devices (such as temperature sensors in hydroelectric power stations or Google speakers in the home) while excluding those without proper credentials.
This will often involve the use of two-factor authentication (2FA), which adds an extra (and often time-consuming) layer of authentication above standard password portals. Or, it can involve the use of Federated Authentication systems, which use securely stored authentication credentials to pool together large communities of users.
Secondly, apps need to deliver authorization. So, if users are connecting to NAS databases, there will need to be systems in place to govern access levels and ensure that confidential data is encrypted properly.
In practice, the two work together. Users are authenticated as efficiently as possible, and then, they are authorized to use IoT devices in an appropriate manner. When this is extended across entire networks, the idea is that all sensitive applications are protected from external threats.
Securing Devices Beyond the Application Layer
While establishing a micro-perimeter around sensitive apps is essential, in many cases, it doesn't represent a comprehensive security solution. Why? Because in an IoT-heavy environment, physical devices are just as important and just as vulnerable to external threats.
IoT devices could potentially fall victim to a wide range of cyber-threats. For instance, they could be targeted by botnets, recruiting innocent sensors or speakers to mount worldwide DDoS attacks. Or, they could be the focus of Man-in-the-Middle attacks, which cream off confidential data as it passes to and from the device. And in some cases, devices can be taken offline altogether. This is what we saw with the infamous Stuxnet malware attack on Iranian nuclear installations.
It all means that the tiniest IoT device could be the weak point, which causes a system failure or catastrophic data breach — not a welcome development for any company.
In this context, endpoint security becomes extremely important. This could mean updating firmware regularly, making physical checks on high-risk devices, or installing enterprise-wide endpoint security solutions to monitor every interaction between devices and the wider web.
But in many instances, this holistic approach is not fine-grained enough to provide reliable protection for individual devices. A micro-perimeter approach is required instead
Security managers can cast a "net" of protection around specific devices if they deem them to carry a heightened security risk. This is especially common (and useful) in the case of mobile phones, which might leave central workplaces and interact with third-party Wi-Fi networks.
Companies might choose to implement Mobile Device Management software, which records each mobile device, adds security features, and ensures that corporate security policies are followed on each laptop or smartphone. That's one way to go.
However, there are other solutions for creating mobile-perimeters around IoT devices. VPNs (Virtual Private Networks) are one option. These applications encrypt the data transmitted to and from mobile devices and anonymize their IP addresses. This creates a "bubble" of security around each phone or laptop, wherever the user takes them.
This may well be a suitable solution for small or medium-scale organisations that require total security for remote working. But you do need to source a reliable VPN to lock down each micro-perimeter.
Things to Remember When Securing Micro-Perimeters Around IoT Devices
Generally speaking, if your home or business hosts multiple devices connected to the Internet of Things, it is advisable to have a policy in place to make them as secure as possible. When securing the micro-perimeter around your devices, it helps to keep a few things in mind.
Validation and authentication — Users need to be able to access each device securely while excluding third-party actors who lack authentic credentials.
Updates — Any firmware used by your devices must be kept as up to date as possible, closing the door on malware threats.
Virus/malware protection — IoT devices can fall victim to malware, just like computers. Implement a scanning and quarantine policy for all devices that are connected to the web.
Additional perimeter security — If you want to maximise your device security, using a VPN to throw another layer of protection across your network makes sense.
However, it's also worth bearing in mind that micro-perimeter approaches are costly to implement across huge communities of devices. They work well for high-risk nodes and smaller networks and are imperative for devices that hold confidential data. But they won't always be preferable to broader endpoint security approaches for larger networks.
Opinions expressed by DZone contributors are their own.