Is Zero Trust suitable for IoT and OT devices?

Mobile 2023-06-12 12:25:02 views: null

The first step in protecting network security is to understand all networked users and devices and those who are trying to access them. This is also the premise of network security frameworks, including zero trust, on which enterprises can create corresponding enforcement policies and control tools.

But what if the device becomes the user?

1. The concept of "user" in zero trust

Zero trust requires security to start with the user, but interestingly, the user here is not just a user in the traditional sense. The rise of the Internet of Things (IoT), Operational Technology (OT) and smart connected devices in recent years has brought huge cybersecurity threats to networks and enterprises, so security architects have had to re-examine the concept of identity. Essentially, every networked object has an identity and must be contained within a zero trust framework, so users here should also include devices, virtual infrastructure, and cloud assets.

The specific instructions are as follows:

  • IoT devices do not require humans to collect, access, and share information, nor to assist in automating functions and improving business efficiency. IoT has quickly become the fastest growing type of device in the modern enterprise, with IDC estimating that there will be 41.6 billion connected IoT devices by 2025, generating a projected 79.4 ZB of data.

  • Already commonplace in industry and manufacturing, machine-to-machine (M2M) communications are now widely used in healthcare, business, and insurance.

  • The OT network systems that enterprises currently use in large numbers must also be protected. According to Gartner's forecast, by 2021, CIO or CISO will be directly responsible for 70% of OT security management, an increase of 35% from the current level.

  • Security decisions made by smart devices have the potential to be flawed. In some common DDoS attacks, botnets such as Mirai can take control of unmanaged IoT devices with weak credentials, potentially causing millions of devices to disrupt critical services.

2. Reject stereotypes: every device is a unique individual

To truly grasp the identity of a device, it is necessary not only to identify the IP address, manufacturer, and model, but also to have a good understanding of the business environment and potential risks of the device, and this is where accurate situational awareness plays an important role.

Let’s start with a common class of IoT devices—networked cameras. Even the same camera performs completely different functions, whether it is video surveillance or video conferencing. In the financial services industry, cameras are primarily used to monitor customers during transactions, or built into ATMs to scan check deposits. Each video input from these cameras needs to share a communication path with different data center applications and cloud services. Therefore, device identity and context are very important concepts in zero trust security.

3. Zero Trust Deployment Recommendations for IoT and OT

Establishing a zero-trust framework for enterprise networks also requires deep visibility into all IoT and OT systems on the network to make context-based segmentation decisions to reduce business risk without unduly impacting availability. Enterprises need to consider the following points when implementing zero trust in the network:

1) Extend the implementation of zero trust beyond the user, including the device.

2) Use agentless device visualization and continuous network monitoring for IoT and OT devices, agent-based security methods are not suitable for IoT and OT devices.

3) Understand the identities of all devices accessing the corporate network, including the device's business environment, traffic, and resource dependencies.

4) Use Segmentation to implement Zero Trust principles and satisfy risk management use cases:

  • Control and continuously monitor user and device access to protect critical business applications

  • Set up privileged access to critical IT and OT equipment

  • Divide the enterprise's IoT and OT devices into appropriate zones to reduce the attack surface

  • Contains vulnerable devices and legacy business apps/OS that cannot be patched or taken offline in separate zones to reduce attack surface

Guess you like

Origin blog.csdn.net/lyshark_lyshark/article/details/126798198
Recommended
Ranking
2019 JD pen questions - Choir
Grafana installation & basic configuration
How to solve the high gas fee of Filecoin? The official attitude is bright!
Informatization development 59
Date,DateFormat,Calendar,
Introduction to MySQL - Understanding MySQL
win10 conexão de área de trabalho remota ubuntu20 (RDP)
52. Customize generics on methods
Detailed explanation of CAP, ACID, BASE theory and NWR practice strategy
UnknownHostException:XXX:Name or service not know
Daily
More
2024-08-01(0)
2024-07-31(0)
2024-07-30(0)
2024-07-29(0)
2024-07-28(0)
2024-07-27(0)
2024-07-26(0)
2024-07-25(0)
2024-07-24(0)
2024-07-23(0)

Code World

© 2018 codetd.com