WFH saw rise in domestic IoT devices connecting to corporate networks

22 Oct 2021

Image: © Elnur/Stock.adobe.com

Palo Alto Networks’ IoT security report surveyed IT leaders from Ireland and 18 other countries on network security practices.

There has been an increase in incidences of non-business IoT devices being connected to corporate networks in the last year as teams work remotely.

That’s according to a survey by cybersecurity company Palo Alto Networks. The second edition of its yearly IoT security report, which polled 1,900 IT decision makers at organisations in 19 markets globally, including Ireland.

It found that more than three-quarters of respondents said their organisation’s network reported an increase in non-business IoT devices on corporate networks in the last year. This included smart lightbulbs, heart rate monitors, connected gym equipment, coffee machines, game consoles and even pet feeders.

The majority (81pc) of those who have IoT devices connected to their organisation’s network said the shift to remote work during the pandemic led to greater vulnerability from unsecured IoT devices on the network.

Globally, 78pc said there was an increased number of IoT security incidents and 86pc of Irish respondents said the same.

Almost all (98pc) of this group of decision makers in Ireland said their organisation’s approach to IoT security needed improvement, with almost half (42pc) admitting that a complete overhaul was needed.

This was more than 10 times the number who thought a complete overhaul was necessary in the UK (4pc) and more than twice the EMEA average (20pc). The greatest capability needs were found to be around IoT device context for security teams, policy enforcement and zero-trust control, and device visibility and inventory.

Preventative measures

“When it comes to IoT security, visibility is critical. Without it you cannot scan for anomalies across your network,” said Paul Donegan, country manager for Palo Alto Networks in Ireland.

He warned that IT decision makers should enforce “micro-segmentation” security measures to prevent security risks from occurring as a result of cross-connections.

He added that a lack of segmentation was putting businesses at serious risk, “not only of a breach but also of allowing attackers to escalate their attack through an organisation’s systems and data”.

Some cybersecurity tips from Palo Alto for organisations to increase their network security with staff working remotely include getting a complete visibility of all the IoT devices connected to the corporate network as well as monitoring network connections from all locations.

Employees working remotely should also keep track of the devices they have connected their domestic routers. They can segment their home network by creating a guest Wi-Fi network specifically for use by IoT devices. This way, it is more difficult for a remote worker’s personal devices to be accessed from a compromised IoT security device.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Blathnaid O’Dea is Careers reporter at Silicon Republic

editorial@siliconrepublic.com