Handling Device Visibility in Today’s Rapidly Growing Networks
In years gone by, networks of all sizes have generally only encompassed a small range of IT specific devices – namely desktops, laptops, printers, networking equipment, perhaps the odd PBX here and there, and latterly IP phones. As time has progressed, we have seen a huge growth in devices on networks and this is only expanding as we move forward.
The introduction of the smartphone is a key event to note, however trends have shown that more and more devices that typically either would’ve resided on proprietary networks, or separate network entirely, have made the move to the corporate network. We have also seen the introduction of new devices that never before existed. These may not even be IT devices, they could be line of business or operationally critical devices, referred to as Operational Technology (OT).
This clearly provides huge benefits, in a world where everyone and everything is connected, however device security is often somewhat overlooked.
Visibility of devices is becoming poorer and poorer, and network admin teams are losing track of devices connecting to their network. Whilst an asset register may be kept, and a policy dictating that all new devices connecting to the network must be dealt with by IT staff may be in place; these registers often become out of date before they are even finalised, and organisations often have no way to enforce such policies. This means a new device on the network could become unnoticed.
Security risks caused by vulnerabilities in out-of-date software, or firmware in devices which are often never on any IT department’s patching schedule could compromise the entire network.
A recent news article published by The Register reported that equipment relating to the use of infusion and syringe pumps contained severe vulnerabilities, one as high as 10 out of 10 on the Common Vulnerability Scoring System (CVSS). This could allow an attacker to gain access not only to these medical devices (potentially causing harm to patients), but also to plant malware into the network.
Whilst it may not be practical or feasible to eliminate these vulnerabilities on a scheduled basis, network level precautions and restrictions can be put in place to ensure that should one of these devices become infected, the network cannot be severely compromised.
This is one of many examples of how the convergence of IT and OT presents significant security risks in many organisations.
Forescout provides rich functionality to not only identify and document these devices, but also segment and restrict the level of network access granted, providing them with only the access they require to perform their function effectively.
Speak with an Exclusive Networks Forescout Sales Specialist today to find out about solutions to help mitigate these issues across your customer base.
You can even experience Forescout first hand at our upcoming Test Drive in London. To get involved, register here. And did you know we also provide Forescout training? Click here to check out our upcoming sessions. We hope to see you there!
Luke Stratton – Security Consultant, Exclusive Networks UK.