“For more than a year, the majority of business offices have been largely abandoned as employees worked remotely during COVID-19 pandemic. Despite the shortage of staff, our support teams observed that enterprise networks remained bustling with IoT operation,” said Chaitanya Kumar, CEO of MIRAT. “The amount and variety of Internet of Things (IoT) devices that are connected to enterprise networks is enormous, ranging from symphonic lights to IP cameras. Our team discovered that 76% of these devices continue to communicate via unencrypted plain text networks, indicating that the overwhelming IoT transactions are extremely risky for businesses.”
Which Devices Are the Most Vulnerable?
MIRAT recognized nearly half a billion IoT device interactions, 65 percent of which fell under 3 categories: set-top boxes (30%), smart TVs (25%), and smart wearables (20 %).
While the home entertainment and automation category had unique devices, they accounted for the fewest transactions compared to industrial, business, and healthcare devices. Instead, most traffic came from devices in the retail and manufacturing industries — these devices comprised printers, Geo location trackers, vehicle multimedia systems, data collecting terminals such as barcode scanners, and payment terminals. Corporate devices were the next most prevalent, accounting for 28% of transactions, followed by healthcare applications, which accounted for over 8% of traffic.
MIRAT also uncovered several unanticipated cloud-connected products, such as smart refrigerators and light lamps, that were sending traffic through the company network.
And The Targets Are:
Nearly 90% of affected IoT devices were seen transmitting data to servers in one of 3 nations: China (56%), the United States (19%), or India (19%). (14 percent).
How Can Businesses Protect Themselves?
With the number of “smart” devices on the market growing daily, it’s nearly hard to keep them out of your business. Rather than attempting to shadow IT, IT organizations should implement access restrictions that prevent these devices from functioning as open the doors to the most critical company data and applications. These policies and practices are applicable regardless of whether IT professionals (or other personnel) are located on-premises.
MIRAT proposes the following guidelines for mitigating the threat of IoT infections on controlled and shared devices:
- Gain visibility into every device on your network. Deploy systems capable of reviewing and analyzing network logs to gain a comprehensive understanding of all devices interacting across your infrastructure and their activities.
- Alternately, change all default credentials. While password control is not always practicable, a necessary first step when implementing corporate-owned IoT devices is to reset passwords and implement two-factor authentication.
- Numerous industries, most notably manufacturing and healthcare, rely on IoT devices to run their daily operations.
- Maintain regular updates and patches. Maintain awareness of newly found vulnerabilities and keep your device’s security up to abreast with the current patches.
- The only approach to prevent shadowing IoT systems from posing a threat to enterprise networks is to eliminate implicit trust policies and strictly limit access to critical data via dynamic identity-based authentication, sometimes referred to as zero trusts.
- Establish a security architecture based on zero trusts.
- Apply stringent controls to your company assets to ensure that people and devices only have access to what they require and only after identification.
- Restriction of communication to necessary IP addresses, ASNs, and ports for external access.
- Unauthorized IoT applications that demand internet access should be subjected to traffic analysis and denied access to all company data, preferably via a proxy.
MIRAT is now an artificial intelligence-driven cloud software capable of providing all the packaged tools under one license, offering centralized self-service capabilities with No/minimum staff and remote monitoring capabilities that presently no other competitor is able to serve. The USP of MIRAT.ai is “Automation” of IT infrastructure management that is highly aligned with ITIL and current trends. The IT infrastructure management includes but is not limited to the operating system, database, network, storage, application, middleware spaces, etc.
MIRAT has been proven to reduce 80% of your operational expenses, 20% of outage costs and increases team productivity by 60% and efficiencies by 30%. You can now get your ROI in just 6 months!
Visit https://www.mirat.ai/trial.html to access your free 14 trials and evaluate how MIRAT can be useful for your ITSM needs.
Our pricing plans are very cost-effective (starts at $4 per month) and affordable for startups, SMEs, MSMEs, along with enterprise-level plans for larger firms with more extensive requirements.