This growth is even further fueled by the fact that smart solutions (sensors, antennas and edge computing) have become cheaper to purchase and implement, making these innovative technologies easily available not only for the large tech driven organizations, but also for the small and medium sized enterprises. According to Gartner, there are more than 20 billion IoT devices in use in 2020 and they project that this will even rise to 75 billion by the year 2025.
By making “offline” assets smart and having them connect to your infrastructure to receive and submit data, you can potentially create holes in your first line of defence, your firewalls and end-points. This can allow intrusions from outside of your organization through a smart asset, and this is not something new. There have been some extraordinary cases; you might have heard about that casino that was hacked through a thermometer in a lobby aquarium.
Nowadays most organizations will pen-test their IoT solutions with great care and take all the necessary security measures to make sure that one cannot simply gain access to a network via one of their IoT solutions.
However, the increase in these solutions also brings new applications to manage and administrate these IoT solutions and with that the importance of access to these applications. Whether you’ll access these applications with named accounts, service accounts or privileged accounts, you need to be able to manage this access and ensure that the right accounts have the right access to the right resources at the right time and that these access rights are revoked when no longer required.
This is where Identity and access management becomes vital to the security of your organization. By centrally managing the digital identities of your company and the access rights they have, you are in complete control of who has access to what and why and you can prove it to auditors. Next to that you can easily enforce policies and controls to prevent misuse of access rights and flag suspicious behaviour.
As access credentials to critical applications are highly sought after by hackers, Privileged Access Management (PAM) using One Identity’s Safeguard for example, can really eliminate the threat of social engineering. Privileged accounts are stored in a hardened appliance acting as a buffer between administrator and target system. Sessions need to be requested and are recorded and monitored in real-time so internal threats can be easily discovered and acted upon. Next to that, all activity is stored, time stamped and encrypted for forensics and compliance purposes.