Shadow IoT is the use of unauthorized connected devices or sensors in active use within an organization without IT’s knowledge. These devices can be any number of connected technologies, such as laptops, mobile phones, tablets, fitness trackers or smart home gadgets like voice assistants, that are managed outside of the IT department’s view.
As workforces evolve to include more remote locations and branch offices, and enterprises continue to go through digital transformations, organizations need to focus on protecting their cloud-hosted services the same way they do at their main offices. If not, enterprise IT teams will be left in the dark and will not have visibility over what’s lurking on their networks.
Cybersecurity Risks of Shadow IoT
Shadow IoT devices are becoming increasingly problematic for organizations. Some 40 billion IoT devices are expected to be connected to the internet in the next five years, with 50 billion coming online by 2030. These devices are often built with limited cybersecurity controls, while others have no security measures whatsoever. They are also often set up using default IDs and passwords that criminals can easily find, and are frequently added to an organization’s main Wi-Fi networks without IT’s knowledge.
IT can’t control or secure devices they can’t see on the network. That’s why “smart” devices can be such easy targets for cybercriminals.
Over the past 12 months, a staggering 80% of IT leaders discovered shadow IoT devices on their networks, and worryingly, nearly one-third (29%) of organizations saw more than 20; some saw as many as 50.
So, with billions of new IoT devices expected to connect to the internet over the next few years, how can IT teams mitigate this threat?
How to Mitigate Shadow IoT Threats
Fortunately, protecting against shadow IoT threats is possible when organizations set cybersecurity and visibility at the foundation of their network and business strategies.
Rethinking the approach to network security to include robust security policies for personal devices, ensure full visibility over the network, and use intelligent systems to detect and halt anomalous and potentially malicious communications will ensure organizations are always one step ahead of the threat posed by Shadow IoT devices.
Infoblox has commissioned a new Shadow IoT Report to help enterprises gain a better understanding of the challenges that IT teams face in securely managing shadow IoT devices across enterprise networks. Download the report to read the latest research and learn recommendations on how to best manage threats posed by shadow IoT devices and more.
What’s lurking in the shadows on your network?