IoT is a big security headache for a lot of reasons. By its very nature, these devices are untrusted. They usually can’t have a security agent installed on them, they are typically designed with little thought to security, and their presence on a network can be difficult to detect as they often don’t look like IT. We faced a somewhat similar issue with BYOD (Bring Your Own Device). However, a lot of BYOD looks and behaves like our corporate IT, but IoT is a different more difficult to secure beast.
Our conventional security models have been falling behind in the face of IoT and BYOD. Our legacy architectures can only scale so much, and the cracks arising from this are exploited by new kinds of attacks and ones that move more easily laterally while the IT scales outwards. With more IT and security becoming software defined, Zero Trust (ZT) is seen as a fundamental fix to the security approaches we’ve been struggling with.
Read more…
Source: Trend Micro