Why IoT Devices Are Difficult to Track on a Network
The problem is, IoT devices do not always lend themselves to profiling. Some are too fragile to track with traditional methods; scans may overload their low-voltage innards and cause them to fail. Or, they’re highly specialized items such as medical devices that are so customized that most tools aren’t sophisticated enough to detect them accurately. Some are built with proprietary configurations that are difficult to change without the manufacturer’s approval.
One common solution is passive observation, which puts a strain on teams who have to place taps and sensors all over their network and then observe many places at once, creating operational complexity. Other teams air-gap these devices, protecting them from public or unsecured access — but that also divides attention and gives security staff more places to monitor. Not every agency wants to take the time to profile every device unique to the organization to understand what it is.
IoT device manufacturers may also centralize management of their platforms in the cloud, and that commingling of cloud and device technologies adds another layer of complexity and risk. Many such devices are already used on the edge — say, sensors that detect air quality or snow accumulation or intruders on a property border.
Vendors are starting to address these issues, because agencies can’t secure IT environments if the security team doesn’t know what to secure. Some are focused on developing machine learning–based profiles for their devices that help users identify them more readily on a network, for example.