What is Needed to Combat the Rise in Shadow Devices
With the rise in shadow devices being used by employees, your corporate network is at elevated risk of an attack. Shadow devices include all devices not directly issued by the company, but are being used on the corporate network(s). What people do not realize when they bring these devices into the workplace is they open up a potential for ex-filtration of data from the corporate network.
According to a recent survey by InfoBlox, the most common shadow devices found on networks were:
- Fitness trackers, such as FitBit or Gear Fit – 49 percent
- Digital assistants, such as Amazon Alexa and Google Home – 47 percent
- Smart TVs – 46 percent
- Smart kitchen devices, such as connected kettles or microwaves – 33 percent
- Games consoles, such as Xbox or PlayStation – 30 percent.
There are a simple few things you can do to protect and detect these devices in your network. We will use the example of a person arriving in a foreign country at customs as an analogy to how shadow devices should be treated in your corporate network.
1 – Segregate your Network
When you first arrive in any country, the customs agency will place you into a queue. If you are a citizen of that country you go into one queue, and if you are from a foreign country you will go into another queue.
Shadow devices should be treated like a foreign visitor coming into a country. They should not be allowed to enter the same network as the legal residents of the country, or in this case the trusted corporate computer. More than ever you need to make sure you are segregating your critical network traffic from the shadow devices that are coming into your organization daily.
This security model has been around a long time, but we still see people putting all their guest network traffic, which includes wireless, on the same IP network. This allows for any compromised device to have easy access to your critical data.
2 – Analyze Network Traffic for Shadow Devices
If you take the customs example one step further, you begin to get more granular of what you are looking to see before you allow a shadow device onto one of your networks.
Take the United States as an example. If you are a US Citizen you go into a queue that, for the most part, allows for less scrutiny of who you are and where you are headed before being allowed into the country. By analyzing the traffic on your network with technology, you could further prove the worthiness of a trusted device to be allowed on to the network just like a person with Global Entry.
Conversely, if the device is not known it could be treated much like a foreigner arriving in the country and automatically be forced to join the guest network. Then if needed, prove they are worthy of accessing your guest network.
The way in which you go about defending shadow devices from your critical infrastructure is by building a security fabric. If you would like more information or assistance in protecting your corporate network from shadow devices please contact us or call 866-205-2810.