Unidentified Devices Leave Networks Vulnerable

shutterstock 1055215934

As organizations embrace digital transformation to improve operational efficiency, IoT devices—including industrial and medical IoT—are being deployed at an unprecedented rate. This rapid adoption of IoT is one of the primary reasons why networks are in constant flux. New devices, whether physical or virtual, are continually connecting and disconnecting from the network, and often then reconnecting somewhere else. And to do their job, they need immediate access to applications and networked resources.

Internet of Things endpoints are growing at an unprecedented rate, reaching an installed base of several dozen billion units in just a few years. While most people imagine digital cameras, printers, and smart appliances when they think of IoT, it also includes medical IoT (MIoT) devices, such as infusion pumps and heart monitors, and industrial IoT (IIoT), including valve controllers, temperature and pressure monitors, and manufacturing devices. This trend hasn’t gone unnoticed by the cybercriminal community. While there continue to be high-profile attacks targeting traditional IoT devices, MIoT and IIoT devices are also increasingly being targeted, such as the recent Triton and VPNFilter malware attacks.

Access control is shifting to security

As IoT devices gain network access, they not only exponentially enlarge the attack surface, they also increase the organizational risk profile and raise internal provisioning, management, and compliance costs. This is why organizations are shifting the responsibility for connecting and securing access from being led by the network team to being security-led. To ensure these new devices don’t gain unfettered access to corporate resources, they need to be automatically assigned to an isolated network segment based on policies and roles, and devices that begin to violate profiles need to be immediately removed. These requirements have made access control a foundational requirement for today’s comprehensive security posture.

However, while security managers must secure every single device every single time they connect to the network, cybercriminals only need to access one open port, compromise one unknown device, or exploit one application or vulnerability to circumvent network security efforts. Complicating things further, the sheer volume of IoT devices that require managed access is overwhelming many security tools and resources, and visibility is a large part of that challenge. Apart from possibly having collected a device’s IP address, most organizations simply have no way to even determine what devices are on their network, let alone being able to secure, manage, and monitor them.

Controlling Network Access

Network Access Control (NAC) solutions provide the sort of intelligence, visibility, and control that today’s organizations need to deal with this growing problem. The challenge, however, is that too many security leaders still view NAC as a cumbersome solution that requires overhead and resources they can't spare. But with today’s third-generation of NAC solutions in place, all of that has changed. These latest NAC solutions provide six critical services to seamlessly and automatically protect and secure networks and connected devices. These NAC solutions:

  1. Provide a detailed profile of each device on the network: Providing organizations with total visibility into all devices diminishes the security risks associated with unsecured and vulnerable devices.
  2. Ensure that all devices, whether wired or wireless, are authenticated and subject to context-driven policies that define who, what, when, where, and how connectivity is permitted: This ensures that appropriate people and devices can only connect to and access appropriate applications, infrastructure, and assets.
  3. Assign authenticated devices to secure network segments: This ensures that each device only has access to approved resources, not only to protect them and their data but to also protect the rest of the network from compromised IoT devices.
  4. Monitor devices to ensure the enforcement of company policies, such as device patching and updates, as well as identify device status or behavioral changes: A printer or digital camera that suddenly begins requesting data, for example, can be immediately identified and flagged.
  5. Take immediate action when anomalous behavior is detected: Integrated network orchestration capabilities respond to threats and perform containment at machine speeds, including the quarantining of rogue devices for analysis and remediation.
  6. Automatically correlate threat intelligence: Since devices are rarely compromised in isolation, NAC solutions also automatically correlate threat intelligence to identify and secure any other devices that may have been compromised along an attack chain.


The number of unsecured IoT devices connected to the network has mushroomed due to digital transformation efforts. And with them, the risk of a security breach has increased as well. NAC solutions address this challenge by enabling organizations to identify every device on the network and securely segment them to ensure each device only has access to approved resources. In the world of IoT, NAC solutions answer the question ‘what’s on your network,’ and then enable you to provide the integrated and automated protections that today’s digital businesses require.

Read more about Fortinet’s new network access controller, FortiNAC, which diminishes the security risks associated with unsecured devices accessing the network by giving organizations total visibility of endpoints, users, trusted and untrusted devices and applications.