Did you miss a session from the GamesBeat Summit 2022? All sessions are now available to stream. look now
There is no shortage of attack vectors that cybercriminals can use to infiltrate an organization. From phishing and malware to routers and HVAC systems, security teams are already few and far between, and now they can add shadow IT to their list of security concerns.
Shadow IT is a broad term that covers the use of systems, devices, software, applications, and services without the knowledge or consent of IT departments. Of particular concern are mobile and IoT devices brought into an office, facility or campus. Many of these devices contain radio frequency (RF) vulnerabilities that can be exploited from outside the facility.
Dangers and threats of shadow IT
Last year, the US embassy in Uganda had a highly publicized incident when employees had their iPhones hacked – most likely as a result of a zero-click attack – and brought them into the building. By compromising the iPhones, attackers had free access to the embassy and could potentially overhear numerous conversations, some of which may have been confidential.
And it’s not just smartphones. IoT devices are vulnerable to attacks. Smartwatches can also be hacked. A hacked smartwatch can potentially allow cybercriminals to access confidential data, track location, and even eavesdrop on conversations.
These are just some of the ways cyber criminals are using mobile and IoT devices for nefarious purposes. These incidents highlight the potential threats posed by mobile and IoT devices, and enterprise security teams are struggling to find a solution. With IBM reporting that the average cost of a data breach will rise to $4.24 million in 2021, a single breach could have a negative impact on an organization.
Enhanced Security: Detect suspicious devices lurking in the shadows
Simply banning mobile and IoT devices from an entire facility is easier said than done. Many employees use their devices for work-related purposes. Bring Your Own Device (BYOD), for all its benefits, also comes with several security concerns, including potential security breaches, network intrusions, and data loss. Implementing an approved devices-only policy is difficult to enforce because many security teams lack the visibility to identify devices entering the sensitive parts of facilities. An honor system is also problematic, employees interpret the “No Devices” policy. Examples we see all the time:
- “It’s okay, I won’t answer.”
- “I turned off my phone.”
- “This Bluetooth device can only connect to my cell phone and I left the phone in the car.”
- “I saw that Sam had a Fitbit, so I figured Fitbits would be an exception.”
It doesn’t take an unscrupulous employee to violate the policy, just one who is forgetful or one who thinks their situation is a special exception because their intention is benign. However, when the device arrives, it can be controlled by a bad actor who is not the employee carrying it.
To protect their facilities and ensure greater security, it is imperative for security professionals to implement solutions that provide the visibility to detect and locate all authorized and unauthorized RF devices operating on cellular, Wi-Fi, ZigBee, Bluetooth, Bluetooth Low Energy (BLE) and other RF protocols.
Benefits of geofencing
Geofencing is the security practice of delineating particularly sensitive areas of a facility and applying more stringent policy enforcement. With geofencing, security teams can understand and fully view where these devices are located and also create a boundary to limit where they are allowed to be within a building or campus. In addition, geofencing capabilities can alert security teams in real time to potential RF breaches or threats in their protected area.
Armed with this knowledge and the innovative solutions now available in the market, a security team can set up automated protocols to mitigate a potential attack. For example, detection of an RF geofence breach can trigger integration with your corporate network access control. So if you enter a secure area with a connected device, it will automatically disconnect from the area.
By improving their RF situational awareness, improving visibility, and implementing a geofencing solution into their existing security posture, security teams can eliminate devices hiding in the shadows while protecting their organizations from becoming another RF cyberattack victim .
Chris Risley is CEO at Bastille Networks.
data decision maker
Welcome to the VentureBeat community!
DataDecisionMakers is the place where experts, including technical staff, working with data can share data-related insights and innovations.
If you want to read about innovative ideas and up-to-date information, best practices and the future of data and data technology, visit us at DataDecisionMakers.
You might even consider contributing an article of your own!
Read more from DataDecisionMakers