In information technology, an endpoint is any device or node that is connected to a network over which it is able to communicate. When it comes to security, endpoints are one of the most important aspects of the network to protect. The goal of almost any attack or attempted breach is to gain control of an endpoint and use it to siphon off information.
In the past there were a limited number of endpoint types, and hardening a network was a relatively simple task. That simplicity has all but disappeared with the arrival of the Internet of Things (IoT).
The Weakest Link
Every endpoint on a network is a potential security weakness. The IoT is all about turning everyday items into network endpoints. This has two main repercussions in terms of keeping a network secure.
- The number of endpoints on the network increases exponentially, and tracking and managing them all becomes significantly more difficult.
- Rather than a few endpoint types running standard software on standard operating systems, almost every IoT-enabled device is running its own custom operating system and software package.
As a result, one-size-fits-all security is no longer effective and custom solutions have become the norm. Thankfully, the solution to this security quandary is not to ban all IoT-enabled devices from the network. It is possible to maintain effective and efficient network security in an IoT-enabled world. This is most easily accomplished through a three-step approach that involves:
- connection monitoring,
- patch maintenance, and
- prevention of configuration drift.
As part of a robust network security strategy, it is important to discover connected endpoints on a continuous, real-time basis. The status of those endpoints and their connections should be monitored and any unusual activity should be logged and dealt with accordingly.
It is also vital to patch vulnerabilities as quickly as possible. Most security breaches are accomplished using publicly known vulnerabilities for which patches are available. Those vulnerabilities would not be available to attackers if patches were applied in a timely manner.
Another element in successful post-IoT security is one that is very often overlooked: configuration drift. When a new device is first provisioned, it has been configured to be in line with the network’s security policies. Over time and with ongoing interaction with end users, settings can change and security elements can be disabled or removed. Before long, the device becomes a gaping hole in the security of the network. To prevent this, endpoint configuration settings should be monitored or even automatically reset to default values at regular intervals.
Security Is Still Possible
The IoT has drastically complicated the practical aspects of network security. The sheer number and variety of endpoints now connected to most networks can be enough to overwhelm even the most competent and organized of network administrators. By sticking to a three-pronged approach of monitoring connections, maintaining patches, and preventing configuration drift, it is possible to keep endpoints, and therefore the network, safe and secure.