Do You Know What Your IoT Devices Are Doing to Your Network?


We’re living through an explosion of Internet of Things (IoT) connected devices. Everyday consumers continue to buy and use gadgets like smart thermometers and fitness trackers, while connected security cameras, manufacturing sensors and smart lights become more popular with businesses. Gartner research predicts that 20.4 billion connected devices will be in use by 2020. As a network engineer, that number is scary. Adding a large volume of IoT devices to a home or business network without proper preparation can lead to serious networking and security issues. First, IoT devices make networks larger, more complex, and more difficult to map. Second, they introduce new security flaws to the network.

Luckily there are ways to mitigate these problems. First, network engineers and IT admins need the right tools for network monitoring, and they need to be involved in the decisions surrounding the deployment of IoT devices on a corporate network. Second, consumers need to understand the impact of IoT devices on a network, so they can properly configure and use them. Allow me to explain in more detail.

Adding new devices to any network makes it more complex, and IoT devices are especially bad in this regard. Most networks are configured assuming people have a few devices each (a smartphone, laptop, tablet), but add IoT devices and suddenly there are two, three or ten times the number of devices connected. Fortunately, most IoT devices have low bandwidth requirements so the impact on overall network performance is minimal, but the high volume of added connections complicates management. For instance, it’s often difficult to monitor or troubleshoot these devices because they send very little useful telemetry data. Furthermore, the network team is rarely involved in the IoT purchase decision – that’s usually something the security or facilities team handles. The network team is often notified after the fact, if at all, so they may not know that these devices are even there! For example, I’ve heard stories about hospitals where the security team bought and installed wireless security cameras and the IT team didn’t find out until they started getting complaints that the Wi-Fi in certain rooms was slow – the cameras were interfering with the normal Wi-Fi signals.

IoT devices are usually not secure and they can give attackers easy routes into a network when introduced without proper planning. Your average Wi-F connected camera or thermometer runs a basic Linux operating system with many security vulnerabilities. This is especially bad with budget devices – products from major brands like Apple and Amazon are often secure, but off-brand items usually are not. For example, huge databases of default IoT device passwords are available on the web for perusing by anyone – manufacturers believe that they’re being “helpful” by providing basic passwords, but few device owners think to change this default setting. Always make sure you change the default passwords on your IoT devices to a long, complex phrase that can’t be easily guessed or cracked.

To make things worse, IoT devices are often not patched regularly – you might know that you should keep your computer software up to date, but will you think to update your smart TV or thermostat? This compounds the security issue since many of these devices will be running out-of-date software with known bugs or security vulnerabilities. In a business setting, managing updates to large numbers of IoT devices is a complicated process made more difficult by the fact that, as mentioned earlier, those devices are often hard to see from a network perspective.

The good news is that IoT devices can be monitored and managed, assuming they are connected to the network either directly or wirelessly. In a business setting, IoT devices usually have very clear roles and it’s relatively easy, given the right tools, for IT to tell when they are doing something they shouldn’t be. For example, an IoT thermostat should only be communicating with the thermostat controller. If IT sees network traffic between the thermostat and other locations on the network, or the device suddenly attempts to connect to external IP addresses, they know something is wrong.

Complexity creeps in when organizations have hundreds or thousands of IoT devices on a network, but modern network performance monitoring and diagnostic (NPMD) tools are usually powerful enough to monitor all of that traffic. It’s possible for IT to use NPMD tools to set baselines and rules for IoT device traffic, but this takes time that a busy network engineer may not have. More automation in NPMD tools and more information from IoT vendors about the ports, protocols and network traffic paths that their devices use would help this issue immensely.

On the consumer side of things, this is more difficult. There isn’t any kind of easy-to-use consumer device to monitor IoT devices, but this is something I think could be helpful. A simple network monitoring tool that tells you if your smart TV and fridge are in line with the normal traffic patterns expected from those devices could go a long way towards helping consumers keep their devices secure. A better solution here is to require more security to be built into IoT devices by the manufacturer, and for manufactures to make the patching process for IoT devices simpler and more automated.

So, while there are tools to manage IoT devices and potential to improve their security in the future, the fact remains that IoT devices can easily create major network complexity and security issues for both businesses and consumers. Be mindful of security best practices when using consumer IoT devices and be sure to involve IT and the network team when consider IoT device rollouts in a business setting.

Jay Botelho is Director of Engineering at Savvius, a LiveAction company. Jay has worked at Savvius for 13 years and in the technology industry for over 25 years as an engineer and product manager, specializing in wireless networking. He holds a BSEE from Tufts University and an MSEE from Santa Clara University, both in electrical engineering.

Add Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

10 Things You Didn’t Know About Ritesh Arora
Job Search
20 Things You Didn’t Know about Beamery
Apoorva Mehta
10 Things You Didn’t Know About Apoorva Mehta
20 Things You Didn’t Know about Claroty
Renewable Energy Stock
Five Renewable Energy Stocks that Pay Solid Dividends
Meme Stocks
What Are Meme Stocks?
Greenlight Debit Card
20 Things You Did Not Know about Greenlight
NFT Market
The Top Five NFT Marketplaces Out Right Now
The 10 Richest Cities in Indiana
Playa Paraiso
The 20 Best Things to do in Tulum For First Timers
The 20 Worst Places to Live in Ireland
The 10 Best Restaurants in Lisbon, Portugal
Why Did They Stop Making the Ford Freestyle?
1961 Ford Falcon DeLuxe
The 10 Best Ford Falcon Models of All-Time
How Much is a Classic Ford Fairlane Worth?
The Five Biggest Ford Recalls in Company History
How Does The Jaeger-LeCoultre Atmos Clock Work?
Breguet Type XXI 3815
A Closer Look at The Breguet Type XXI 3815
Halios Seafort
Watch Review: The Halios Seaforth
Seiko Tuna
What is a Seiko Tuna?
Mitchell Rales
The 10 Richest People in Maryland
Li Xting
The 10 Richest People in Singapore
Scott Storch
How Scott Storch Blew a $100 Million Net Worth
Teri Hatcher
How Teri Hatcher Achieved a Net Worth of $50 Million