Do You Know What Your IoT Devices Are Doing to Your Network?


We’re living through an explosion of Internet of Things (IoT) connected devices. Everyday consumers continue to buy and use gadgets like smart thermometers and fitness trackers, while connected security cameras, manufacturing sensors and smart lights become more popular with businesses. Gartner research predicts that 20.4 billion connected devices will be in use by 2020. As a network engineer, that number is scary. Adding a large volume of IoT devices to a home or business network without proper preparation can lead to serious networking and security issues. First, IoT devices make networks larger, more complex, and more difficult to map. Second, they introduce new security flaws to the network.

Luckily there are ways to mitigate these problems. First, network engineers and IT admins need the right tools for network monitoring, and they need to be involved in the decisions surrounding the deployment of IoT devices on a corporate network. Second, consumers need to understand the impact of IoT devices on a network, so they can properly configure and use them. Allow me to explain in more detail.

Adding new devices to any network makes it more complex, and IoT devices are especially bad in this regard. Most networks are configured assuming people have a few devices each (a smartphone, laptop, tablet), but add IoT devices and suddenly there are two, three or ten times the number of devices connected. Fortunately, most IoT devices have low bandwidth requirements so the impact on overall network performance is minimal, but the high volume of added connections complicates management. For instance, it’s often difficult to monitor or troubleshoot these devices because they send very little useful telemetry data. Furthermore, the network team is rarely involved in the IoT purchase decision – that’s usually something the security or facilities team handles. The network team is often notified after the fact, if at all, so they may not know that these devices are even there! For example, I’ve heard stories about hospitals where the security team bought and installed wireless security cameras and the IT team didn’t find out until they started getting complaints that the Wi-Fi in certain rooms was slow – the cameras were interfering with the normal Wi-Fi signals.

IoT devices are usually not secure and they can give attackers easy routes into a network when introduced without proper planning. Your average Wi-F connected camera or thermometer runs a basic Linux operating system with many security vulnerabilities. This is especially bad with budget devices – products from major brands like Apple and Amazon are often secure, but off-brand items usually are not. For example, huge databases of default IoT device passwords are available on the web for perusing by anyone – manufacturers believe that they’re being “helpful” by providing basic passwords, but few device owners think to change this default setting. Always make sure you change the default passwords on your IoT devices to a long, complex phrase that can’t be easily guessed or cracked.

To make things worse, IoT devices are often not patched regularly – you might know that you should keep your computer software up to date, but will you think to update your smart TV or thermostat? This compounds the security issue since many of these devices will be running out-of-date software with known bugs or security vulnerabilities. In a business setting, managing updates to large numbers of IoT devices is a complicated process made more difficult by the fact that, as mentioned earlier, those devices are often hard to see from a network perspective.

The good news is that IoT devices can be monitored and managed, assuming they are connected to the network either directly or wirelessly. In a business setting, IoT devices usually have very clear roles and it’s relatively easy, given the right tools, for IT to tell when they are doing something they shouldn’t be. For example, an IoT thermostat should only be communicating with the thermostat controller. If IT sees network traffic between the thermostat and other locations on the network, or the device suddenly attempts to connect to external IP addresses, they know something is wrong.

Complexity creeps in when organizations have hundreds or thousands of IoT devices on a network, but modern network performance monitoring and diagnostic (NPMD) tools are usually powerful enough to monitor all of that traffic. It’s possible for IT to use NPMD tools to set baselines and rules for IoT device traffic, but this takes time that a busy network engineer may not have. More automation in NPMD tools and more information from IoT vendors about the ports, protocols and network traffic paths that their devices use would help this issue immensely.

On the consumer side of things, this is more difficult. There isn’t any kind of easy-to-use consumer device to monitor IoT devices, but this is something I think could be helpful. A simple network monitoring tool that tells you if your smart TV and fridge are in line with the normal traffic patterns expected from those devices could go a long way towards helping consumers keep their devices secure. A better solution here is to require more security to be built into IoT devices by the manufacturer, and for manufactures to make the patching process for IoT devices simpler and more automated.

So, while there are tools to manage IoT devices and potential to improve their security in the future, the fact remains that IoT devices can easily create major network complexity and security issues for both businesses and consumers. Be mindful of security best practices when using consumer IoT devices and be sure to involve IT and the network team when consider IoT device rollouts in a business setting.

Jay Botelho is Director of Engineering at Savvius, a LiveAction company. Jay has worked at Savvius for 13 years and in the technology industry for over 25 years as an engineer and product manager, specializing in wireless networking. He holds a BSEE from Tufts University and an MSEE from Santa Clara University, both in electrical engineering.

Add Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Careers CEOs Companies Education Entertainment Legal Politics Science Sports Technology
Paul Taylor
10 Things You Didn’t Know About Paul Taylor
20 Things You Didn’t Know about LTK
translation app
The 10 Best Translation Apps for Travel
Collectibles Credit Cards Investing Real Estate Stocks
Goldman Sachs
Ranking The 20 Best Investment Apps of 2021
Is HCMC Stock a Solid Long Term Investment?
Is SNDL Stock a Solid Long Term Investment?
Aviation Boats Food & Drink Hotels Restaurants Yachts
The Five Best Gins to Use for a Paper Plane Cocktail
Hussaini Hanging Bridge, Pakistan
The 20 Most Dangerous Bridges in the World
Ohio caves
10 Awesome Caves to Visit in Ohio
BMW Bugatti Cadillac Ferrari Lamborghini Mercedes Porsche Rolls Royce
2022 Honda HRV
A Closer Look at the 2022 Honda HR-V
2022 Lincoln Aviator
A Closer Look at the 2022 Lincoln Aviator
2022 Honda Insight
A Closer Look at The 2022 Honda Insight
BMW Motorcycles Buell Ducati Harley Davidson Honda Motorcycles Husqvarna Kawasaki KTM Triumph Motorcycles Yamaha
motorcycle goggles
The 10 Best Motorcycle Goggles Money Can Buy
A Closer Look at The 2022 Aprilia Tuareg 660
Hells Angels
20 Odd Rules Hells Angels Members Have to Follow
Electronics Fashion Health Home Jewelry Pens Sneakers Watches
Balancier S²
Greubel Forsey’s New Balancier S² Timepiece
10 Great Gifts for Outdoorsmen for Under $50
A Complete Guide to Buying a Rolex on eBay
Irina Shayk
How Irina Shayk Achieved a Net Worth of $25 Million
Michael Cohen
How Michael Cohen’s Net Worth Turned Negative
How Tracy Chapman Achieved a Net Worth of $8 Million
Katherine Langford
How Katherine Langford Achieved a Net Worth of $6 Million