Story image

5G could lead to shadow IoT if security is ignored

24 Jul 18

While 5G promises to shake up the world of mobile apps, communications, and IoT, 5G’s potential for scalability may end up taking a darker turn.

Experts from ForeScout say that businesses may end up using 5G-deployed applications without getting IT teams involved, which may lead to shadow IoT that could create even more problems.

Those problems include security and performance challenges for businesses, particularly as industry standards governing IoT security today are basic.

 “The advent of the cloud a decade ago made it possible for employees to implement cloud-based solutions with nothing more than a credit card and an internet connection. This led to the rise of unapproved, unsecured applications being used in enterprises, which is what became known as shadow IT,” comments ForeScout director for Asia Pacific and Japan, Steve Hunter.

“Just like cloud, 5G will make it easy for businesses to deploy applications more quickly without the perceived friction that the internal IT organisation can introduce.” 

He believes that for enterprise IoT, 5G will help to examine use cases that are deployed today on 4G or 3G networks. But like all applications, they become extensions of the enterprise network and they need to be secured.

ForeScout says it’s essential to prioritise security tools that offer visibility, particularly as organisations prepare for the ‘onslaught’ of IoT applications when 5G becomes widely available.

“The only way to secure the network is to know exactly what’s connected and how it’s being used,” says Hunter.

“When business units can do this without IT assistance, gaining full visibility becomes complex. We’ve seen this story before with both the BYOD challenge post-iPhone and then the rapid adoption of the cloud. The upcoming rollout of 5G will motivate organisations to explore of the business value of IoT, so it’s essential to shine a light into every dark corner of the network now to prevent visibility gaps in the future.” 

Although the 5G standard isn’t expected to be solidified until 2020, service providers are currently testing pre-standard 5G networks.

ForeScout says many use cases will operate effectively on existing networks, so some businesses are exploring IoT deployments today. Taking a proactive position on IoT deployments can help IT reduce the instances of shadow IoT by avoiding the perception of IT-introduced friction. 

“It’s important to learn the lessons from IT history. The technology and security functions had to integrate cloud into corporate IT to rein in shadow IT. Similarly, IT should gain control of today’s shadow IoT and by doing so make ready for the future of IoT that’s coming with 5G,” Hunter concludes.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.