Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

Security Firm's Study Finds Thousands of IoT Devices on Company Networks

The growing number of Wi-Fi-connected shadow devices, both those provided by an employer and personal devices carried by workers, are raising threats for cyber-attacks, the report indicates.
By Claire Swedberg
Jun 13, 2018

Network control firm Infoblox has released a report that finds employees are putting Internet of Things (IoT) devices on company networks at an increasing rate. According to a poll of 1,000 IT directors and 1,000 employees throughout four countries, the number of IoT devices on a company's network could be as high as 10 to 20 per employee, with a business often unaware of those devices.

The report, titled "What's lurking on your network: Exposing the threat of shadow devices," found a higher-than-expected number of personal devices, including mobile phones, activity trackers, tablets and laptops. Infoblox refers to these network-consuming gadgets—tablets, smartphones and even smart televisions—as shadow devices, and says the study points to a growing security risk they might pose for companies.

Infoblox, located in Santa Clara, Calif., provides its Actionable Network Intelligence solution for network management and security threats. The company commissioned its report to better understand the challenges that companies face when it comes to managing their enterprise networks in the face of the growing popularity of IoT devices.

Although there has been significant security research around IoT, says Sean Tierney, Infoblox's director of cyber intelligence, few of the resulting reports focus on how employee-owned IoT devices on corporate networks increase a company's security risks. "Those shadow devices could belong to an employee," he explains, and could either be provided by the company—and, therefore, be managed by the firm's IT department—or could simply be a personal device that of which IT department has no knowledge. When devices that employees use at home, or in public areas, become infected, they can introduce that infection to the company's own network, which poses a security risk for the business, as well as to anyone whose data the firm manages.

Companies throughout the United States, the United Kingdom, Germany and the United Arab Emirates responded to questionnaires regarding IoT device use, Tierney says, and the results indicated that the growth in smart devices has increased the IoT-based risk at companies more than most realize. For instance, the study found that 24 percent of U.S. employees do not know what IoT security policy their employers have in place, while one in five U.S. and U.K. workers said they don't follow their company's security policies for devices, even if they know about them.

Login and post your comment!

Not a member?

Signup for an account now to access all of the features of RFIDJournal.com!

Case Studies Features Best Practices How-Tos
Live Events Virtual Events Webinars
Simply enter a question for our experts.
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations