fotohansel - Fotolia

Enterprise network access policies must change to account for IoT

With IoT devices set to outnumber notebooks, smartphones and tablets by more than three times, businesses will need to adjust their network access policies to keep things running smoothly, says Gartner

Organisations embarking on internet of things (IoT) projects are seeing problems in identifying new devices and characterising them as part of their current network access policy, according to research house Gartner, and this problem will only increase as IoT devices look set to outnumber notebooks, smartphones and tablets by a substantial margin by the end of the decade.

According to Gartner analysts, 21 billion IoT devices and sensors will be in use around the world just four years from now, with around 6% in use for industrial IoT applications. As the majority of these devices will use established enterprise wireless networks, it will become more important for IT managers to liaise effectively with other business units to identify all devices and projects having an impact on this infrastructure.

“Having embraced a bring-your-own-device [BYOD] strategy, organisations must now get employee devices on the enterprise network and start addressing the IoT devices that we project will want access,” said Gartner research vice-president Tim Zimmerman.

“Whether a video surveillance camera for a parking lot, a motion detector in a conference room or the HVAC for the entire building, the ability to identify, secure and isolate all IoT devices – and in particular 'headless' devices – is more difficult to manage and secure.”

After identifying all the devices attached to an enterprise network, IT departments will need to modify, or in many cases create from scratch, a network access policy as part of an enterprise policy enforcement strategy, determining if and how ‘things’ should be connected, and what roles they will be assigned that govern their access to the network.

Gartner advised that IT leaders would need to define connectivity policies, deploy packet sniffers to identify devices that might be performing undesirable actions, and in the case of IoT devices that use mobile radio standards such as Bluetooth or Zigbee, effectively plan for spectrum use.

Its report also suggested the creation of virtual network segments to allow network architects to separate out their IoT assets from other network traffic, and prioritise different segments according to their needs. In Gartner’s example, this could mean giving video surveillance data priority over lighting outside of office hours.

Read more about IoT

Read more on Internet of Things (IoT)