The Internet of Things and DNS Security

When we think of the Internet of Things, we usually think of smart home devices such as Nest’s intelligent thermostat, Amazon’s Echo or the recently announced Google Home. But they’re only a small part of a predicted explosion in the number of devices – and in the services they are going to use. Tomorrow’s internet is one where machines and devices outnumber the PCs and smartphones that access the information they deliver. Just take a look at the announcements from this year’s Mobile World Congress, where low-cost connected hardware and smart devices were at the fore, providing new, highly valuable services to consumers and enterprises.

According to Gartner, “the use of connected things in the enterprise will drive $868 billion in 2016”. This will have a lot of impact on IT infrastructures, but it is difficult to anticipate at all levels, and the conversation could quickly turn out to be very speculative. However, it is more than fair to say DNS services will play a key role in terms of IoT enablement and security.

As it is already the case for most equipment and applications connected to a network, IoT devices and services will also have names to enable communication with them. As with phone numbers, it is much easier for a human being to remember a name than an IPv4 address (not to mention an IPv6!). This surge of names and DNS dependent services should lead IT managers to re-evaluate their global DNS infrastructure to ensure it is ready to handle the coming “Big Wave” of DNS requests. Otherwise, it will quickly have major impacts on IT services continuity and performance. The resiliency and ultra-low latency of DNS services are two points of utmost importance to secure the business continuity and enhance IoT user experience quality.

The other critical aspect to consider is the security impact. To date, the security of most IoT services and devices is very poor, especially for those brought by employees. From internet-connected dolls, cars and healthcare apps, many have already been hacked. As BYOD devices, they are simply new vectors of security threats to consider very seriously. Hackers use them to infiltrate the company’s network with malware and launch DoS attacks, ransom for company’s data or steal confidential information. In a context where DNS is on the top of the primary application layer target (Arbor Networks Security Report 2016), a purpose-built DNS security solution helps to protect employees, data confidentiality and the business continuity from IoT threats.

Real-time and advanced DNS analytics also offer essential insights to reveal the presence of insider threats in your networks such as botnets, malware, and APT (advanced persistent threat). This in-depth visibility into DNS traffic enables misbehavior and breach detection before damage occurs. Attempts to exfiltrate confidential data in DNS transactions can be detected and blocked. Additionally, purpose-built DNS security ensures appropriate countermeasures to protect the integrity and continuity of this business-critical service, while mitigating the risk of false positives.

When it comes to the Internet of Things, a well managed DNS is a key component of an effective security architecture. If you’re planning on deploying a large scale IoT infrastructure, be ready to take advantage of DDI to ensure you have full control of your devices, no matter their location or network to which they are connected.

Want to learn more about DNS security? Download the white paper below and read about how to use best practices guidelines to keep hackers from wreaking havoc on your organization.