Blog
Topic
All
AIoT
Small business
Products and technologies
Industries
All
Retail
Traffic
Education
Logistics
Banking
Building
Energy
Sustainability
Business trends
Cybersecurity
Partner and customer experience
Events
Resources and events
Search blog
Blog
Filter
Cancel
Topic
All
AIoT
Small business
Products and technologies
Industries
All
Retail
Traffic
Education
Logistics
Banking
Building
Energy
Sustainability
Business trends
Cybersecurity
Partner and customer experience
Events
Resources and events
Reset
Submit

Business network segmentation: a must in the IoT era

 

The key to protecting network connected devices, and sensitive operational and customer data is to segment your network, which means creating separate network domains for different types of systems and devices – including IoT devices.


Many IoT devices are just small, Linux computers put in things like light bulbs, refrigerators and thermostats. However, do you care about the cyber security of them?  Or have you updated their patches regularly?


It is fundamentally risky to keep all of your devices on a flat network. This kind of security risk can clearly lead to non-compliance with data protection regulations – such as GDPR in Europe – potentially resulting in large fines that many small businesses just can’t afford. And the worst part is it probably would never have happened if the appropriate network segmentation, firewalls and security controls had been in place.

 

The old way: “flat” networks with just one point of entry

To understand the need for network segmentation, it’s first necessary to understand what a traditional “flat” network architecture looks like (illustrated below). Unlike segmented networks, flat networks have just one firewall router, usually purchased from a retailer, or installed by an Internet Service Provider.

 

Figure 1: A traditional, flat network architecture
This is called a flat network because there is no firewall or logical separation between any of the devices, so they can talk directly to every other device on the network.


This kind of architecture worked well when most small businesses just had a few computers, which was often the case in the late 90s and early 2000s. Back then, there was no Wi-Fi, no IoT network-connected devices, and very few (if any) mobile phones that had access to the Internet.

 

Why flat networks are no longer OK

When smartphones with Wi-Fi access became commonplace, many small companies found that the number of devices connected to their network doubled over a very short period of time, increasing networking and – specifically – cybersecurity challenges.


Today, network security is an even tougher challenge, as smart TVs, smart light bulbs, smart refrigerators, and a wide range of other IoT devices are being connected to small business networks at scale – sometimes resulting in literally hundreds of devices on the network.


All of these new devices have a network interface, storage, memory, processors and an operating system. In other words, they are computers, and they are just as vulnerable to attack as any other kind of computer or smartphone.


Additionally, IoT devices in particular are always connected to the Internet, and are rarely patched, making them a relatively easy target for hackers. Remember, hackers can use these devices to access the network as a whole – which could potentially lead to a major data breach and – in the worst cases – large regulatory fines.