Infoblox today announced new research that exposes the significant threat posed by shadow IoT devices on enterprise networks. The report, titled “What’s Lurking in the Shadows 2020” surveyed 2,650 IT professionals across the US, UK, Germany, Spain, the Netherlands and UAE to understand the state of shadow IoT in modern enterprises.
Shadow IT devices are defined as IoT devices or sensors in active use within an organization without IT’s knowledge. The survey found that over the past 12 months, a staggering 80% of IT professionals discovered shadow IoT devices connected to their network, and nearly one third (29%) found more than 20.
Interesting findings from the UAE include:
• Over 86% of enterprises in the UAE have more than 1,000 devices connected to their corporate networks. Nearly a third of enterprises (30%) have between 5,001 – 10,000 connected devices on their corporate network.
• Nearly 70% of respondents in UAE said that on an average day over 1000 non-business provisioned IoT devices like smartwatches, voice assistants, tablets, Fitbits etc. connect to the business network.
• 92% of enterprises in the UAE have a security policy in place for personal IoT devices connected to the corporate network. However only half (50%) of the enterprises surveyed feel their security policy for personal IoT devices is ‘very effective’.
• 90% of enterprises in the UAE have varying degrees of concern about shadow IoT devices lurking on remote or branch locations.
• Over a third of respondents in the UAE (34%) mirror the security solution at their branches that they deploy centrally at their headquarters.
• Over a third of respondents in the UAE (35%) said they see OT devices (e.g. HVAC, Video Cameras, MRI machines) as their biggest security concern when it comes to their network security.
• Over 4 in 5 respondents in the UAE (81%) said the network security solutions they plan to deploy in the next 2-3 years are cloud-based functions (e.g. CASB, UEBA, Proxy).
The global report revealed that, in addition to the devices deployed by the IT team, organisations around the world have countless personal devices, such as personal laptops, mobile phones and fitness trackers, connecting to their network. The majority of enterprises (78%) have more than 1,000 devices connected to their corporate networks.
To manage the security threat posed by shadow IoT devices to the network, 89% of organisations have introduced a security policy for personal IoT devices. While most respondents believe these policies to be effective, levels of confidence range significantly across regions. For example, 58% of IT professionals in the Netherlands feel their security policy for personal IoT devices is very effective, compared to just over a third (34%) of respondents in Spain.
Ashraf Sheet, Regional Director Middle East & Africa at Infoblox said, “In the Middle East, awareness of the risk of shadow IoT devices has grown significantly, yet IoT devices remain an open portal for cybercriminals looking to attack a network. It’s clear that regional businesses are prioritizing safety, but they are still bogged down by a lack of skilled staff and the increasing number of shadow devices connecting to their infrastructure. Because of this, network and security professionals must actively manage the threat introduced by shadow devices and integrate new network security solutions.”