Zscaler has released a report titled, “IoT Devices in the Enterprise 2019: Shadow IoT Threats Emerge,” that has analyzed the exponential growth in IoT traffic volume, growth of IoT-based malware, IoT cloud transaction volume and how new threats have emerged within the Federal IT Enterprise.
The company described how IoT devices and transaction volume in the cloud has transformed within the industry. Zscaler researchers found that, of the total number of devices within IoT devices connected to cloud, consumer devices topped the list.
The category with the highest number of individual devices was far and away TV set-top boxes, which enable analog television sets to receive digital broadcasts at 29.5 percent, then smart TVs at 20.3 percent, followed by smart watches at 14.8 percent and media players at 8 percent.
Zscaler noted that when focusing on the total number of transactions, business process IoT devices ranked highest, reporting that 56.8 percent of IoT transactions were conducted with data collection terminals, which are wireless barcode readers used in manufacturing, engineering, logistics and warehousing applications, including printers, media players and digital signage media players.
The report also stated that 41 percent of theIoT devices do not use SSL, stating that it creates a blind spot within an organization because in the current networking industry all encrypted traffic should be inspected.
Within Zscaler’s research, the company reported the IoT traffic volume within certain industries. For manufacturing and retail industries generated the most IoT traffic volume at 56.8 percent, followed by enterprise at 23.7 percent, entertainment and home automation at 15.7 percent and healthcare at 3.8 percent.
In manufacturing and retail verticals, the Zscaler team identified 57 different device types from 20 manufacturers, including 3D printers, geolocation trackers, industrial control devices, automotive multimedia systems, data collection terminals and payment terminals.
Among digital signage media players, the report noted BenQ, BrightSign, Navori, ViewSonic and Phillips were top contenders. The most prevalent DVRs were from TVT, EverFocus, and DIRECTV. There were IP cameras and IP phones from Axis, Foscam, Samsung, Yealink, and Cisco, and networking devices from Ixon and NetBiter.
In the entertainment and home automation category, devices included digital home assistants, media players, set-top boxes, smart glasses, smart home devices, smart TVs and smart watches, with a total of 420 devices from 150 different manufacturers.
In the “smart” category, there were smart home systems from Samsung, Skybell, and Ring; smart TVs from LeTV, Sony, Samsung, LG, Hisense, Panasonic, Phillips, Sharp, and Xiaomi; smart watches from Apple, Fossil, Pebble Time, LG, Samsung, Lemfo, Mobvoi and smart glasses from Google.
“As an industry, we need to implement security strategies that safeguard enterprise networks by removing shadow IoT devices from the attack surface while continuously improving detection and prevention of attacks that target these devices.”
Zscaler is a global cloud-based information security company that provides Internet security, web security, firewalls, sandboxing, SSL inspection, antivirus, vulnerability management and granular control of user activity in cloud computing, mobile and Internet of things environments.
As of 2015, Zscaler provides automated threat forensics and dynamic malware protection against advanced cyber threats, such as advanced persistent threats and spear phishing. It provides a cloud-based approach to security as a service. Zscaler was listed on the NASDAQ on 16 March 2018.