First, Reality Check
There is a lot of hype around 5G these days. Super Bowl sponsors, Verizon and AT&T made a big deal about how 5G was changing the way people experienced the game. Note, however, that while there are some 5G sites in Miami, Florida near the stadium, the networks consist mostly derivatives of 5G Plus, 5GE, WiFi and 4G LTE.
That said, 5G is coming and will likely be fairly widely deployed throughout 2021. However, managers of corporate networks should start thinking about 5G challenges to network security and data privacy.
Speed, Scale and Efficiency
5G will offer 100G speeds, <1ms latency and much lower power draw in the cell sites as well as longer battery life for connected IoT devices. These technological changes will enable an explosion of IoT connected devices to be accessed from anywhere at any time. There are many industrial applications being developed around manufacturing robotics and medical devices. The consumer applications are too numerous to mention. Without the tether of wired control, remote apps are being developed for automobiles, refrigerators, lights, music, entertainment and more. Two major issues need to be addressed as a result of the proliferation of IoT devices…security and privacy.
Big Data Getting Bigger
As more devices connect to the internet the amount of personal data being collected will increase accordingly. Refrigerators can read bar codes and alert consumers when they are getting low on certain groceries. GPS devices in smartphones are tracking location and movements of users and providing sales incentives in real time. Pharmacies are automatically refilling prescriptions electronically filed by doctors. All this technology provides convenience, but what is cost to personal privacy?
These pharmacies, grocery stores, and cell service providers are collecting personal information on consumers like never before. Beyond using this information for their own marketing purposes, they are selling it to other companies who are interested in consumer trends, movements and potential markets. 5G services will increase the number of connected devices and, thus the amount of personal information being collected. From a personal perspective, this trend may or may not be of concern. From a business perspective, the trend of everything being 5G internet connected coupled with BYOD means there will be many new pathways for hackers into the corporate network.
Protecting Proprietary Information
The corporate IT department may enforce strict security standards on BYOD smartphones, tablets and laptops such as strong passwords and requirements to change passwords at regular intervals. However, other personal connected devices may unwittingly become a backdoor to the company network. The Target breach was initiated from an internet connected HVAC system that was unprotected. That breach, according to Target, cost the company about $200 Million dollars.
One example of this type of vulnerability could be an employee with a personal laptop connected to the company network through a home WiFi network. The home WiFi network is connected to a variety of other personal devices and to the public internet. When the employee is working from home on the company network, there may be unprotected access from the other WiFi devices to the corporate network. Consumer IoT devices are not made with the same focus on security as some industrial devices. The lack of a security focus in consumer IoT devices can become a security vulnerability for corporate networks. Therefore, the corporate threat landscape will increase dramatically as 5G enables the proliferation of connected consumer devices.
No Single Solution
There is no single solution to complete security as we transition from 4G to 5G and IoT connected devices proliferate. However, developing a strong security platform using a variety of protections is a good start to reducing corporate vulnerability to attacks and breaches in a 5G IoT world.
Permanent, consistent monitoring of links using TAPs and Packet Brokers connecting specialized tools allows organizations to have complete visibility of network traffic. Understanding what is normal traffic vs malicious anomalies is the first step in stopping attacks before they can take root.
Introduce a program of ongoing training for non-IT personnel on safe internet practices. Non-technical employees need to be aware of potential threats and how to recognize them. Safe internet practices such as password protecting personal smartphones home WiFi routers will help maintain corporate security as well.
Employ security tools such as Intrusion Protections Systems (IPS), Data Los Protection (DLP), vulnerability scanning and threat visualization will help strengthen your corporate security profile. No single device can do it all. Reports show that most enterprise networks employ a range of 7 to 20 specialized tools for traffic monitoring and network protection.
A complete transition from 4G to 5G will take time. Meanwhile, the combined vulnerabilities of new and legacy technologies will present a clear and present danger to corporate networks. The right combination of security and monitoring tools connected to links by independent, fail-safe TAP technology will help organizations establish strong defenses against the expanding 5G threat landscape.
To find out more about the network security and monitoring tools offered by Network Critical, explore our website.