IoT Security:
Are Universities’ DNS and DHCP Ready for the Challenge?

blogpost-12Today, our communications are greatly enhanced by access to the Internet, giving the ability to connect computers through a global network infrastructure. While we once only connected directly through a static port computer, we now utilize more than five connected items on average, making the total amount of IoT devices expected to more than double every five years.

However, connecting all of these devices through private or public networks has its dark side too, and can be challenging for many industries due to a significant network scale jump. Let’s look at the education sector for instance- especially universities. As campuses’ networks are open, universities are easy targets for hackers. It’s no wonder academic networks like UK’s Janet are being haunted by repeated DDoS attacks, and education was in the top five sectors impacted by cyberattacks last year.

IoT – A Growing Threat for Universities

Providing users with sufficient connectivity to IP addresses is the first of many challenges university IT departments will face with the number of IoT devices increasing. Relying on IPv4 will not be enough as it has been designed to ‘only’ handle 4 billion addresses. Universities will have to deploy IPv6 in order to manage complex IP address plans.

The DHCP service’s performance is another potential challenge they will have to deal with due to the large number of students and their multiple devices moving on campus at the same time. These movements are the main reason DHCP leases must be delivered at a high rate. The availability and security of the network’s core services, including Domain Name Resolution, will also be critical. Without it, users and devices are unable to communicate or use any network-accessed services such as email, file sharing or printing. Security is really key in this process. As many people will connect devices to the network that might be unsafe and bring malware or viruses, the threat could come from the inside, as well.

Lastly, IT departments need to ensure the campus network can handle as many IoT devices as possible. Even if they don’t consume much bandwidth, these devices still require a continuous connection that can significantly increase the network load.

Network Preparedness Checklist

This may seem overwhelming, but there are many ways universities can make sure they properly handle the upcoming challenges of the ‘IoT wave’:

1) Ensure the way they manage, use and deploy DNS servers evolves in response to attacks.

2) Implement a scalable DNS system that can provide advanced security mechanisms and is being designed to handle DoS, DDoS and zero-day attacks.

3) Upgrade their campus network in order to provide to their users both the capacity and availability required by their devices.

4) Equip their IT teams with appropriate tools and resources to face the workload of managing a huge IT infrastructure on their own. (Automation and delegation are the best tools to be used in this situation. Providing internal service portals to delegate automated tasks is for instance a good solution to track the requests while alleviating IT professionals from common tasks.)

5) Upgrade their proxies to handle the upcoming load.

While the number of challenges universities will face is damning, the most alarming fact is that the worst is yet to come. As IoT devices are mostly manufactured by companies that do not specialize in IT security, universities’ IT departments must make sure that their DNS and DHCP have strong protection mechanisms and are being monitored. This will be essential for continuing to support the next generation of students and faculty.