Zscaler Reveals Enterprise IoT Ecosystem Extends Beyond Corporate Devices; 56 Million IoT Device Transactions Over 30 Days

Leader in Cloud Security Frames IoT Ecosystem Across 153 Different

., the leader in cloud security, announced today the release of
its 2019 report, IoT
in the Enterprise: An Analysis of Traffic and Threats
, which
examines traffic stemming from IoT device footprints across the Zscaler™
cloud over the course of 30 days. The Zscaler™ ThreatLabZ research team
analyzed 56 million IoT device transactions to understand the types of
devices in use, the protocols used, the locations of the servers with
which they communicated, and the frequency of inbound and outbound

Over a 30-day period, 56 million transactions were processed in the
Zscaler cloud from 270 different types of IoT devices made by 153
different manufacturers. The analysis showed that more than 1,000
organizations have at least one IoT device transmitting data from the
network to the internet via the Zscaler cloud platform.

The most commonly detected IoT device categories across the Zscaler
cloud, included IP cameras, smart watches, printers, smart TVs, set top
boxes, IP phones, medical devices, and data collection terminals, among

“As is often the case with new innovations, the use of IoT technology
has moved more quickly than the mechanisms available to safeguard these
devices and their users. Within only one month of traffic, our threat
research team saw an astronomical amount of traffic stemming from both
corporate and personal IoT devices,” said Amit Sinha, Executive Vice
President of Engineering and Cloud Operations, Chief Technology Officer,
Zscaler. “Enterprises need to take steps to safeguard these devices from
malware attacks and other outside threats.”

Top IoT Security Concerns:

  • Weak default credentials
  • Plain-text HTTP communication to a server for firmware or package
  • Plain-text HTTP authentication
  • Use of outdated libraries

“We observed that over 90 percent of IoT transactions are occurring over
a plain text channel, which we believe makes these devices and the
enterprises that house them vulnerable to crafted attacks,” said Deepen
Desai, Vice President of Security Research, Zscaler. “Enterprises need
to assess their IoT footprint, as they will only continue to expand and
raise the risk of cyberattacks. From changing default credentials to
restricting access to IoT devices from external networks, there are a
variety of steps that can be taken to increase the IoT security posture.”

The Zscaler ThreatLabZ research team consists of security experts,
researchers, and network engineers responsible for analyzing and
eliminating threats across the Zscaler security cloud and investigating
the global threat landscape. The team shares its research and cloud data
with the industry at large to help promote a safer internet.

For more information on the Zscaler cloud, please visit: https://www.zscaler.com/threatlabz/cloud-activity-dashboard

About Zscaler

Zscaler (NASDAQ: ZS) enables the world’s leading organizations to
securely transform their networks and applications for a mobile and
cloud-first world. Its flagship services, Zscaler Internet Access™ and
Zscaler Private Access™, create fast, secure connections between users
and applications, regardless of device, location, or network. Zscaler
services are 100 percent cloud-delivered and offer the simplicity,
enhanced security, and improved user experience that traditional
appliances are unable to match. Used in more than 185 countries, Zscaler
operates a multi-tenant distributed cloud security platform, protecting
thousands of customers from cyberattacks and data loss. Learn more at zscaler.com
or follow us on Twitter @zscaler.

Zscaler, Zscaler Internet Access, and Zscaler Private
, ZIA and ZPA are either (i) registered
trademarks or service marks or (ii) trademarks or service marks of
Zscaler, Inc. in the United States and/or other countries. Any other
trademarks are the properties of their respective owners.


Micheline Nijmeh
Chief Marketing Officer
[email protected]

error: Content is protected !!