Do Something About IoT Security Fears

In a report from the NASA Office of Inspector General, hackers gained access to the NASA’s Jet Propulsion Laboratory network and stole roughly 500MB of data relating to the Mars Missions. The point of entry? A simple Raspberry Pi device that you could buy from Amazon that is under 100 USD.

As security professionals, we’re well aware of the risk of IoT devices. Yes, the attack surface has expanded. Yes, there’s a host of unknown vulnerabilities. Yes, device manufacturers don’t always design their products with security top-of-mind. Yes, it’s difficult or impossible to run security agents on IoT devices.

But this isn’t the first time we’ve faced down security challenges. As security professionals, we dealt with the influx of mobile devices. Before we overcame the sky-is-falling challenges of BYOD, we secured laptops, desktops, servers and all sorts of endpoints. And we’ll secure IoT devices, too.

3 Steps to Improving IoT Security
Securing IoT devices comes down to three simple steps:

1. Accurately identify what’s on your network. It may seem obvious, but most network operators simply don’t know the details about every device that’s connected to both their wired and wireless networks, and IoT makes it even more challenging. Battery-powered IoT devices can be especially problematic, because they may wake up only briefly to a perform a function or to check-in—which means they’re popping on and off the network all day.

You need visibility into what these devices are, who is operating the devices, and what they’re doing all day. To get that visibility for IoT, it’s necessary to expand beyond traditional methods of fingerprinting. Innovations like machine learning and deep packet inspection are simplifying the challenge. Machine learning can be used to analyze device attributes and automatically group similar devices together. Deep packet inspection can be used to provide additional context and behavioral information to accurately identify hard-to-detect devices.

2. Enforce policy automatically. You need closed-loop, end-to-end access control from the moment a device joins the network. Given the sheer quantities of IoT devices, automation is necessary. Manual intervention is no longer practical. Develop policies that leverage context, such as the user role, device type, certificate status, location or day of week. When an IoT device joins a network, it can be automatically segmented, keeping traffic separate and secure, with the policy consistently enforced across wired and wireless networks.

3. Monitor for suspicious behavior. Context is critical to understanding what an IoT device is doing. You need to understand the actual behavior of a device—what protocols are being used, what applications and URLs are being accessed. If a security camera begins sending huge amounts of data at 3am outside the country, for example, you need the ability to automatically quarantine it until you can investigate, fix or replace it.

Banish the Fear with Good Planning
With a good plan and effective tools, you can mitigate the risks of IoT devices while enabling your organization to benefit from their many gains, whether that is improved physical security, monitoring equipment on the factory floor, or automatically adjusting the building’s temperature and lighting for employee comfort and to save energy.

Learn how Aruba ClearPass Device Insight can help you tackle your IoT security challenges.


Fortinet – Solução Secure SD-Branch

A Fortinet anunciou sua solução Secure SD-Branch, a mais abrangente do setor para empresas distribuídas, que protege a borda de acesso e WAN e permite redes guiadas pela segurança em organizações distribuídas. A solução Secure SD-Branch da Fortinet amplia o Fortinet Security Fabric e os benefícios da SD-WAN para o acesso à rede, convergindo WAN e segurança em uma plataforma integrada. Essa convergência aumenta a segurança e a visibilidade, diminui a complexidade, melhora o desempenho e a agilidade e reduz os custos gerais de TI relacionados à borda da rede.

Ler mais

Commvault é eleita pela HPE como parceira tecnológica do ano para soluções de armazenamento

A ampla integração das soluções de gerenciamento e proteção de dados da Commvault com o armazenamento e o portfólio de servidores da HPE capacita as empresas a simplificar a prontidão de recuperação, a nuvem com responsabilidade e a ativar dados, gerando valor aos negócios.

Ler mais

Why SMBs believe their data is unsafe in the cloud

Two thirds (61%) of small to medium-sized businesses (SMBs) believe that their data is unsafe in the cloud, with almost a third (29%) saying that they have suffered a breach since moving to the cloud for storage.

Ler mais

Aruba ClearPass, Access Point Updates Tear Down IoT Security, Connectivity Barriers

Aruba unleashed a new ClearPass offering and series of access points to help enterprises and channel partners wrangle Internet of Things (IoT) endpoints and mobile devices.

Ler mais

Why Aruba Wants to Help Enterprises Adopt IoT

Company officials rolled out ClearPass Device Insight and new access points to let organizations more easily manage the myriad devices connecting to their networks.

Ler mais

CBRE Uses Aruba Meridian for Mapping and Location

See how CBRE (the largest commercial real estate services and investment firm in the world) is focused on delivering enhanced employee experiences in the workplace.

Ler mais

Open Switch Ports: The Most Commonly Overlooked Layer of Network Security

When it comes to network security, a lot of topics come to mind. Things like firewalls and encryption are some of the most common. That being said, think of what some of the common attack vectors are toward a network. One that may come to mind is the well-known front-door attack via the web where an attacker is scanning for open ports and then applicable software vulnerabilities. Another common example might be a wireless penetration attempt, either onsite or nearby your network’s location. I agree that these are the types of things that are commonplace when it comes network attacks. But there is another single layer of security that is often overlooked.

Ler mais

Is 802.11ax the End of Dual 5-GHz Radio APs?

There are a lot of things that remain to be seen about how 802.11ax will affect wireless network design.

Ler mais

Commvault: Top enterprise technology trends in 2019

In the Data Economy where data is the fuel driving enterprises, we should expect changes in the way organizations manage data flow, data protection and data storage.

Enterprise Innovation spoke with the leaders of Commvault to find out what 2019 holds for Asia Pacific organizations seeking to survive and thrive in the Data Economy.

Ler mais