All Posts By

Ofer Amitai

Securing Your Network Before Summer Travel

By | news | No Comments
While summer vacations offer employees a chance to unwind, they have the opposite effect on the IT staff. When employees take company devices or check work emails while traveling, they may be putting the company network at risk, and IT teams need to be prepared. Portnox’s CEO and Co-Founder Ofer Amitai, looks at how company devices are susceptible to an increase in security vulnerabilities during summer travel and why IT teams must do the upfront work to keep these devices secure.  

Published in Business.com.

Read the full article here.

Tips to Find the Right Risk Management Tools for Your Organization

By | news | No Comments

When choosing which specific risk management tools to use, there are a few key factors to address. Portnox’s CEO and Co-Founder, Ofer Amitai, shares a few tips to follow.

“It is extremely difficult to protect against threats that are not recognized by your risk management tools and not assessed as potential threats,” said Amitai. “Once detection is possible, protection is a viable option.”

Published in IT Business Edge.

Read the full article here.

Junior C# Developer – Ra’anana

By | Careers | No Comments

Looking to hire a Junior C# Developer to join our engineering team. Portnox provides awarding winning solutions for Network Access Control, which is today a must have solution for most all enterprises.

Requirements

  • 2+ years of experience in C# development
  • Excellent C# and .NET skills – Must
  • Knowledge of relational databases and SQL – Advantage
  • Knowledge in web development concepts (REST, JSON, AJAX) – Advantage
  • Innovative and out-of-the-box thinker
  • BA/B.Sc. in Computer Science

Interested? Send us an email with your CV: apply@portnox.com

Inside Sales Specialist – North America

By | Careers | No Comments

Looking to hire an inside sales specialist to join our growing sales team. Portnox provides awarding winning solutions for Network Access Control, which is today a must have solution for most all enterprises.

Responsibilities

  • Phone and email follow-up to daily incoming leads
  • Scheduling on-line product demonstrations and/or sales follow up meetings
  • Tradeshow lead follow-up
  • Cold calling
  • Tradeshow support as required
  • Sales coordination activities

Requirements

  • Self-motivated individual with “can do” attitude
  • Strong communication skills
  • Experience using/working with Salesforce
  • A general understanding of networks and network security is a plus

Interested? Send us an email with your CV: apply@portnox.com

Is Blockchain The Answer to IoT Security?

By | news | No Comments

Blockchain is considered one of the most promising technologies for the future and it could- and should- be the answer to device-to-device communication and authentication for IoT devices. Portnox’s CEO and Co-Founder Ofer Amitai, shares his insights on Blockchain and IoT, looking at how blockchain technology can play a huge role in achieving increased security, reliability and trust in IoT networks in the future.

Published in IoT Agenda.

Read the full article here.

Sales Coordinator – Ra’anana

By | Careers | No Comments

Portnox, a quickly expanding Hi Tech company in Ra’anana is seeking for a talented individual for the role of Sales Coordinator, a part-time position (perfect for a college student).

This is an amazing opportunity to enter the Israeli Hi Tech industry.

Responsibilities

  • Follow ups and monitoring customer licensing in Israel and all over the world
  • Maintaining consistent communications with customers and business partners
  • Handling price quotes/bids as well as service and maintenance contract renewals

Requirements

  • Excellent command of the English language
  • Motivated and punctual
  • Great attention to detail
  • Excited to learn new things
  • Flexible hours, part-time position, ideal for a college student

Interested? Send us an email with your CV: apply@portnox.com

IoT ip camera

Why is It So Easy to Hack an IP Security Camera and Any IoT Device?

By | IoT | No Comments

A home or office that has connected IoT (Internet of Things) devices or machines is actually full of possible weak spots for hackers, and, ironic as it may be, security cameras are often at the top of that list. It is up to us, the end-users, to reduce the threat. While cameras are storing security video to prevent crime or corporate espionage, hackers are quietly able to brute-force their way into many devices and turn them into an army of attack soldiers, as was the case in the October 2016 massive Dyn Cyberattacks that affected large chunks of the United States and Europe.

Security cameras are connected to the Internet so as to allow users remote access, along with anyone else they need to let in. This feature lets users check in on security cameras when no one is at home or at the business, and allows manufacturers to update device software without having to make house calls. The convenience and brilliant simplicity notwithstanding, this very feature that is the essence of all IoT devices is actually a cyber-bug. IoT devices are easy to connect to remotely by just about anyone, and unfortunately, not just by the people one would wish to share access with.

Yes, it really is that easy.

All Internet connected devices have IP addresses and therefore can easily be found on search engines such as Google and Shodan (a searchable registry of IP addresses with information about connected devices). Hackers can find thousands of hackable devices such as cameras just by entering a few search terms, and armed with this information they move to the actual breaking in.

Additionally, IoT devices typically come with default passwords, and many users, even after the 2016 Dyn Cyberattacks, stay with the default settings and do not bother to set a unique username and password. Hackers can find lists of vulnerable devices and try out default passwords. If those have never been changed – they are in. Even if the passwords have been changed, hackers can use SSH and telnet services that unfortunately allow hackers to force their way into devices, since changing a device’s web app password typically does not guarantee that the password coded into the device has been updated.

According to Flashpoint (a cybersecurity company), in the 2016 Dyn attacks, hackers inserted Mirai, malicious malware that allowed the use of at least 100,000 IoT devices as soldiers in a botnet (zombie army), including printers, IP cameras, residential gateways and baby monitors. This botnet was used to send thousands of junk requests to Dyn, a company that manages web traffic for many prominent websites such as Twitter, Amazon, Netflix, and Reddit, who were knocked offline by the attack. Dyn couldn’t separate the legitimate requests from the junk, and consequently internet users in the US were cut off from these websites, which is the definition of a DDoS attack (Distributed Denial of Service). This example, though extreme, shows the potential vulnerabilities that unknown and unmanaged IoT devices can cause a network.

Securing IoT devices in two steps:

Step 1: Visibility

With the number of IoT devices entering the enterprise network, it is challenging to keep track of them. Without network visibility, it is impossible to see, manage, control and secure the network, and the risk for breaches increases. Clearly the first step in securing IoT devices is making sure that they are seen and acknowledged as existing on the network. IoT devices in the enterprise could include time-attendance clocks, smart TVs, temperature gauges, coffee makers and the above mentioned IP cameras. To minimize the risks, once identified on the network, there should be a centralized control mechanism that would enforce updates of the latest patches in security software.

Step 2: Network Segmentation

Once an organization has established complete visibility and centralized management across the network, it is crucial to segment all valuable enterprise data and establish controls to protect the expanding IoT surface. IoT devices should be on a separate network segment from the organization’s mission critical systems or data, including segmentation from devices such as laptops, PCs, tablets and smartphones containing enterprise data. Segmenting into secured network zones should be automated and then firewalls must be deployed between these segments to prevent IoT devices from reaching enterprise assets. With intelligent and automated segmentation, the enterprise increases ROI from its existing detection technology, making it more accurate and effective. Thus, even if IoT devices are breached, it shouldn’t expose enterprise assets along with them.

Conclusion – Using Intelligent Network Access Controls (NAC)

For the foreseeable future, it appears that cyber offenders will continue to take advantage of IoT vulnerabilities, but there is no reason for today’s enterprise to sit back and do nothing. All of the steps mentioned above and more can be achieved by using Portnox NAC solutions. Having full network visibility to identify devices on the network, followed by a layered and automated approach will allow the enterprise to secure these devices and respond to any potential breach, keeping important assets protected.

Want to see just how easy it is to hack an IP camera?
There are just a few steps required to perform a live hack of an IoT device, and without proper network segmentation, the consequences could be disastrous.
Once you have seen just how easy it is, check out more information on integrating connected devices into your network in the optimal way for security as well as ease of use purposes.

How Can IT Safely Embrace Digital Transformation?

By | news | No Comments

The digital transformation of business gives employees flexibility and choice, which can increase productivity, enterprise revenues and job satisfaction. Moreover, it allows companies to expand to more cities and countries, growing their direct markets, but at the same time, it opens up a whole new batch of cyber threats. Portnox’s CEO and Co-Founder, Ofer Amitai, looks at how IT should safely embrace the benefits of digital transformation and explains why CIOs and CISOs need to implement strategies that meet the ever-changing needs of the company and allow for flexibility, scalability and agility of the mobile and digitally transforming enterprise.

Published in Business.com.

Read the full article here.

Portnox Announces New NAC-as-a-Service, Portnox CLEAR App for the Palo Alto Networks Application Framework

By | press releases | No Comments

Portnox, a market leader for network visibility, access control and device risk management solutions, today unveiled its Portnox CLEAR app for the Palo Alto Networks® (NYSE: PANW) Application Framework. The app will offer Palo Alto Networks Application Framework customers a complete view of the network, ability to control the risk by coping with threats in real time, as well as increased visibility into devices – including Bring Your Own Device (BYOD), Internet of Things (IoT), mobile and managed devices, anywhere in the world.

Consuming cybersecurity innovations has become an arduous process. Organizations waste time deploying new sensors every time they want to collect a new piece of data and managing point products rather than improving security controls to stay ahead of attackers. The Palo Alto Networks Application Framework makes it easy to add new security capabilities quickly and efficiently. The framework extends the capabilities of the Palo Alto Networks Security Operating Platform, with a suite of APIs that developers can use to connect innovative apps with rich data, threat intelligence and enforcement points. Organizations gain immediate security value from apps developed by an open ecosystem of trusted innovators.

CLEAR is Portnox’s NAC-as-a-Service cloud solution, offering network administrators robust network and cloud access controls, visibility and risk monitoring capabilities. CLEAR augments network security by providing continuous endpoint visibility, including real-time risk assessments in all locations, discovery and visibility of IoT and BYOD devices. Portnox CLEAR generates unique risk scores for each device based on the security configuration and posture of the device in conjunction with contextual behavior patterns, whether a device is on or off premise, over wired, VPN or wireless networks. As part of the Application Framework, the Portnox CLEAR app will enable customers to monitor a network or endpoint threat indications from the Framework, update the risk score of devices, and, based on policy, automatically authorize or block devices from accessing the network.

QUOTES

  • “With the influx of connected devices on the corporate network, reaching 200 billion connected devices by 2020, today’s workforce is increasingly complex and difficult to secure. All organizations need total visibility into their networks and every endpoint, and Portnox is committed to making this easier than ever before by having real time rapid response and risk mitigation capabilities. Our app for the Palo Alto Networks Application Framework will further help us provide complete visibility and control, keeping more enterprises safe and secure.”
    • Ofer Amitai, CEO, Portnox
  • “We are delighted to welcome Portnox to the Palo Alto Networks Application Framework developer community. The framework provides our customers with superior security through cloud-based apps developed by innovative security providers, large and small. Together, we are fueling innovation in the cybersecurity market with apps that are built rapidly, engineered on a common framework, and deliver unique value while solving our customers’ toughest security challenges.”
    • Lee Klarich, chief product officer, Palo Alto Networks

AVAILABILITY

  • The Portnox CLEAR app will be available in conjunction with the Palo Alto Networks Application Framework availability.
  • The Palo Alto Networks Application Framework is targeted for worldwide availability in August 2018 and will be available to customers who have purchased either Palo Alto Networks next-generation firewalls or Traps advanced endpoint protection and the Logging Service subscription.

About Portnox

Portnox secures connected organizations’ corporate networks utilizing its next-generation network access control and management solutions. Portnox’s solutions manage every user, every device – including: Internet of Things (IoT), BYOD, mobile and managed devices – accessing the network, everywhere.

Founded in 2007, Portnox provides its global customers with a complete view of device and network visibility, reducing security risks and improving network control. Portnox offers two solutions – CORE for On-Premise NAC and CLEAR for cloud-based NAC – allowing companies to grow, optimize, and evolve their infrastructure while maintaining the upmost security and compliance. The company has been recognized for numerous industry awards, including Info Security Products Guide 2018 and 2017, 2018 Cyber Security Excellence Awards, 2017 Computing Security Awards, 2017 Best of Interop ITX and 2017 Cyber Defense Magazine. Portnox has offices in the U.S. and in Europe.

About Palo Alto Networks

We are the global cybersecurity leader, known for always challenging the security status quo. Our mission is to protect our way of life in the digital age by preventing successful cyberattacks. This has given us the privilege of safely enabling tens of thousands of organizations and their customers. Our pioneering Security Operating Platform emboldens their digital transformation with continuous innovation that seizes the latest breakthroughs in security, automation, and analytics. By delivering a true platform and empowering a growing ecosystem of change-makers like us, we provide highly effective and innovative cybersecurity across clouds, networks, and mobile devices.

Top 5 Security Issues That Organizations Face Today

By | news | No Comments

Portnox’s CEO and Co-Founder, Ofer Amitai, and several top industry experts discuss what new regulations concerning data and technology mean for organizations and what IT leaders can and should do to ensure their organizations comply with industry and government regulations.

“Sandboxing IoT devices into a separate area of the network, limiting their — and by association, hackers’ — access to sensitive data and credentials,” says Amitai.

Published in CIO.com.

Read the full article here.