Category

Blog

What IoT Vendors Don’t Want You To Know

By | IoT | No Comments

“Mr. President, the Problem is Much Worse than You Think”

Late one night in 1983, then-President Ronald Reagan – an avid movie lover – watched War Games, about a teen who hacks NORAD (the North American Aerospace Defense Command) and nearly starts a third world war. A few days later Reagan asked General John Vessey, then Chairman of the Joint Chiefs of Staff, whether this could really happen. After a week of investigation, General Vessey’s answer was, “Mr. President, the problem is much worse than you think” – a response that quickly jumpstarted new efforts to develop America’s cyber capabilities.

You’re probably thinking: That was then, this is now. Right? In the Eighties, concepts like cyberterrorism were new and nobody – not even the White House – was prepared.

We’ve made great strides in terms of our awareness, sensitivity, and readiness for cyber threats over the last thirty-five years.

But while this may be true of many aspects of network security, it’s simply not the case with IoT. When it comes to this relatively new area of cyber terrorism, the shocking truth is that our naiveté is not that far from that of the Reagan era.

Sony Camera’s Backdoor

One example that illustrates the vulnerability and danger of IoT is the recent story about Sony security cameras. Last October, researchers from SEC Consult found two backdoor accounts in 80 models of professional Sony security cameras – the kind that’s primarily purchased by enterprises and authorities, because of their high cost.
The cameras’ backdoor accounts have the potential to give hackers full access to the cameras. A camera taken over by an attacker could spy on a client – or worse, use the camera to take a foothold in a network and launch further attacks.

End of story: Sony released firmware updates for all affected camera models on November 28, 2016 that remove the backdoor accounts, and advised all users to install these updates as soon as possible. But clearly, what happened to Sony can happen in other contexts. Hackers know this, and in today’s reality it’s specifically IoT devices that pose the greatest risk to security and have become an attractive target.

The Issue of Price Point

IoT devices are generally mass-produced using simple techniques, and at the lowest prices. The problem is that “cheap and easy” usually translates into “highly insecure.”
Manufacturers are motivated to keep the price down. And because hackers use devices to attack third parties, there is little incentive by users or manufacturers to take responsibility for the resulting security issues. This leads to the obvious question of who is handling the resulting security risks.

The Limited Nature of “Things”

One of the reasons IoT vendors do not prioritize the installation of security capabilities in devices is that the devices are not as easy to secure as more traditional computing devices. In some cases, they have limited configuration capabilities. And in most cases, vendors do not issue regular security updates or patches when vulnerabilities are discovered – meaning that your IoT device firmware is only as secure as your last patch.
Because most IoT devices do not have large amounts of extra storage space, memory, and processor power, adding strong security to them can be problematic. Encryption, blacklisting and other security mechanisms often require storage space and memory/processing capabilities, which are well beyond what the device has built in.

Unlike a typical computer, when it comes to IoT you cannot just “open the box” and add more of these resources. If security is going to be a consideration, it needs to be addressed at the design stage. But this potentially leads to changes in product design – and more money spent by the vendor.

Unknown and Undetected

IoT vendors usually have much more information on your network that they keep to themselves – and that users are not aware of.  IoT devices collect a wide variety of information, and because the devices are not sufficiently protected, it can mean the exposure of an organization’s critical data or infrastructure.
Take, for example, something as mundane as multifunction and digital hardcopy devices. These machines generally come complete with their own operating systems, hard drives, and supporting subsystems. When employees copy confidential company documents, it’s unlikely that they are aware that the images of these documents are saved on the system’s hard drive. Similarly, when employees scan documents and send them to file servers across the network, they probably do not know that they are sending unprotected files across the network.

The Buck Stops…Where?

So who is taking responsibility for tackling our troubling reality, a reality that includes increasing IoT vulnerabilities and the constant threat of cyber attack?
There are several ways of tackling the problem. One possible approach (described in this recent article by SearchSecurity) was pitched by security expert Bruce Schneier at the recent RSA Conference 2017. Schneier called for the creation of a U.S. government agency focused on IoT regulation, warning, “We need to think about smart regulations now, before a disaster, or stupid regulations, will be foisted on us.”

Another, completely different approach involves keeping our focus on developing innovative technological solutions that help protect networks.

As outlined in this recent post on Forbes, one possible way forward involves building smarter, more resilient networks that can shunt a load away if it’s malicious. The vision involves using the combined forces of automated tools, for the analysis of network behavior, and skilled human operators, who can figure out how best to combat each threat.

Given the complexity of the threat, what we need here is not an either/or approach, but a combination of options. Because one thing is clear: the nature of IoT requires thinking out of the box and exploring new and innovative means of keeping our networks protected.

What Can a Hijacked IoT Device Do to Your Network?

What Can a Hijacked IoT Device Do to Your Network?

By | IoT | No Comments

“I don’t know where I’m going, but I’m on my way.” This remark by American writer and poet Carl Sandburg seems to capture what’s going on at the moment with the Internet of Things (IoT). It is growing at such breakneck speed that nobody can pinpoint how extensive this growth will continue to be. Take, for example, a forecast by Gartner, which anticipates 20.8 billion connected IoT devices will be in use for 2020 – and compare it to the significantly higher prediction by IHS forecasts, which anticipates no less than 30.7 billion connected devices in the same period.

Whatever the statistics, one thing is clear: The widespread adoption of IoT is a development that brings with it the promise of value to many organizations. On the other hand, it also creates security challenges by increasing the attack surface for organizational networks.

This reality was starkly illustrated in the Dyn cyber-attack at the end of October last year, notoriously known as the first robot-based digital assault involving millions of IoT devices operating in concert.

 

How can your corporate organization prepare for this new kind of threat?

  1. Gain Complete Visibility into Your Network

One aspect of the challenge that CISOs face in the age of IoT involves handling a glaring and somewhat shocking lack of visibility into 100% of devices that access a network.

With the BYOD phenomenon, IT cannot afford to ignore the question of how to securely manage virtually invisible devices that are connecting to corporate networks. Devices that IT cannot see create blind spots, which prevent an organization from successfully maintaining the ongoing vigilance necessary to protect the network.

  1. Take Proactive Steps toward Protection

While visibility is an essential prerequisite to security, it’s not only a question of visibility: it’s the ability to control and manage permissions for each device.

Sensible protection from attacks on IoT devices means developing new techniques for network hygiene, and forcing IoT devices to a defined segment of the business network – in order to ensure that the rest of the network remains out of reach.

  1. Understand the Mind of a Hacker

Let’s take a step back, and talk about why both visibility and network access control are so essential.

Say, for example, a hacker hijacks an employee’s IoT device – a device that is connected to your company’s network. You might think this is a difficult task, but the reality is that it does not take much sophistication.

The problems start when the hijacked device – which, don’t forget, is already connected to the network – is turned into a bot that runs automated tasks over the Internet. If the bot is used for malicious purposes, the hacker can probably do pretty much anything – from creating an APT or DDoS attack, to stealing sensitive data.

  1. Change Those Default Settings

As pointed out in Portnox’s eBook, The Top 5 Misconception of IoT Network and Device Security, IoT devices are possibly the most problematic aspect of a corporate network. This is partly because, generally, they are not set up securely.

Frequently, devices are connected to networks with their default configuration intact. Most users don’t know it is important to change the default usernames and passwords. As a result, once IoT devices are connected, it is not hard for hackers to hijack them.

  1. Beef Up Your Security Responses

For hackers, there’s always the question of avoiding quick exposure.

Experienced hackers won’t hijack an employee’s PC. That’s because PCs are in frequent use and are “owned” by a single individual, so it doesn’t take much time for an employee to figure out there’s a problem. Normal actions take longer or become difficult to do.

In contrast, if a device such as a printer or IP camera is hijacked, employees might not notice. These devices are not used as intensely and they are generally accessed by multiple individuals, so there’s less chance of rapid exposure.

  1. Adopt New Strategies for Network Visibility and Access Control Management

The security problems inherent to IoT open up a shocking range of opportunities for cybercriminals. As pointed out by this article on TechCrunch, the threat even touches everyday areas of activity including car safety and medical care.

Meeting the needs of today’s cyber threats requires adopting a solution such as Portnox, which offers next-gen network visibility and access control management solutions that allow security teams to:

  • Gain 100% actionable visibility of managed devices, BYOD and IoT in real time, using an approach that’s agentless, centralized, and vendor agnostic
  • Mitigate risk through controlled access, by creating a quarantine or blocking a device to solve a security issue
  • Provide automation for certain kinds of reactions, enabling security teams to cut the time and costs associated with a manual response

According to Forbes, global spending on IoT products and services by enterprises is expected to reach $253 billion in 2021, attaining a 16% CAGR. With this degree of IoT technology integrated into corporate environments, the old approaches of maintaining security are no longer relevant.

The Portnox system meets today’s growing challenges and protects networks from resulting vulnerabilities, providing a holistic approach to security that works for any user, any device, and any network – anywhere.

Securing VPN remote access with Portnox CLEAR

By | Our Technology | No Comments

Compromised and stolen credentials remain the main threat to corporate data. Remote access via VPN is the most vulnerable method of access, due to compromised employee credentials. The need for flexible and extremely easy to implement two factor authentication (“2FA”) has become crucial for organizations of all sizes. Another weak link in remote access, beyond user authentication, is generated by connecting to organizational insecure and vulnerable end-points. It is not uncommon that when accessing the network using a VPN through a personal device, any vulnerability existing on that device can quickly become a security hole in the entire network’s protection. To address the heavy challenges of securing remote access, organizations should look for solutions that are cost-effective and provide a cohesive approach for all aspects of access security: compromised credentials, lost or stolen devices and access from insecure endpoints.

Meet Portnox CLEAR – cloud-based access control for VPN

Portnox CLEAR is a Security Software-as-a-Service (SaaS) cloud platform that delivers continuous, on/off-premises risk monitoring and access control to all organizational endpoints. It assigns each connecting device a risk score (similar to a credit score), dynamically assesses the threat they may pose to your network and enforces access control actions in real time. Portnox CLEAR can be used in many flexible ways to authenticate user remote access by VPN providing a unique combination of access control by authentication (Active Directory or Open LDAP), strong factor validation and end-point cyber risk assessment (“risk-based access”).
Demo CLEAR today!

Portnox CLEAR™ Unique Two-Factor-Authentication Solutions

As part of its entire cloud-based NAC offering, Portnox CLEAR offers a unique approach to 2FA for VPN. 2FA is a method of computer access control in which access is granted only if two separate pieces of evidence are presented to the authentication mechanism – typically, knowledge (something the user knows, such as his username and password), and possession (something the user has, such as a security token).

Conventional 2FA solutions, however, completely ignore the device that is requesting remote access. Portnox CLEAR, on the other hand, can offer device authentication via its device enrollment mechanism. Devices that install the Portnox AgentP application and have been enrolled in the organization are uniquely recognized and are, therefore, continuously monitored and tracked.

The two elements in Portnox’s unique 2FA solution are the typical knowledge (user credentials) coupled with a unique possession (the enrolled device), ensuring that security is offered on two levels: authentication of the user himself and authentication of the device. Stealing a user’s credentials is useless if the device requesting access is not enrolled; and stealing an enrolled device is of no use if the credentials are not available.

Portnox device authentication is offered in two formats: One-Time-Password (OTP) 2FA and Portnox AgentP 2FA.

OTP 2FA

In this solution, the AgentP application on the enrolled device acts as a soft token by implementing the HMAC-Based OTP algorithm. It generates an OTP upon demand and, together with the user’s username and password, the app allows that specific device access to the organization’s remote network.

As Portnox knows which AgentP generated the OTP, the supplied OTP is the method of authenticating the device; while the supplied credentials are the method for authenticating the user.

Portnox AgentP 2FA

In this solution, a call back mechanism is utilized, relying on the fact that each deployment of AgentP on a device is uniquely recognized. When a user tries to log in by VPN with his credentials, CLEAR calls back the specific AgentP on the device requesting access, to verify that the device is the one it claims to be.

Because Portnox knows that the requesting device is an enrolled device, callback is the method for authenticating the device; while the supplied credentials are the method for authenticating the user.

Portnox CLEAR end-point risk assessment and access policy

Portnox CLEAR offers pervasive and context-aware risk assessment for VPN clients to address attempts by unsecured, vulnerable devices to access the corporate network:

  • Real-time pervasive monitoring of any device, mobile and laptop, on and off the corporate network
  • Monitoring changes in hundreds of parameters, analyzing security posture and known-vulnerabilities of end-points
  • Analyzing and correlating to multiple context attributes
  • Taking historical observations into account
  • Calculating cyber risk score and making access decisions based on this score

CLEAR customers have flexible, granular control of risk assessments and risk actions thought CLEAR Access Policies. Access Policy allows organizations to define the exact level of acceptable risk and compliance standards for end-point devices that are acceptable in their enterprise.

Sign-up for CLEAR now!

This blog was written by Portnox.

Portnox is the manufacturer of Next generation Network Access Control (NAC), that can assist you in protecting your network including your VPN.

Portnox CLEAR offers many other capabilities for real-time access control and risk assessment as part of its entire SaaS offering, which is fully subscription based and does not require deployment of any on-premise software or appliances. With its Fall-2016 release, Portnox CLEAR demonstrates again its leadership and unparalleled innovation as already recognized by the latest award from Frost and Sullivan.

E-book Preview: The Top 5 Misconceptions of IoT Network and Device Security

By | IoT | No Comments

While much has been written about IoT and its promise of creating real business value, what has been underestimated thus far is the associated risks – the extent of the security challenges posed by IoT, and how best to sidestep them.

In its recent publication, Top Strategic Predictions for 2017 And Beyond: Surviving the Storm Winds of Digital Disruption (summarized on Forbes here), Gartner predicted $2.5 million per minute in IoT spending – and 1 million new IoT devices sold every hour – by 2021.

Perhaps more to the point: By 2020, it is predicted that no less than 7.5 billion IoT devices will be installed in corporate organizations, and this rapid and exponential growth of IoT within corporate environments creates an increased threat – with hackers finding new ways to use the devices toward malicious ends.

Top 5 Misconceptions of IoT Network and Device Security, our recently released eBook, puts into sharper focus some of the dangers associated with widespread IoT adoption and outlines several important ways to mitigate the threat.

Securing Basic Needs – Like Car Safety and Medical Treatment

The dangers of IoT apply to a shocking range of new and nightmarish scenarios both in and out of the office. For example, with cars transformed from the simple machines they once were into a network of computers, cybersecurity threats can potentially have a direct impact on the safety of our roads. This was illustrated somewhat starkly back in 2013 when security experts Chris Valasek and Charlie Miller hacked into both a Toyota Prius and a Ford Escape, cutting the brakes and uncontrollably blasting the horn among other things. More recently, in 2015, they hacked into a Cherokee Jeep and cut the transmission.

Similarly, the integration of smart devices into the healthcare system creates the dire possibility of remote manipulation of medical equipment. Healthcare facilities are now potentially vulnerable to a terrifying scenario in which hackers adjust treatments, such as the dosage of antibiotics or chemotherapy given to patients, or wipe out x-rays and alter digital medical records. This Forbes article illustrates the extent of the security problem.

These types of problems apply within corporate environments as well, and clearly, we do not have the luxury of ignoring the threat. And just to make the outlook even more bleak: According to a report called Rise of the Machines: The Dyn Attack Was Just a Practice Run by researchers James Scott and Drew Spaniel, increased regulation of IoT device manufacturing in the U.S. is unlikely to lower the degree of vulnerability.

So What Can We Do?

Our eBook highlights five areas of common IT practice or user activity that require greater vigilance – as well as the adoption of alternative practices – in order to reduce a company’s degree of vulnerability:

  • Granting all-access passes to IoT devices that are plugged into your corporate network is certainly not wise, as these devices potentially represent the greatest risk to your network – and they should be forced to a defined segment of the business network
  • Corporate users are bringing their own IoT devices to work and connecting them to the network without realizing that this creates a security risk, and IT must adapt to this reality
  • Appliances require firmware patch updates on a very regular and timely basis, otherwise they create network vulnerabilities
  • Connecting a POS to the same network segment as a PC makes a hacker’s life that much easier.
  • The default settings on IoT devices are not good enough, security-wise, and it’s essential that corporate users make at least basic adjustments – such as changing default passwords

A First Essential Step toward Safer IoT – Visibility

A holistic solution such as Portnox’s next-gen network visibility and access control management solution provides you with 100% actionable visibility into managed devices, BYOD, and IoT in real time so that you can have the necessary information you need, on an ongoing basis – and address vulnerabilities before they become security threats.

The Portnox approach identifies all authorized and unauthorized devices, and gives you a greater degree of anytime, anywhere control over user activities – providing a faster, better, more sophisticated approach to network security that meets the increased challenges presented by IoT.

Want to learn more? Download Top 5 Misconceptions of IoT Network and Device Security eBook

IoT Security Vulnerabilities: Hype or the Real Deal?

By | IoT | No Comments

IoT is already impacting the way we communicate and do business. This trend is expected to continue according to Business Insider – their forecast for IoT devices connected to the web lies currently at 34 billion by 2020.  IoT is expected to enable business growth by lowering operations cost, increasing productivity and opening new markets with new offerings and developments. But at what risk? Hackers are already using IoT devices for their malicious purposes in multiple types of attacks on networks and servers. DSL and bot attacks in 2016 have proven that there is no shortage of opportunities hackers are willing to exploit.

It’s difficult to protect your network against threats that you cannot see. IoT devices entail a hidden aspect of networking, and can connect as a gateway into your infrastructure. This means that once an infected device is attached to your network, it automatically creates a security breach, making IoT device management and network security management even more difficult.

The variety of IoT devices and their widespread adoption make it difficult to distill them into one ecosystem. The numerous networks available for connecting these devices- wired,wireless, cellular and internet – only add another layer of complexity to an already complex system. Strengthening the security measures on premises is no longer enough. Advanced persistent threats (APTs) are particularly successful when establishing continuous remote access to the network for accessing data, as the distance reduces the risk of detection.

IoT Vulnerabilities call for a Holistic Security Approach

The security vulnerabilities we are all exposed to because of the growth of IoT devices are varied and intricate . IoT devices entail innovative developments, introducing new firmware and operating system technologies into the market at an astounding pace. These innovations bring with them new risks and security weak links, at an unprecedented rate, that businesses cannot afford to underestimate.

A need for controlling access of devices into the network, as well as full visibility of the actions devices and users take once they have entered the network, has emerged. Traditional security solutions such as firewalls and antiviruses simply don’t do the trick for IoT devices. Hardware patches on the fly are time consuming and deemed irrelevant. A holistic approach to network security is required.

With BOYD and BOYN driving the fast growing quantities of IoT devices, threats can come from anywhere at any time. It’s almost impossible to stop employees from connecting IoT devices to the corporate network (for business and for pleasure), as the convenience of such use far outweighs their awareness to network security. That is why Network Access Control (NAC) is making a comeback as a critical component of business infrastructure. Securing your corporate networks form IoT devices needs to take a preventative form as opposed to reactive. A layered approach to network security, with policies to deal with access as well as segmentation of the network, is called for.

NAC is the best solution for IoT Security

Next Gen NAC can control and manage any attempted access and monitor activities on corporate networks whether they are spread on various servers or located on the cloud. NAC on the cloud provides security teams with real-time visibility of what exactly is going on in their networks without the encumbrance of heavy installments and complex configurations.

NAC speaks to each device separately, authenticates it – no matter what type of device it is – and blocks an untrusted device or user trying to enter the network, while alerting the security team of the attempted breach.

The new security paradigm requires managing, monitoring and securing an interconnected and broad set of applications, networks and devices, some of which we cannot even yet foresee. CISOs and Network Security Administrators should be prepared for emerging devices in an ever changing ecosystem. The increased complexities and IoT vulnerabilities should not be overlooked. NAC is the best all-round solution that can simplify the daunting security task and help mitigate the risks.

So are IoT security vulnerabilities the real deal? Absolutely! No hype, only genuine need for businesses to protect themselves. Is protection really possible? Absolutely. It always has been, by going back to the basics of protecting the network in a layered approach using Next Gen Network Access Control.

Get Your Free IoT Security Risk Assessment With Portnox

5 Best Practices To Protect Your Network

By | Network Security | No Comments

As with everything else in life: so many network security options, so little budget. How do you know which one will best protect your network, users and devices? No need to agonize over endless hours of research, we’ve shortlisted the five critical elements of cyber security: firewalls, NAC, anti-virus software, proxy servers, and endpoint security.

Read More

Hot Cyber Security Events You Simply Cannot Afford To Miss in 2017

By | Network Security | No Comments

Want to stay ahead of the game? The following list of cybersecurity events will help … and they are fun too..

Cybertech Israel  

Jan. 30 – Feb. 1, 2017

Tel Aviv, Israel

Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. This conference, which explores many different vertical market applications, will cover many topics of interest including the following: Cyber solutions for heavy industry; IoT Advanced security solutions; and Finsec – cybersecurity for fintech.
Speakers include leading figures in the politics and cybersecurity industries, such as PM Benyamin Netanyahu, Gov. Rick Synder, Yossi Vardi, David Jones, Dr. Orna Berry and more.

RSA  

Feb. 13-17, 2017

San Francisco, CA, USA

As if this conference needs an introduction. The annual RSA exhibition has dedicated conference paths that provide sessions targeted at different cybersecurity specialities, for example, the ‘Technology Infrastructure & Operations’ and ‘Mobile & IoT Security’ tracks caught our eye. Some additional new highlights for 2017 include a larger campus, options to pre-book sessions and more. Sessions that we are particularly looking forward to are “Securing the Converged Cloud” and “Survival Guide in IoThreats Era”.

InfoSec World Conference USA

April 3-5, 2017

Championsgate, FL, USA

Hear from world class speakers on topics such as:

  • IoT Security and its Impact on Your Job
  • Your Data was Breached, Now What? An Interactive Incident Response Tabletop Experience
  • Launch, Detect, Evolve: The Mutation of Malware

The event also hosts an expo featuring world class companies and products, tech update sessions and exclusive book launches with author meet-and-greets. There is an option to buy an ‘expo only’ ticket that permits you access to some sessions as well as the trade show.

Get Your Free IoT Security Risk Assessment With Portnox

FS-ISAC USA

April 30 – May 3, 2017

Lake Buena Vista, FL, USA

A cybersecurity event that targets 90% of the largest financial institutions across banking, brokerage, insurance, card companies and payments processors. It boasts an attendee list of top information security executives within the financial services industry. The agenda for this year’s summit has not yet been released, past events have included sessions on topics such as, new wave destructive malware; DDoS insights; incident response; protecting your BYOD enterprise and convergence of physical and cyber security. FS-ISAC is your go-to source event in financial security.
FYI – this show has a European version (see information below: FS-ISAC Europe  – Nov. 6-9, 2017, Barcelona, Spain) and another taking place in Singapore. FS-ISAC APAC – April 3-4, 2017.

Interop

May 15 – 19, 2017

Las Vegas, NV, USA

2017 will be the 31st year of this conference that will explore ‘a year’s worth of tech insights and education in 5 days’. Don’t forget to check out the 6 specialist tracks to make sure you get the more out of this event.

Exhibitors include 100 + leading and emerging technology companies. Interop is sponsored by VMware, Cylance, Watchguard, AT&T, IBM Maas360, Zoom and more, so you know there is going to be plenty to see.  If that’s not enough, attendees are encouraged to attend happy hours and block parties.

The IoT Summit  

May 16 – 18, 2017

Santa Clara, CA, USA

The goal of this summit is to bring together leading C-level executives, analysts and solutions providers to discuss and discover the latest IoT business and technology trends. Session take various formats like round-tables and focus groups led by speakers from leading technology companies (such as HP, Nokia, Cisco, Intel and more).

Topics covered explore IoT applications and services, IoT enabling technologies, IoT architecture and standards, such as:
NFV and SDN – Building the Network of the Future
Environmental Impacts of Circuits Everywhere
Planning for a Multi Cloud Future
The Evolution of the Private Cloud

InfoSec World Conference Europe

June 5-8, 2017

London, UK

Infosecurity Europe is expecting over 13,500 visitors this year and although the 2017 agenda hasn’t yet been posted, we know that each year this conference features many sessions on NAC. Watch this space!

Get Your Free IoT Security Risk Assessment With Portnox

Gartner Security & Risk Management Summit

June 15 – 17, 2017

National Harbor, MD, USA

The Gartner Security & Risk Management Summit 2017 is targeted at attendees in top CIO and CSO roles. The agenda for this year’s summit has not yet been published but we recommend taking a look at last year’s timetable, to help you prepare. We believe the format will be the same, so do not forget to check out the specialized tracks: CISO program, IT security, security architecture, BCM, risk management and compliance and the security marketplace. We are looking forward to hearing from Gartner’s top management and leading analysts.
Among the exhibiting companies are IBM, Thales, Cylance, Varonis, Symantec, HP enterprise, Verizon, Sentinel, AT&T.
BlackHat
July 22 – 27, 2017
Las Vegas, NV
While full information isn’t yet available on BlackHat USA 2017, you can watch presentations from past shows here. We particular recommend this video on Forensics in cloud computing, an interesting view on the possibilities of virtual machines on the cloud. For more than 18 years, Black Hat has provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment.
FS-ISAC Europe
Nov. 6-9, 2017
Barcelona, Spain
The European version of FS-ISAC, only second to the United States, has published a thumbnail of its agenda. Take a peak at:
Reducing Your Attack Surface: Detect and Manage Web Components,Third-Party Software and Shadow IT
Phishing Mitigation – No Size Fits All
How a DDoS Attack Catapulted ING Bank’s Threat Intel Capabilities – A Case Study
Session descriptions can be found here.

Demo CLEAR today!

Portnox will have a presence at the leading cybersecurity events throughout 2017. Contact us to schedule a meeting with Portnox at one of these shows to discuss your network access control needs. We look forward to seeing you there!

5 Reasons to Move your NAC to the Cloud

By | Network Access Management | No Comments

Have you ever thought about migrating your network access control (NAC) to the Cloud? Are you apprehensive about taking this step? Traditional NAC solutions were built to address a premise-based infrastructure. A new next generation NAC approach is required to protect companies in today’s BYOD, cloud-based, IoT world.

Enterprises will need to change their security procedures and postures to function in cloud-based IT environments. Classic, on-premise infrastructure-based NAC is ineffective against modern applications and these days security threats that are not part of the IT infrastructure such as, mobile phones and cloud-based applications. Today’s enterprise users are not constrained by enterprise network perimeters as they regularly use mobile devices and cloud-based applications. They often sign up for cloud services for HR or marketing departments, for example, without even notifying IT that they are doing this.

The following five prevalent trends in the enterprise marketplace highlight why a cloud-based next generation NAC is essential to any organization.

    1. Disruption – The Corporate Network Goes GlobalEnterprises have been going through a process of de-perimeterization. Traditional perimeters have been torn down by employees’ adoption of BYOD, telecommuting and cloud computing. You can no longer look at the network as a defined infrastructure within a physical firewall. The network is a global network without boundaries. Most workers nowadays are road warriors who spend 50% or less of their time in an office. Companies need to distribute materials, goods, and services to these employees in their offices and on the road all over the world.According to a poll conducted by Gallop News Service in 2015, thirty-seven percent of U.S. workers have telecommuted for work. This is up slightly by 30% from the last decade but four times greater than the 9% found in 1995. The average worker telecommutes two days per month and is just as productive as other employees who work in the office.
      “Borderless” companies need the kind of continuous risk assessment and mitigation that is only possible through the Cloud. There is no reversing these trends.
    2. Flexibility – Supporting Any Type of Business Size InfrastructureCompanies are constantly undergoing changes: reorganizations, M&As, opening branches globally, etc. Only the cloud can deliver the flexibility to support operations for the distributed enterprise. Traditional NAC is too rigid and inflexible and only works in small rigid corporate environments. In larger environments, like a university with its multiple departments, NAC deployment becomes impractical.

Demo CLEAR today!

 

  • Speed – Rapid Service Delivery Required

 

Enterprises of all sizes need rapid deployment of security measures, rapid adoption of NAC policies and procedures, and immediate expansion around the world. One of the key strengths of application delivery in the cloud is its ability to rapidly deploy and implement services on demand. A NAC implementation on the cloud can adjust and adapt along with developing policies and requirements of the organization.

  • Agility, Scalability and Affordability – Enabling Business Growth

 

Enterprises need agility not only in their software programming but in all facets of their businesses. Scalability is important to support rapid growth. As we continue to recover from recent economic crises, affordability is more important than ever. Cloud computing excels at helping companies become more agile and scalable. It enables companies to pay only for the services that they use, when and where they use them. This “pay-as-you-go” model is much more affordable to businesses than standard software and hardware licenses.

Cloud-based NAC is ideal for organizations with limited resources and limited in-house experts who need to provide convenient and secure network access for personal mobile devices. Cloud-based next generation NAC can be provided without having to worry about the time, costs, or resources associated with installing and maintaining hardware and software and keeping everything up to date.

Demo CLEAR today!

 

  • Machine Learning – Making the Most of NAC

 

Machine learning takes NAC knowledge and experience from other organizations and applies that learning to your organization. This sharing of compliance and other valuable data and experience can be accomplished most efficiently and affordably in the cloud. Companies no longer have to reinvent the wheel themselves. Machine learning services make many advanced services much more accessible to SMBs at an affordable price.

Next Generation Cloud NAC

This blog was written by Portnox. Portnox is the manufacturer of Next Generation Network Access Control (NG-NAC), that can assist you in protecting your network in general and your IoT devices specifically.

Today, NAC solutions must go well beyond just permitting access to devices and individuals. Portnox CLEAR cloud NAC solution is able to provide both full control of access permissions to the network and full visibility of activities within the network and who conducts them. Furthermore, cloud NAC separates BOYD and mobile devices from the core servers of the company, ensuring network security in the world of IoT. It does so by enabling continuous risk assessment of all components of the network, no matter where they are located.

Today’s enterprises are clearly going through a period of de-perimeterization and they will suffer great losses if they are not prepared for this. With next generation NAC in the cloud from Portnox, network administrators in SMBs can be sure they are provided with all the levels of network security they require.

DDoS Attacks are a Loud IoT Wakeup Call for Enterprise Security

By | IoT | No Comments

The recent headline grabbing DDoS attacks on IoT devices that occurred at OVH, Krebs on Security, and DYN, were performed and spread by taking control of IoT devices found today in most homes and offices. These attacks reveal the true danger in our IoT devices – attacking them is child’s play. Surprisingly, most users do not bother to change factory default usernames and passwords, making the hackers’ lives much easier.

Gartner estimates that the IoT market will grow to 20.8 billion connected devices by 2020 and IDC estimates that by 2020 there’ll be nearly 30 billion connected devices. More than half of major business processes will incorporate IoT.  As with all ‘good things’, this growth brings with it dangers from IoT that will go far beyond DDoS attacks. Unfortunately, this is not FUD; it is the equivalent of leaving the office doors unlocked and expecting nothing to get taken.

IoT devices are the weakest link in corporate cybersecurity

IoT devices are the perfect candidate for criminal takeover. The devices are everywhere, always online and are largely unprotected. Hackers transform the devices into “command & control base stations”, where devices receive commands from their operator, usually to perform network information reconnaissance in order to find the information to steal, take down the system or extract valuable intelligence. Because they are always connected, there is no human to detect that the device is slow or sluggish, and they are generally not protected by security measures – such as anti-malware software. Many device users are unaware of the danger and don’t take the time to change the default passwords (they are not always aware that multiple admin accounts might exist), or to upgrade the latest version of the operating system software, all of which could stall or even stop a malware attack. Bringing these unprotected devices to the office makes the sloppy practice (or lack thereof) a problem for organizations large and small.

layered approach for corporate IoT security

It is impractical to reach each IoT device vendor once (yet another) zero day vulnerability attack occurs. Organizations typically have dozens of vendors and most IoT devices are NOT centrally managed. This leaves the security team with only one option – a software solution that will find those devices ahead of time and move them to a dedicated segment away from the organization’s most mission critical systems.

A layered approach that includes the following levels is most effective:

  1. Assessment – A network discovery process of all of the existing IoT devices including managed and partially managed devices. Then, understanding what each type of device is, what operating system it is running on, and which application and processes are installed on it.
  2. Segmentation – IoT device should not be in the same network segment as other devices or within reach of the organization’s mission critical systems and data. Firewalls must be deployed between these segments to prevent IoT devices from reaching the “crown jewel” section of your network. By performing proper segmentation, you enhance the ROI on your existing detection technology by making it much more accurate and effective.
  3. Detection – The ability to immediately detect every IoT device which joins the network and carefully verify whether it behaves similarly to other typical devices. A compromised device or a fake device might look the same but will behave differently.
  4. Response – Once a breach is discovered, it is poor practice for an alert to be sent and then processed manually. Manual actions take time — hours or even days (a weekend breach for example). Not to mention the costs associated with manual responses. An automated breach response is required to block a specific device or limit its access within seconds. Network Access Control (NAC) tools are one way to achieve this.

It’s far from all doom and gloom but organizations will suffer if appropriate cybersecurity measures are not a priority.

This blog was written by Portnox. Portnox helps organizations to see, control, react and manage the risks their networks face for any user, any device, anywhere. Using Next Generation Network Access Control (NAC), Portnox secures connected organizations with ease.

How does Portnox do this? By discovering 100% of an enterprise’s connected endpoints and profiling them, Portnox can point out which devices are IoT devices. Next,  Portnox can also force these devices to a defined segment of the business network. This creates network hygiene and ensures that the rest of the network remains out of reach of the IoT devices. Sensitive information and systems that are vital to the organization are maintained segregated and secure.

What Portnox CLEAR – Fall 2016 release has in store for cloud-based NAC

By | Our Technology | No Comments

The complexity and risks of corporate networks are increasing on a daily basis. The growing flood of new devices, new form factors, and rapid changes in network architecture, coupled with a constant shortage of well-trained specialists, requires organizations to choose an IT vendor and partner that is able to keep pace with continuous change. Furthermore, the vendor or partner must constantly deliver new critical capabilities required by organizations to address new security challenges. Portnox CLEAR definitely falls under this category, carefully listening to customer needs, ever innovating, and constantly delivering IT security products.

With its Fall-2016 release, Portnox CLEAR offers several innovative solutions in the areas of end-point risk assessment and secure network access:

Radical simplification of 802.1X deployment and management

It is no secret that implementation of network access control based on 802.1X protocol is a very complex task. That is why Portnox CLEAR is constantly innovating and delivering solutions for simplifying 802.1x usage, and in its latest release takes a big leap forward by introducing the following new features:

    • Advanced on-boarding capabilities for employees, contractors and guests on 802.1X protected networks by providing alternative methods of authorizing new device access: centralized onboarding by CLEAR administrators and self-onboarding by the end user.

 

  • Ability to on-board devices and access 802.1X networks without having to install an end-point agent (“agentless access”).

 

 

  • Flexible and granular management of MAC Authentication Bypass (“MAB”) for devices lacking 802.1X supplicants, especially IoT devices

 

 

  • Ability to use Portnox CLEAR itself as an alternate user repository for managing and authenticating access to protected networks, without having to integrate with any on-prem users repositories

 

Find out more about Portnox CLEAR

Full-blown integration with Open LDAP

Open LDAP has already earned recognition as a possible alternative for Active Directory in many organizations, and Portnox CLEAR now introduces full-blown integration with Open LDAP in various scenarios:

    • Ability to authenticate 802.1X and VPN access vis-a-vis Open LDAP repositories
    • Group management based on Open LDAP groups

 

  • Ability to on-board an end-point device and to manage the device life cycle based on Open LDAP accounts

 

Cloud-based, cost effective and unique 2FA approach

Compromised and stolen credentials remain the main threat to corporate data, and remote access by VPN is the most vulnerable method of access due to compromised employee’s credentials. The need for flexible and extremely easy to implement two factor authentication (“2FA”) schemes has become crucial for organizations of any size. Portnox CLEAR is now offering a cloud-based, cost effective and unique 2FA approach for remote access:

    • The ability to define the VPN authentication flow both as regard the order and as regards the type of Primary and Strong factors being used

 

  • A unique strong factor based on device enrollment and the ability to authorize device access along with identity authorization (“risk-based access”)

 

Portnox CLEAR offers those and many other capabilities for real-time access control and risk assessment as part of its entire SaaS offering, which is fully subscription based and does not require deployment of any on-premise software or appliances. With its Fall-2016 release, Portnox CLEAR demonstrates again its leadership and unparalleled innovation as already recognized by the latest award from Frost and Sullivan.

Avoid the 5 Pitfalls of NAC – Get our Free Whitepaper Today!