Category

Blog

Don’t Let your Network Become Hostage to WannaCry

By | Threat Detection and Response | No Comments

The WannaCry cyber attack has reached 150 countries (and still counting), which will leave its mark for months and years to come. As the damage is still being sorted out, one story is most prominent –  the story of unpatched devices being connected and having access to the corporate networks.

To think that with one simple action of patching a well-known “Eternal Blue” vulnerability by Hot-Fix released by Microsoft two months ago, organizations were able to delay dramatically the spread of the malware and to a degree even stop the ransomware worm from end-point to end-point.

It’s such a shame that even today, after so many cyber-attacks have hit organizations, they still fail to adopt a very simple but powerful approach to control the risk of devices connecting to the corporate network and especially via remote, VPN access.  Not making intelligent, threat and risk oriented access decisions leads to finding a huge exploit in the backyard of organizations. One simple decision, based on one click, that defines access policy – “do not let in unpatched devices” will make the difference between being cyber-breached and humiliated and being safe and undisrupted.

How can organizations address these critical steps of devices entering the network? One example of a solution that can make the difference without additional configurations, rules or signatures, is Portnox CLEAR. CLEAR is a cloud-based, Security-as-a-Service, which allows organizations to monitor, detect and manage device risks and vulnerabilities along with managing end-point access to corporate networks by remote or local access.

Powered by machine learning, CLEAR constantly analyzes hundreds of different endpoint parameters, including the state of patches for the operating system and for multiple applications installed on a device. In the case of detecting an unpatched system, “Eternal Blue” missing patch, as an example, CLEAR will immediately, in real-time, notify the security officer or IT manager about the high level of risk. If needed, it will even block access for such a device to the network. This will be done in default, no changes to the configuration, and without any additional cost (CLEAR is a SaaS system) to the organization. With Portnox CLEAR, there is an immediate benefit of detecting and removing from the network vulnerable devices that could make your organization potential ransomware victims.

It is clear that ransomware is a complex problem with many different aspects of cyber defense, which requires a wide coalition of multiple products and technologies to fight a kill chain of a cyber-attack. End-point risk and access management should be the center and front of this cyber defense effort.

Take these steps now to remain safe and not allow attacks such as WannaCry to get to your network!

 

 

The Internet of Things & Network Security: A Desperate Need for Standards

By | IoT | No Comments

Just about everything is connected: from cell phones and wearable devices to cars, refrigerators and industrial equipment. IT experts have long recognized this global connectivity will only continue to skyrocket. Gartner has predicted that more than 26 billion devices will be connected globally by 2020, and other experts have put that number in the 50-to-100 billion range.

Connectivity adds convenience to our jobs. It is almost expected that employees will use BYOD devices such as laptops, smart phones and tablets to communicate. But a tremendous challenge for IT professionals is network security. Not knowing what is connected to your enterprise’s network is dangerous. How does your IT staff protect sensitive information from hackers if you and they can’t account for risks such from invisible connected infiltrators?

Well, it sometimes takes a village to be vigilant. There’s currently a rush to create universal standards for IoT that will cover a wide expanse of areas, including security. Setting global standards for IoT security management will certainly help your IT staff keep questionable devices from wreaking havoc on your network.

Avoid the 5 Pitfalls of NAC – Get our Free Whitepaper Today! 

Industry and Professional Standards

Several standards groups — including those led by tech giants like Google, Intel and Qualcomm — have put their hats into the ring of devising universal IoT standards. These groups are reviewing areas such as IoT architecture, interoperability, privacy and security, but none have prevailed. Liken it to the infamous battle between VHS and Betamax — may the best ideas win. Most countries have been working on developing individual IoT standards, but ideas on how to do that differ.

Some recent signs of progress have probably caught the eye of your IT manager:
The International Telecommunication Union Standardisation Sector (ITU-T) Study Group recently met in Singapore and came up with two new global recommendations for IOT. One of those recommendations identifies common parameters for security management, remote activation, diagnostics and software upgrades. Industry standards on these issues would lessen the stress of your IT manager, who would have an easier and more efficient way to manage IoT applications and devices.

The Industrial Internet Consortium is devising guidelines for security, connectivity and interoperability. It’s backed by large enterprises such as AT&T, Cisco, GE, IBM and Intel.
Business Insider predicts that more than $6 trillion will be spent on IoT solutions over the next five years, hastening the work of these two and other IoT industry alliances as they try to formalize universal expectations on how connected products should communicate, function and provide an accepted level of security that won’t bring down networks and businesses.

Avoid the 5 Pitfalls of NAC – Get our Free Whitepaper Today!

How Enterprises Should Address IoT

Still, although universal IoT standards will certainly help get everyone on the same page, enterprises don’t have time to wait for them to take shape.

The solution to managing IoT for businesses is strong network access control. Network access control (NAC) allows organizations to control not only who accesses the LAN, but the activities they can do once connected, such as which servers and data they can access, and which applications they can use.

In our next post we will be introducing Portnox CLEAR, our Security-as-a-Service network access platform, that delivers continuous risk monitoring of all your endpoints, even when they leave your premises. Your IT staff can assess threat levels in real time — from anywhere, on any device. Network access control becomes automatic and seamless, boosting security and saving time. Receive device-specific, customized risk profiles each day. It is stress free.

CLEAR also offers offense, not defense, from continuous endpoint risk profiling; fully automated or manual risk-based controls and actions; and access across all device layers. It’s all in the cloud, meaning CLEAR is quick and easy to use – kind of like IoT devices themselves.

Stay tuned for more next week.

Avoid the 5 Pitfalls of NAC – Get our Free Whitepaper Today! 

Don’t trust that TV in your boardroom

By | IoT | No Comments

With the recent hacking developments, we are constantly reminded how dangerous IoT devices can be in a corporate environment. No IoT device is off the table for hackers, considering the massive set of DDoS attacks that utilized compromised surveillance IP cameras to generate a huge amount of traffic that crippled many websites and the recent WikiLeaks news, threatening that your Samsung TV could be spying on you.

The leaked documents from WikiLeaks reveal that the CIA developed an exploit that perhaps utilize some unknown, “zero-day” vulnerability to breach and take control of TVs. This malware puts the TV on a “dissipation mode” which misleads the owner to believe the device is turned off, when in fact the TV is still on and recording conversations.
Is it possible to protect your business from being yet another victim of an IoT-based breach? If so, what can we do?
In order to keep your network secure and compliant, organizations should follow best practices for IoT security. This includes rapidly adopting software systems to help implement and enforce threat prevention and security management of IoT devices.

These best practices include 4 major areas:

1. “Lock-Down” – Implement a device lock-down, hardening policy, or procedure. Vendors of IoT devices don’t always provide the best security configuration and correct security posture. Instead, adopt systems and processes that automatically reconfigure the IoT system and constantly institute a lock-down policy with respect to best practices, known vulnerabilities and threat intelligences. Minimal complexity of passwords, open ports, running unused services and always-on peripheral devices such as microphones are all part of a wide attack surface that must be reduced by fully-automated hardening of IoT devices. Automated hardening solutions provide the ability to restrict device features and services, allowed control of incoming and outgoing traffic, and even force patch updates for device software.

2. “Micro-visibility and Risk Monitoring” – Adopt systems that provide pervasive inside monitoring on all aspects of IoT devices on your network, from running processes to firmware changes and more. These systems discover and deeply understand the nature of any IoT device on corporate networks, and consciously monitor and present all possible risk factors introduced by a device. Such a security system must collect and analyze hundreds of different parameters from IoT devices. The system then can analyze and correlate collected data against known vulnerabilities and threats, and detect behavioral anomalies or post-breach activities on the device.

3. “Untrusted by Default” – Do not allow unauthorized devices to plug into your network. Implement secure access and governance flow of how to on-board new devices. Each device that is connected to your network, whether wired or wirelessly, must be authenticated, authorized, and assessed. Determine each device’s risk level prior to entering the corporate environment.

4. “Discover the invisible” – Adopt network-wide actionable visibility on all devices connected to the corporate network, and constantly discover new and unknown IoT devices. Act on each device that has been discovered by such network visibility systems to ensure the device is known, authorized and properly configured.
Protecting against IoT attacks begins with visibility, followed by detection and then reaction.
Portnox CORE provides an additional layer of device visibility and offers full capabilities for device discovery, authentication, and compliance enforcement. It provides a cutting-edge approach to network security that allows you to see any device on the corporate network, manage its risk and react upon automatically and in real time.

Use these best practices listed above to ensure your network is secure, and then nobody will be able to record your meeting discussions without consent via that TV in the boardroom.

Contact us to learn more about how Portnox CORE can help your organization secure its network.

Back to the Basics with Your Network Protection

By | Network Security | No Comments

Old-time marathon winner and runner Bill Rodgers once made the comment that, “Every race is totally different.” And if this is true in the relatively predictable world of marathon running, it is even more accurate in the race against cyberterrorism, where – whether we like it or not – each day brings with it unforeseen challenges that threaten the integrity of the network.

The question is how best to approach network protection successfully despite the ongoing development of unexpected threats. The truth is that throughout 2016, we’ve had more than ample opportunity to consider this question. From the involvement of hackers in the U.S. elections to the IoT DDoS attacks of October 21, last year saw some shocking stories of breaches. With all of that behind us, 2017 is not a moment too early to take stock, explore the options – and perhaps, go back to the basics and adopt some old-new security strategies that provide greater visibility, improved resilience, increased automation, and better security.

An Unfortunate Side of “Things”

The distributed infrastructures of today’s networks make businesses more vulnerable to attacks, with IoT and BYOD adding a huge degree of complexity. The threat is simply greater – so much so that, according to Gartner (as quoted on TechCrunch here), the security market is predicted to grow to the whopping size of $120 billion by 2020.
As pointed out in the eBook, The Top 5 Misconception of IoT Network and Device Security, IoT devices represent the weakest link of today’s corporate network. To make matters worse, because most users are unaware of the threat, most devices are not even set up securely. (to learn more, read the eBook preview here.)

Because Seeing is Believing

Part of why IoT and BYOD have changed the situation so drastically is that new devices (both managed and unmanaged) are constantly being connected. Any device connected to the network can potentially function as a gateway into your infrastructure.

It has become all too common for there to be a “disconnect” between the number of devices the average IT administrator thinks is attached to the network, and how many devices are actually there. Shockingly, it is not unusual for the disparity to be as high as 20-30 percent.

In approaching the protection of any network, visibility is key – because you cannot protect what you cannot see.

An Innovative Approach to Today’s Security Challenges

A Next-Gen network visibility and access control management solution such as Portnox CLEAR continues to provide ongoing and comprehensive protection against hackers. With Portnox CLEAR, an organization can be hermetically covered, and IT and CISOs regain the visibility and continuous risk assessment they need.
Portnox CLEAR gives you 100% visibility of all devices, including managed and unmanaged devices. With this comes greater control and security, and the ability to develop new strategies – particularly, segmentation of IoT devices, so that they only access a limited part of the network.

The Need for Speed

Portnox CLEAR handles the complexity of today’s networks through Continuous Risk Analysis (CRA), which provides more flexibility than the approach of a one-time “grant or deny.” CRA is built to provide protection in a reality that involves a broad range of devices as well as “anytime, anywhere” connectivity.
CRA is a response to the need to act fast in the geo-distributed mobile workforce of BYOD and IoT. Replacing the old tactic of periodically scanning, CRA provides a real-time approach to network admission control that allows you to continually assess endpoint risks to the network.

Putting It All in Context

Portnox CLEAR also offers an unprecedented degree of context awareness, monitoring changes in hundreds of parameters and correlating multiple context attributes. This provides an adaptive and more analytic approach to risk determination, and facilitates the development of security assessments that are much more comprehensive – taking into account considerations such as time, network location, user identity, and scenario.
Context awareness is particularly significant to today’s cybersecurity because it facilitates the discovery of anomalies – both as relate to device behavior, and as relate to the status of the network.

100% Visibility and Real-Time Access Control

Portnox CLEAR offers ongoing network visibility and access management control so that you can keep your network safe, with real-time risk assessment that mitigates the cybersecurity threats.
As a cloud-based endpoint security management solution with context-aware security assessment capabilities, Portnox CLEAR is up to the challenge of optimally protecting the security of your network.

What IoT Vendors Don’t Want You To Know

By | IoT | No Comments

“Mr. President, the Problem is Much Worse than You Think”

Late one night in 1983, then-President Ronald Reagan – an avid movie lover – watched War Games, about a teen who hacks NORAD (the North American Aerospace Defense Command) and nearly starts a third world war. A few days later Reagan asked General John Vessey, then Chairman of the Joint Chiefs of Staff, whether this could really happen. After a week of investigation, General Vessey’s answer was, “Mr. President, the problem is much worse than you think” – a response that quickly jumpstarted new efforts to develop America’s cyber capabilities.

You’re probably thinking: That was then, this is now. Right? In the Eighties, concepts like cyberterrorism were new and nobody – not even the White House – was prepared.

We’ve made great strides in terms of our awareness, sensitivity, and readiness for cyber threats over the last thirty-five years.

But while this may be true of many aspects of network security, it’s simply not the case with IoT. When it comes to this relatively new area of cyber terrorism, the shocking truth is that our naiveté is not that far from that of the Reagan era.

Sony Camera’s Backdoor

One example that illustrates the vulnerability and danger of IoT is the recent story about Sony security cameras. Last October, researchers from SEC Consult found two backdoor accounts in 80 models of professional Sony security cameras – the kind that’s primarily purchased by enterprises and authorities, because of their high cost.
The cameras’ backdoor accounts have the potential to give hackers full access to the cameras. A camera taken over by an attacker could spy on a client – or worse, use the camera to take a foothold in a network and launch further attacks.

End of story: Sony released firmware updates for all affected camera models on November 28, 2016 that remove the backdoor accounts, and advised all users to install these updates as soon as possible. But clearly, what happened to Sony can happen in other contexts. Hackers know this, and in today’s reality it’s specifically IoT devices that pose the greatest risk to security and have become an attractive target.

The Issue of Price Point

IoT devices are generally mass-produced using simple techniques, and at the lowest prices. The problem is that “cheap and easy” usually translates into “highly insecure.”
Manufacturers are motivated to keep the price down. And because hackers use devices to attack third parties, there is little incentive by users or manufacturers to take responsibility for the resulting security issues. This leads to the obvious question of who is handling the resulting security risks.

The Limited Nature of “Things”

One of the reasons IoT vendors do not prioritize the installation of security capabilities in devices is that the devices are not as easy to secure as more traditional computing devices. In some cases, they have limited configuration capabilities. And in most cases, vendors do not issue regular security updates or patches when vulnerabilities are discovered – meaning that your IoT device firmware is only as secure as your last patch.
Because most IoT devices do not have large amounts of extra storage space, memory, and processor power, adding strong security to them can be problematic. Encryption, blacklisting and other security mechanisms often require storage space and memory/processing capabilities, which are well beyond what the device has built in.

Unlike a typical computer, when it comes to IoT you cannot just “open the box” and add more of these resources. If security is going to be a consideration, it needs to be addressed at the design stage. But this potentially leads to changes in product design – and more money spent by the vendor.

Unknown and Undetected

IoT vendors usually have much more information on your network that they keep to themselves – and that users are not aware of.  IoT devices collect a wide variety of information, and because the devices are not sufficiently protected, it can mean the exposure of an organization’s critical data or infrastructure.
Take, for example, something as mundane as multifunction and digital hardcopy devices. These machines generally come complete with their own operating systems, hard drives, and supporting subsystems. When employees copy confidential company documents, it’s unlikely that they are aware that the images of these documents are saved on the system’s hard drive. Similarly, when employees scan documents and send them to file servers across the network, they probably do not know that they are sending unprotected files across the network.

The Buck Stops…Where?

So who is taking responsibility for tackling our troubling reality, a reality that includes increasing IoT vulnerabilities and the constant threat of cyber attack?
There are several ways of tackling the problem. One possible approach (described in this recent article by SearchSecurity) was pitched by security expert Bruce Schneier at the recent RSA Conference 2017. Schneier called for the creation of a U.S. government agency focused on IoT regulation, warning, “We need to think about smart regulations now, before a disaster, or stupid regulations, will be foisted on us.”

Another, completely different approach involves keeping our focus on developing innovative technological solutions that help protect networks.

As outlined in this recent post on Forbes, one possible way forward involves building smarter, more resilient networks that can shunt a load away if it’s malicious. The vision involves using the combined forces of automated tools, for the analysis of network behavior, and skilled human operators, who can figure out how best to combat each threat.

Given the complexity of the threat, what we need here is not an either/or approach, but a combination of options. Because one thing is clear: the nature of IoT requires thinking out of the box and exploring new and innovative means of keeping our networks protected.

What Can a Hijacked IoT Device Do to Your Network?

What Can a Hijacked IoT Device Do to Your Network?

By | IoT | No Comments

“I don’t know where I’m going, but I’m on my way.” This remark by American writer and poet Carl Sandburg seems to capture what’s going on at the moment with the Internet of Things (IoT). It is growing at such breakneck speed that nobody can pinpoint how extensive this growth will continue to be. Take, for example, a forecast by Gartner, which anticipates 20.8 billion connected IoT devices will be in use for 2020 – and compare it to the significantly higher prediction by IHS forecasts, which anticipates no less than 30.7 billion connected devices in the same period.

Whatever the statistics, one thing is clear: The widespread adoption of IoT is a development that brings with it the promise of value to many organizations. On the other hand, it also creates security challenges by increasing the attack surface for organizational networks.

This reality was starkly illustrated in the Dyn cyber-attack at the end of October last year, notoriously known as the first robot-based digital assault involving millions of IoT devices operating in concert.

How can your corporate organization prepare for this new kind of threat?

  1. Gain Complete Visibility into Your Network

One aspect of the challenge that CISOs face in the age of IoT involves handling a glaring and somewhat shocking lack of visibility into 100% of devices that access a network.

With the BYOD phenomenon, IT cannot afford to ignore the question of how to securely manage virtually invisible devices that are connecting to corporate networks. Devices that IT cannot see create blind spots, which prevent an organization from successfully maintaining the ongoing vigilance necessary to protect the network.

  1. Take Proactive Steps toward Protection

While visibility is an essential prerequisite to security, it’s not only a question of visibility: it’s the ability to control and manage permissions for each device.

Sensible protection from attacks on IoT devices means developing new techniques for network hygiene, and forcing IoT devices to a defined segment of the business network – in order to ensure that the rest of the network remains out of reach.

  1. Understand the Mind of a Hacker

Let’s take a step back, and talk about why both visibility and network access control are so essential.

Say, for example, a hacker hijacks an employee’s IoT device – a device that is connected to your company’s network. You might think this is a difficult task, but the reality is that it does not take much sophistication.

The problems start when the hijacked device – which, don’t forget, is already connected to the network – is turned into a bot that runs automated tasks over the Internet. If the bot is used for malicious purposes, the hacker can probably do pretty much anything – from creating an APT or DDoS attack, to stealing sensitive data.

  1. Change Those Default Settings

As pointed out in Portnox’s eBook, The Top 5 Misconception of IoT Network and Device Security, IoT devices are possibly the most problematic aspect of a corporate network. This is partly because, generally, they are not set up securely.

Frequently, devices are connected to networks with their default configuration intact. Most users don’t know it is important to change the default usernames and passwords. As a result, once IoT devices are connected, it is not hard for hackers to hijack them.

  1. Beef Up Your Security Responses

For hackers, there’s always the question of avoiding quick exposure.

Experienced hackers won’t hijack an employee’s PC. That’s because PCs are in frequent use and are “owned” by a single individual, so it doesn’t take much time for an employee to figure out there’s a problem. Normal actions take longer or become difficult to do.

In contrast, if a device such as a printer or IP camera is hijacked, employees might not notice. These devices are not used as intensely and they are generally accessed by multiple individuals, so there’s less chance of rapid exposure.

  1. Adopt New Strategies for Network Visibility and Access Control Management

The security problems inherent to IoT open up a shocking range of opportunities for cybercriminals. As pointed out by this article on TechCrunch, the threat even touches everyday areas of activity including car safety and medical care.

Meeting the needs of today’s cyber threats requires adopting a solution such as Portnox, which offers next-gen network visibility and access control management solutions that allow security teams to:

  • Gain 100% actionable visibility of managed devices, BYOD and IoT in real time, using an approach that’s agentless, centralized, and vendor agnostic
  • Mitigate risk through controlled access, by creating a quarantine or blocking a device to solve a security issue
  • Provide automation for certain kinds of reactions, enabling security teams to cut the time and costs associated with a manual response

According to Forbes, global spending on IoT products and services by enterprises is expected to reach $253 billion in 2021, attaining a 16% CAGR. With this degree of IoT technology integrated into corporate environments, the old approaches of maintaining security are no longer relevant.

The Portnox system meets today’s growing challenges and protects networks from resulting vulnerabilities, providing a holistic approach to security that works for any user, any device, and any network – anywhere.

Securing VPN remote access with Portnox CLEAR

By | Our Technology | No Comments

Compromised and stolen credentials remain the main threat to corporate data. Remote access via VPN is the most vulnerable method of access, due to compromised employee credentials. The need for flexible and extremely easy to implement two factor authentication (“2FA”) has become crucial for organizations of all sizes. Another weak link in remote access, beyond user authentication, is generated by connecting to organizational insecure and vulnerable end-points. It is not uncommon that when accessing the network using a VPN through a personal device, any vulnerability existing on that device can quickly become a security hole in the entire network’s protection. To address the heavy challenges of securing remote access, organizations should look for solutions that are cost-effective and provide a cohesive approach for all aspects of access security: compromised credentials, lost or stolen devices and access from insecure endpoints.

Meet Portnox CLEAR – cloud-based access control for VPN

Portnox CLEAR is a Security Software-as-a-Service (SaaS) cloud platform that delivers continuous, on/off-premises risk monitoring and access control to all organizational endpoints. It assigns each connecting device a risk score (similar to a credit score), dynamically assesses the threat they may pose to your network and enforces access control actions in real time. Portnox CLEAR can be used in many flexible ways to authenticate user remote access by VPN providing a unique combination of access control by authentication (Active Directory or Open LDAP), strong factor validation and end-point cyber risk assessment (“risk-based access”).
Demo CLEAR today!

Portnox CLEAR™ Unique Two-Factor-Authentication Solutions

As part of its entire cloud-based NAC offering, Portnox CLEAR offers a unique approach to 2FA for VPN. 2FA is a method of computer access control in which access is granted only if two separate pieces of evidence are presented to the authentication mechanism – typically, knowledge (something the user knows, such as his username and password), and possession (something the user has, such as a security token).

Conventional 2FA solutions, however, completely ignore the device that is requesting remote access. Portnox CLEAR, on the other hand, can offer device authentication via its device enrollment mechanism. Devices that install the Portnox AgentP application and have been enrolled in the organization are uniquely recognized and are, therefore, continuously monitored and tracked.

The two elements in Portnox’s unique 2FA solution are the typical knowledge (user credentials) coupled with a unique possession (the enrolled device), ensuring that security is offered on two levels: authentication of the user himself and authentication of the device. Stealing a user’s credentials is useless if the device requesting access is not enrolled; and stealing an enrolled device is of no use if the credentials are not available.

Portnox device authentication is offered in two formats: One-Time-Password (OTP) 2FA and Portnox AgentP 2FA.

OTP 2FA

In this solution, the AgentP application on the enrolled device acts as a soft token by implementing the HMAC-Based OTP algorithm. It generates an OTP upon demand and, together with the user’s username and password, the app allows that specific device access to the organization’s remote network.

As Portnox knows which AgentP generated the OTP, the supplied OTP is the method of authenticating the device; while the supplied credentials are the method for authenticating the user.

Portnox AgentP 2FA

In this solution, a call back mechanism is utilized, relying on the fact that each deployment of AgentP on a device is uniquely recognized. When a user tries to log in by VPN with his credentials, CLEAR calls back the specific AgentP on the device requesting access, to verify that the device is the one it claims to be.

Because Portnox knows that the requesting device is an enrolled device, callback is the method for authenticating the device; while the supplied credentials are the method for authenticating the user.

Portnox CLEAR end-point risk assessment and access policy

Portnox CLEAR offers pervasive and context-aware risk assessment for VPN clients to address attempts by unsecured, vulnerable devices to access the corporate network:

  • Real-time pervasive monitoring of any device, mobile and laptop, on and off the corporate network
  • Monitoring changes in hundreds of parameters, analyzing security posture and known-vulnerabilities of end-points
  • Analyzing and correlating to multiple context attributes
  • Taking historical observations into account
  • Calculating cyber risk score and making access decisions based on this score

CLEAR customers have flexible, granular control of risk assessments and risk actions thought CLEAR Access Policies. Access Policy allows organizations to define the exact level of acceptable risk and compliance standards for end-point devices that are acceptable in their enterprise.

Sign-up for CLEAR now!

This blog was written by Portnox.

Portnox is the manufacturer of Next generation Network Access Control (NAC), that can assist you in protecting your network including your VPN.

Portnox CLEAR offers many other capabilities for real-time access control and risk assessment as part of its entire SaaS offering, which is fully subscription based and does not require deployment of any on-premise software or appliances. With its Fall-2016 release, Portnox CLEAR demonstrates again its leadership and unparalleled innovation as already recognized by the latest award from Frost and Sullivan.

E-book Preview: The Top 5 Misconceptions of IoT Network and Device Security

By | IoT | No Comments

While much has been written about IoT and its promise of creating real business value, what has been underestimated thus far is the associated risks – the extent of the security challenges posed by IoT, and how best to sidestep them.

In its recent publication, Top Strategic Predictions for 2017 And Beyond: Surviving the Storm Winds of Digital Disruption (summarized on Forbes here), Gartner predicted $2.5 million per minute in IoT spending – and 1 million new IoT devices sold every hour – by 2021.

Perhaps more to the point: By 2020, it is predicted that no less than 7.5 billion IoT devices will be installed in corporate organizations, and this rapid and exponential growth of IoT within corporate environments creates an increased threat – with hackers finding new ways to use the devices toward malicious ends.

Top 5 Misconceptions of IoT Network and Device Security, our recently released eBook, puts into sharper focus some of the dangers associated with widespread IoT adoption and outlines several important ways to mitigate the threat.

Securing Basic Needs – Like Car Safety and Medical Treatment

The dangers of IoT apply to a shocking range of new and nightmarish scenarios both in and out of the office. For example, with cars transformed from the simple machines they once were into a network of computers, cybersecurity threats can potentially have a direct impact on the safety of our roads. This was illustrated somewhat starkly back in 2013 when security experts Chris Valasek and Charlie Miller hacked into both a Toyota Prius and a Ford Escape, cutting the brakes and uncontrollably blasting the horn among other things. More recently, in 2015, they hacked into a Cherokee Jeep and cut the transmission.

Similarly, the integration of smart devices into the healthcare system creates the dire possibility of remote manipulation of medical equipment. Healthcare facilities are now potentially vulnerable to a terrifying scenario in which hackers adjust treatments, such as the dosage of antibiotics or chemotherapy given to patients, or wipe out x-rays and alter digital medical records. This Forbes article illustrates the extent of the security problem.

These types of problems apply within corporate environments as well, and clearly, we do not have the luxury of ignoring the threat. And just to make the outlook even more bleak: According to a report called Rise of the Machines: The Dyn Attack Was Just a Practice Run by researchers James Scott and Drew Spaniel, increased regulation of IoT device manufacturing in the U.S. is unlikely to lower the degree of vulnerability.

So What Can We Do?

Our eBook highlights five areas of common IT practice or user activity that require greater vigilance – as well as the adoption of alternative practices – in order to reduce a company’s degree of vulnerability:

  • Granting all-access passes to IoT devices that are plugged into your corporate network is certainly not wise, as these devices potentially represent the greatest risk to your network – and they should be forced to a defined segment of the business network
  • Corporate users are bringing their own IoT devices to work and connecting them to the network without realizing that this creates a security risk, and IT must adapt to this reality
  • Appliances require firmware patch updates on a very regular and timely basis, otherwise they create network vulnerabilities
  • Connecting a POS to the same network segment as a PC makes a hacker’s life that much easier.
  • The default settings on IoT devices are not good enough, security-wise, and it’s essential that corporate users make at least basic adjustments – such as changing default passwords

A First Essential Step toward Safer IoT – Visibility

A holistic solution such as Portnox’s next-gen network visibility and access control management solution provides you with 100% actionable visibility into managed devices, BYOD, and IoT in real time so that you can have the necessary information you need, on an ongoing basis – and address vulnerabilities before they become security threats.

The Portnox approach identifies all authorized and unauthorized devices, and gives you a greater degree of anytime, anywhere control over user activities – providing a faster, better, more sophisticated approach to network security that meets the increased challenges presented by IoT.

Want to learn more? Download Top 5 Misconceptions of IoT Network and Device Security eBook

IoT Security Vulnerabilities: Hype or the Real Deal?

By | IoT | No Comments

IoT is already impacting the way we communicate and do business. This trend is expected to continue according to Business Insider – their forecast for IoT devices connected to the web lies currently at 34 billion by 2020.  IoT is expected to enable business growth by lowering operations cost, increasing productivity and opening new markets with new offerings and developments. But at what risk? Hackers are already using IoT devices for their malicious purposes in multiple types of attacks on networks and servers. DSL and bot attacks in 2016 have proven that there is no shortage of opportunities hackers are willing to exploit.

It’s difficult to protect your network against threats that you cannot see. IoT devices entail a hidden aspect of networking, and can connect as a gateway into your infrastructure. This means that once an infected device is attached to your network, it automatically creates a security breach, making IoT device management and network security management even more difficult.

The variety of IoT devices and their widespread adoption make it difficult to distill them into one ecosystem. The numerous networks available for connecting these devices- wired,wireless, cellular and internet – only add another layer of complexity to an already complex system. Strengthening the security measures on premises is no longer enough. Advanced persistent threats (APTs) are particularly successful when establishing continuous remote access to the network for accessing data, as the distance reduces the risk of detection.

IoT Vulnerabilities call for a Holistic Security Approach

The security vulnerabilities we are all exposed to because of the growth of IoT devices are varied and intricate . IoT devices entail innovative developments, introducing new firmware and operating system technologies into the market at an astounding pace. These innovations bring with them new risks and security weak links, at an unprecedented rate, that businesses cannot afford to underestimate.

A need for controlling access of devices into the network, as well as full visibility of the actions devices and users take once they have entered the network, has emerged. Traditional security solutions such as firewalls and antiviruses simply don’t do the trick for IoT devices. Hardware patches on the fly are time consuming and deemed irrelevant. A holistic approach to network security is required.

With BOYD and BOYN driving the fast growing quantities of IoT devices, threats can come from anywhere at any time. It’s almost impossible to stop employees from connecting IoT devices to the corporate network (for business and for pleasure), as the convenience of such use far outweighs their awareness to network security. That is why Network Access Control (NAC) is making a comeback as a critical component of business infrastructure. Securing your corporate networks form IoT devices needs to take a preventative form as opposed to reactive. A layered approach to network security, with policies to deal with access as well as segmentation of the network, is called for.

NAC is the best solution for IoT Security

Next Gen NAC can control and manage any attempted access and monitor activities on corporate networks whether they are spread on various servers or located on the cloud. NAC on the cloud provides security teams with real-time visibility of what exactly is going on in their networks without the encumbrance of heavy installments and complex configurations.

NAC speaks to each device separately, authenticates it – no matter what type of device it is – and blocks an untrusted device or user trying to enter the network, while alerting the security team of the attempted breach.

The new security paradigm requires managing, monitoring and securing an interconnected and broad set of applications, networks and devices, some of which we cannot even yet foresee. CISOs and Network Security Administrators should be prepared for emerging devices in an ever changing ecosystem. The increased complexities and IoT vulnerabilities should not be overlooked. NAC is the best all-round solution that can simplify the daunting security task and help mitigate the risks.

So are IoT security vulnerabilities the real deal? Absolutely! No hype, only genuine need for businesses to protect themselves. Is protection really possible? Absolutely. It always has been, by going back to the basics of protecting the network in a layered approach using Next Gen Network Access Control.

Get Your Free IoT Security Risk Assessment With Portnox

5 Best Practices To Protect Your Network

By | Network Security | No Comments

As with everything else in life: so many network security options, so little budget. How do you know which one will best protect your network, users and devices? No need to agonize over endless hours of research, we’ve shortlisted the five critical elements of cyber security: firewalls, NAC, anti-virus software, proxy servers, and endpoint security.

Read More