internet of things: dealing with the enterprise network of things
DESCRIPTION
IoT technologies are likely to be adopted in, or migrate into the enterprise space in the coming months. It is highly likely that this will be driven by the business or users, rather than IT, and that often these technologies will contain vulnerabilities or introduce other risks. Ensuring enterprise security provisions are able to deal with this is going to be a real challenge.TRANSCRIPT
The “Enterprise Network of Things”
Piers WilsonHead of Product Management
© 2014 Tier-3 Pty Limited. All rights reserved.
What is the “Internet of Things”
What are the security issues
How can we solve (or avoid) these
September 2014 2
Agenda
© 2014 Tier-3 Pty Limited. All rights reserved.
• Common characteristics– Embedded/bespoke technologies– Network connected (Intra & Internet)– Cloud back-end for applications, web
control, data tracking– Mobile/App/Web control interfaces
September 2014 3
Background – what is the “Internet of Things”
The "Internet of Things” is the network of physical objects that contains embedded technology to communicate and sense or interact with the objects' internal state or the external environment Gartner
Image source: Gartner, 2014
© 2014 Tier-3 Pty Limited. All rights reserved.
• Overall track record on security is not good– Workstations, web applications, enterprise networks, open
source code, centrifuges, operating systems, malware, mobile devices...
• Device manufacturers are even less experienced at defending systems– Fridges, light bulbs, cars, HVAC systems, healthcare devices
• Users generally don’t tend to enable security, or really care about it– Especially at work
September 2014 4
Security issues will arise, and already are...
© 2014 Tier-3 Pty Limited. All rights reserved. September 2014 5
Hypotheses
IoT technologies (domestic or
enterprise) will be connected to
enterprise networks
IoT technology failure implications will be “real” and
potentially serious/damaging/
life affecting
IoT use will originate from the business or user
communities - not from IT function
IoT will involve mobile and cloud for access, control and storage – so
these will be factors
IoT devices will have vulnerabilities
Hoping for “Secure” IoT devices that
comply with standards is probably
unrealistic
IoT vulnerabilities will have knock-on
effects and exposure other data, systems,
networks, users
Number/diversity will be greater than
traditional technologies =
more traffic
© 2014 Tier-3 Pty Limited. All rights reserved.
• The proliferation of connected IoT devices is expected to increase
• IoT also means, consciously or not, embracing cloud access for users and the business as well as the adoption of mobile and wireless technologies
• IoT, cloud and mobile connectivity will become normal and traditional security approaches will become less effective
September 2014 6
1) Plan an IOT-aware enterprise network
© 2014 Tier-3 Pty Limited. All rights reserved.
• Develop security use cases for the business user communities in conjunction with user communities and security teams– Momentum as businesses seek to meet user, consumer, operational demands– Build security and risk reduction into interaction with the IoT world– Inaction or poor planning risks IT security becoming an impediment to future
business activities
• If connected devices / control systems are likely to be core to your business, then integrate specific security safeguards now, rather than trying to retrofit them later
September 2014 7
2) Drive business engagement in IoT
© 2014 Tier-3 Pty Limited. All rights reserved.
• IoT evolution is already well underway – with a growing range of security risks
• Don’t expect to be able to define policies or sets of patterns or rules for “IoT Access Lists” or “Device Vulnerability Signatures”
• Ensure appropriate visibility of technology environment and streamline reporting and compliance processes
– Optimise and automate security processes
• Have adequate systems and processes to be able to detect:– Connections and activity– Failures and compromises– Impacts on the operation of the IT environment and the business
September 2014 8
3) Strive for IoT visibility
© 2014 Tier-3 Pty Limited. All rights reserved.
1231. Have a network and system monitoring capability that is able to detect IoT
technologies when they are connected and operating (and failing)
2. Ensure that if (when) IoT technologies are attacked or malfunction you can detect it quickly, investigate and respond in a timely manner
3. Automate responses and network security controls, predefine scripts and build timely fail-safe responses to foreseeable threats
September 2014 9
Summary – 3 Goals
About Tier-3 Huntsman® - and where to hear more ...
• Tier-3 Huntsman® is a defence-grade intelligent threat detecetion and incident management solution
• Real-time alerting, compliance monitoring & reporting for major security standards (PCI-DSS, ISO27001, GPG13 ...)
- Speeding up the detection and response process- True Behavioural Anomaly Detection
• Log, network, transaction and event data collection- Fully centralised / accessible through a single, unified interface
• Ad hoc & scheduled compliance reporting• Advanced automation for information gathering and response• Comprehensive investigation / workflow capabilities
Huntsman® enables organisations to satisfy monitoring and compliance requirements with minimum effort, maximum automation and low overhead