IoT is already impacting the way we communicate and do business. This trend is expected to continue according to Business Insider - their forecast for IoT devices connected to the web lies currently at 34 billion by 2020. IoT is expected to enable business growth by lowering operations cost, increasing productivity and opening new markets with new offerings and developments. But at what risk? Hackers are already using IoT devices for their malicious purposes in multiple types of attacks on networks and servers. DSL and bot attacks in 2016 have proven that there is no shortage of opportunities hackers are willing to exploit.
As with everything else in life: so many network security options, so little budget. How do you know which one will best protect your network, users and devices? No need to agonize over endless hours of research, we’ve shortlisted the five critical elements of cyber security: firewalls, NAC, anti-virus software, proxy servers, and endpoint security.
Want to stay ahead of the game? The following list of cybersecurity events will help … and they are fun too..
Have you ever thought about migrating your network access control (NAC) to the Cloud? Are you apprehensive about taking this step? Traditional NAC solutions were built to address a premise-based infrastructure. A new next generation NAC approach is required to protect companies in today’s BYOD, cloud-based, IoT world.
The recent headline grabbing DDoS attacks on IoT devices that occurred at OVH, Krebs on Security, and DYN, were performed and spread by taking control of IoT devices found today in most homes and offices. These attacks reveal the true danger in our IoT devices - attacking them is child's play. Surprisingly, most users do not bother to change factory default usernames and passwords, making the hackers’ lives much easier.
Compromised and stolen credentials remain the main threat to corporate data. Remote access via VPN is the most vulnerable method of access, due to compromised employee credentials. The need for flexible and extremely easy to implement two factor authentication (“2FA”) has become crucial for organizations of all sizes. Another weak link in remote access, beyond user authentication, is generated by connecting to organizational insecure and vulnerable end-points. It is not uncommon that when accessing the network using a VPN through a personal device, any vulnerability existing on that device can quickly become a security hole in the entire network’s protection. To address the heavy challenges of securing remote access, organizations should look for solutions that are cost-effective and provide a cohesive approach for all aspects of access security: compromised credentials, lost or stolen devices and access from insecure endpoints.
The complexity and risks of corporate networks are increasing on a daily basis. The growing flood of new devices, new form factors, and rapid changes in network architecture, coupled with a constant shortage of well-trained specialists, requires organizations to choose an IT vendor and partner that is able to keep pace with continuous change. Furthermore, the vendor or partner must constantly deliver new critical capabilities required by organizations to address new security challenges. Portnox CLEAR definitely falls under this category, carefully listening to customer needs, ever innovating, and constantly delivering IT security products.
NAC is making a comeback, and this time it’s IoT (Internet of Things) which is responsible for that. Past waves including the increase of guest and contractor access and BYOD, have resulted in the understanding that the network is no longer composed of securely managed devices.
While NAC is most effective when it follows a defined, proprietary security policy that is specific to a particular company, there are some more general considerations that apply to any type of enterprise. These are discussed below.
Unless you have been busy climbing the Himalayas for the past couple of months, you’ll have heard a lot about Mirai, a deadly malware causing the largest DDoS attacks to date. Yes Yes, the IoT botnet attack that took down the Internet for users trying to reach an array of sites, including Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix.