Category: Access Control

The Internet of Things (IoT) has been exploding in the last decade, with more and more connected objects or devices. These devices, once connected to the external world or to a private app, can transfer device data and support device owners with new monitoring features. This helps them make decisions that are more informed.  

When it comes to home security, the key advantage of connected devices is that your systems can transfer data in real-time, for you to be able to react quickly, in the case of you traveling and suspecting something is going wrong at home. IoT also enables home security systems to offer a variety of new features, such as secure biometrics and face detection at your door. 

If connected devices send key information to homeowners, they often will provide security device makers key information to help them better monitor their devices and plan for required updates. 

IoT increases security systems performance, when choosing the right connectivity technology. When choosing a new connected security system, it’s important to consider the different connectivity technologies. One can go for wired (landline), wireless, or a combination of both. We believe devices with wireless cellular connectivity – or wireless in combination with fixed line – are the best option. Why? 

Cellular connectivity brings additional security as wireless devices can be designed with robust hardware, keeping your services up and running; even in the case of power outages or physical data lines cut by home burglars or criminals. 

With the rise of 4G or 5G, new features providing more performance to home security systems, such as video streaming, real-time device monitoring or over-the-air device management are supported. 

“For EBS, iron-clad security is at the core of our business. As a manufacturer of smart security systems, we have over 3 million devices in the field. Our customers trust EBS to be at the forefront of security technology at all time – and to keep them and their property protected. This is a responsibility that we take incredibly serious, also when choosing our suppliers. With the Cinterion ELS62, we are able to rely on Thales’ extensive security expertise and have a connectivity module that is state-of-the-art, allows us to explore new technologies while never leaving any doubt about data protection”, said Piotr Blaszczyk, Member of the Management Board – Director for Research, Development and Technical Support EBS Sp. z o. o. 

IoT enables secure, remote updates, for devices installed for a long time. Home security systems are usually installed to last and run for many years. In this context, it is important that security devices are monitored carefully, to avoid connectivity breaks and ensure device uptime. 

Cellular IoT connectivity enables reliable and secure transfer of critical data, to monitor devices condition and react quickly, if needed. Software or security features updates can be run remotely, over-the-air, to save the time and the cost of sending someone to your house. 

If your security system is connected with cellular, you can also benefit from freshly new systems, such as dedicated IoT SIM cards, that ensure 24/7 connectivity to the best operator in your sector. This tremendously simplifies the installation of a security system at home (either by a technician, but also in a DIY context). In addition, it will ensure that your home security systems will remain connected, even in the case of network disruption that could cause service interruption. 

Cellular IoT connectivity can protect home security systems from cyberattacks. We should not forget that devices that are wirelessly connected can bring the question of cyberattacks and remote control on devices, by malicious people. 

Cellular technology, provided by cybersecurity experts like Thales, keep connected devices protected from cyber-attacks. Connectivity solutions that are well designed, integrate tamper-resistant environments (secure hardware such as modules or SIM cards) that keep your security devices identity and secret device information in protected environments, which no physical or remote hacker could access (for example, secure storage of credentials or of the expected result of a biometrics face scan). 

IoT cybersecurity solutions can implement very strong digital authentication systems, based on trusted identities and encryption mechanisms, to make sure that the data generated by your security device is clearly coming from YOUR device and has not been modified, on the way to your monitoring app. 

Interested in finding out more about the Internet of Things? You can read more about it here:

Or, leave a comment below and make sure to follow us on Twitter @ThalesDigiSec! 

The post How can home security be improved with IoT? appeared first on Cybersecurity Insiders.

It was great to be back in Barcelona for MWC this year – first time back since the pandemic and it really felt like no time had passed at all. 3 weeks on and my mind is still abuzz with the announcements, learnings and themes coming out from the show.

5G powers more than the Metaverse

Whether you were on the ground, or just observing from afar, the theme that likely jumped out at you is the Metaverse. Not just constrained to the halls of the Fira, the Metaverse has dominated headlines for a while now – quite an impressive feat considering there’s still a lack of clear consensus about its future, applications, and value. This article from CNBC encapsulates the sentiment perfectly; despite being the buzzword of the moment, it’s still quite a nebulous term.

That said, it still appeared to dominate the conference, especially when it came to 5G. Mark Zuckerberg addressed the mobile industry on day one of the conference – a statement that made it perfectly clear that the future of the Metaverse depends on 5G connectivity. This was followed by the announcement of a new partnership with Telefónica to establish a Metaverse Innovation Hub in Madrid; just one of the many Metaverse-related announcements made at MWC this year (we even jumped on the bandwagon in our post-show report).

That said, for me and many others in the industry, this is not what stood out the most at MWC 22. During my post-conference reading I came across this wrap up post from James Blackman, and I couldn’t agree with his sentiments more – despite the hype and headlines, this year’s show was actually about enterprise IoT and private 5G networks.

Shining some publicity on private networks

As mentioned in a previous MWC reflection post, 5G connectivity really does possess the power to unlock the potential of IoT – and this is true when we really focus on private networking too.

We’ve spoken at length before, about the transformative impact IoT can have within the enterprise, the importance for these networks to be private and why 5G is the network to enable this – so one of the announcements that caught our attention was the news that AT&T and Microsoft had penned a private network deal. The deal highlighted the benefits for multiple sectors, including manufacturing– where cameras and AI tools can assist in everything from robotic assembly to “event detection” – such as when a worker has been injured or a fire has started – and then alert first responders or activate fire suppression systems almost instantly.

As shown by this announcement, private networks give businesses the chance to connect their facilities and manufacturing. And, during MWC other big players like Cisco made similar headlines with their Private 5G solution. In fact, manufacturing had its own conference track at the event this year with a big focus on connectivity for Industry 4.0. Beyond manufacturing, there are many other sectors that will benefit from 5G enabled private networks – whether it’s healthcare, emergency services or the railways.

In case you missed them, here were some of the other key private network announcements made at the show this year:

  • HPE introduced a new private 5G solution that “offers seamless interworking across both private 5G and Wi-Fi networks. The solution is based on the HPE 5G Core Stack and comes pre-integrated with RAN solutions from Airspan and other leading vendors.”
  • Qualcomm announced a partnership with Microsoft to deliver an end-to-end, easy-to-deploy, scalable 5G private network solution that aims to reduce adoption barriers and operating costs for high-performance 5G connectivity solutions
  • Capgemini’s private network solutions are set to become integrated with Microsoft Azure’s Private 5G Core with Qualcomm’s advanced 5G technologies and Capgemini’s MEC platform to bring end-to-end simplified solutions for enterprises. The solution will be validated in Capgemini’s 5G Lab in Portugal.

Battle for the $64 billion market

It’s fair to say that private networks are still classed as an emerging market – but a rapidly developing one, and one that provides an opportunity to MNOS. According to ABI Research, demand for private network capability from multiple industry verticals could generate revenues of $64 billion by 2030.

Harking back to James Blackman’s MWC wrap up – he said that we need to steer clear of the narrative that there is a battle between three industries for the ‘soul of 5G’, and the battle for supremacy to capitalize on this market is not as simple as it’s made out to be.

These sentiments echo our thoughts; earlier on in the year we spoke about the shift in this narrative.

In the past operators were played off against GAFAMs, however 5G has changed the rules of this game and made it a much more nuanced space. The regulation governing spectrum access is a patchwork, allowing newcomers to bid in auctions for the right to run 4G and private 5G networks. Specialized system integrators are also aware of the huge potential returns and are now competing with the telcos. These new entrants include disruptive equipment manufacturers and so-called ‘hyperscalers’ such as AWS, Microsoft, and Google.

While 3G and 4G were built on hardware-based network functions, 5G is ‘cloud-native’. In other words, the network functions that would traditionally be delivered by hardware are instead run as software applications on remote servers. It’s a new way to run a network, and it will require operators and hyperscalers to collaborate closely.

The future of private networks

Earlier on this year, GlobalData predicted that most 5G business-to-business (B2B) market activity this year would focus on private 5G/LTE networks for industry. And it’s safe to say that this was an accurate prediction, as this conference was the moment where a significant level of companies threw their hat into the private networking arena.

So, what does this mean for MNOs? It’s certainly true that they face strong competition to private services to private networks – but they do have a advantages in their favour which we have spoken on before.

MWC may be over for another year but expect further analysis and updated from us on the private network market as it continues to evolve.

For further reading:

How can MNOs ‘win’ $64 Billion private networks opportunity? 

Think private networking is a future tech?  Here are 7 live deployments 

3 Reasons to be optimistic about data privacy in the 5G era 

The post More than the Metaverse: IoT and Private Networks are in the 5G spotlight appeared first on Cybersecurity Insiders.

By Murali Palanisamy, Chief Solutions Officer, AppViewX

Since the onset of COVID-19 and a rapid increase in the hybrid working model in Spring 2020, the workforce has adjusted to the work-from-home life. Initially, the primary concern was whether the workforce could work remotely long term, but since then things have changed. Nearly two years later, many still work from home and have plans to maintain this workstyle for the long term. While a majority of workers use Company Owned and Managed Device (COMD), many have been using their own laptop, desktop, and smartphone or opted out of one provided by their employer especially when they don’t need VPN and use SaaS services- this has caused a plethora of concerns for cybersecurity and IT professionals.

Institutions typically install proper security measures on any company-owned device. When it comes to personal devices or BYOD, however, IT teams have less control and even less control when it comes to ensuring an employee complies with the policies. Since it’s a personal device, there are only so many measures that can be taken. It’s imperative that each organization has its own BYOD policy and proactively enforces this policy to avoid any unwanted intruders on its network. The following outlines three considerations IT and security professionals should consider when developing this policy.

In a recent survey with Vanson Bourne, it was discovered that 90% of organizations say MIM is a top priority in their organization now that the concern for cyber breaches has risen since the onset of the pandemic. While these organizations are headed in the right direction with the decision to use MIM as an IT framework for BYOD, there is still work to be done.

Organizations still face numerous challenges as they enhance their Machine Identity Management approach. Some of the concerns at hand as organizations begin to adopt MIM are:

  • The complexity of ensuring that certificates are provisioned across all areas of their IT infrastructure – the complex number of devices being added due to the BYOD/hybrid work model has bottlenecked this.
  • A lack of skill sets within their IT/security team when it comes to MIM – from the IT talent shortage to the skills gap, IT leaders are struggling to find new hires and maintain current employees. According to Gartner, 80% of organizations shared that they are having a hard time finding and hiring security professionals.

The Problem at Hand

What does this mean exactly? When it comes to protecting an organization’s network and data, there is a scale, and each organization can choose how aggressive it wants to be. For example, endpoint security allows bridged devices to stay connected but will still maintain and protect the network when under attack. By securing the endpoints or entry points, it is a much more difficult task for hackers to access the network. But this method is not flawless, and organizations fall victim to attacks through phishing, email attachments, accidental downloads and more. With this vulnerability in mind, cyber professionals have looked at additional ways to protect the network.

Machine Identity Management at Work

One method of security that is often overlooked is Machine Identity Management (MIM). Under every organization’s BYOD policy, MIM should be implemented, and employees should follow its best practices. This means having certificates for users and the machines to uniquely identify the machine – and those that are not identifiable are denied access. Despite the organization not owning the device, IT or the information security team is able to transfer trust to the device the employee owns with a digital identity that the user themself would manage. Having the ability to issue and revoke accessibility for the device is a critical step in managing who accesses the network without taking full control of employees’ individual devices. If at any time, an employee’s computer is lost, stolen, damaged or compromised, the employee himself or the IT will be able to revoke that device certificate and access will be denied.

A few best practices for BYOD that are recommended include:

  • In a BYOD scenario the employee is trusted, and that trust is transferred to the device that he owns, in that scenario he should be able to revoke the device without having to manually interact with another team or person
  • The Global Information Security team or Central team should be able to control the policy and access of any device from a single console especially during an incident
  • A move to a short-lived certificate which is valid for 10/30 or 60 days with automated renewal and reissuance would be best especially when the devices are outside the perimeter.
  • The Global Security team should be able to reissue and revalidate certificates across all devices within a short period of time maybe less than an hour that provides crypto agility.

The Enterprise, The Cloud, and MIM

With the cloud transforming the physical data center, and compute and data moving to cloud steps in which data is stored accessed has greatly changed. The pandemic has changed the retail office space and since the onset of COVID-19, the number of ransomware attacks has greatly increased due to BYOD being adopted by many. The attacks on major infrastructure have required security professionals to reevaluate steps to protect organizations. While these attacks may have not been instituted by BYOD entry, IT professionals have agreed that it is critical to look at every vulnerable access point and address it.

While BYOD has been around for years, the IoT visibility gap has led to difficulty for organizations running in multiple cloud environments. Maintaining security measures across each cloud environment plus the relationships between each environment and every device in the network has become quite the challenge, especially when numerous devices were introduced as part of work-from-home amidst the pandemic. Many organizations are still playing catch up when it comes to distributing and revoking certificates as they work to identify the number of devices added to their network in mid-2020.

To get ahead and quickly make way with MIM efforts in the cloud for BYOD, it is recommended that organizations:

  • Create central visibility of all the issued identities
  • Define a central policy that can be audited, reported and enforced across hybrid environments
  • Have an out-of-band validation option which can audit and report on compliance of identities

The overwhelming stress a ransomware attack puts on an organization including the reputational impact, requires that security teams put an assertive BYOD policy into place to protect the network and greater organization. As we look back on lessons from 2021, the pandemic and remote workforce has made organizations more vulnerable to unwanted invaders. As attacks in sophistication, the steps taken to block them should evolve as well. With MIM implementation – organizations are one step closer to protecting their networks.

Can Murali provide more specific recommendations for BYOD and MIM as a service. A few bullet points would be great.

Can Murali provide more specific recommendations for BYOD and MIM in the cloud? A few bullet points would be great.

The post Machine Identity Management (MIM): Responding to Critical Security Needs in the BYOD Era appeared first on Cybersecurity Insiders.