See Pulse In Action
Request a Demo Below
of IT security professionals think connected devices are a major security threat to their business
of respondent companies still don’t have a dedicated plan for IT asset management
In today's digitally connected world, network transparency has become something of a ‘holy grail’ for administrators and systems managers. For quite a while now, network concerns have been eclipsing other aspects of IT. There is a growing emphasis on creating digital networks that are strong, robust and secure.
The reasons for this are evident — we all hear about big data breaches and cyberattacks continually, and we understand that network security is paramount. But many business leaders and executives are still coming to terms with key ideas about how to deal with network security issues.
One relatively new discipline emerging as a significant part of any CISO's playbook is network asset discovery.
Network asset discovery strives to determine exactly what devices and nodes are part of a network at any given time. This sounds simple, and it's built on earlier and simpler systems, but these days, it's become a very complex task. The discovery zone has, after all, changed tremendously. What used to be as simple as a relatively flat network is now a bewildering barrage of devices, sensors and infrastructure owned by different stakeholders. Still, a TechWorld white paper points out that a full 80 percent of respondent companies still don’t have a dedicated plan for IT asset management.
Network asset discovery is critically important to IT security for a number of reasons.
First, in order into understand things like endpoint security and segmented network security, administrators have to know the blueprint of a network, and understand what's connected to that network.
Also, modern security has developed beyond a ‘perimeter approach.’ New security initiatives focus on issues that penetrate deep into the network, ones that can't be stopped at the perimeter. Network asset discovery is also integral to this approach: you have to know what’s connected, and how it’s working, to start to unravel thorny issues around authentication, traffic security and behavioral analysis.
Real network transparency and a full accounting of connected devices comes at a cost, but it’s part of what makes companies confident in an age where IT security is such a big priority. Studies show there is quite a bit of awareness of how important asset discovery is: in the Pwnie Express report for 2017, 92 percent of those surveyed cited connected device threats as a major risk this year and beyond.
Although they are exciting new phenomena that enhance our use of digital devices, both Bring Your Own Device (BYOD) and the Internet of Things (IoT) have proved difficult in terms of network transparency and network asset discovery.
Earlier network asset systems were often called “network asset management systems” and focused on a basic headcount of machines and workstations for the purposes of software licensing and other mundane considerations. These systems have also been important from an audit perspective.
However, with the emergence of BYOD, where more mobile devices were dynamically connecting to networks, it became important to do asset counts in real time, and the term “asset discovery” became more and more relevant. At the same time, companies and institutions were under investing in BYOD security, as evidenced by this 2013 EdTech report showing, among other statistics, that only 38.2 percent of responding universities had recently updated a BYOD policy. More recently, the Pwnie Express IoT Report for 2017 showed dismaying information on companies backtracking on BYOD plans, with only 55 percent of respondents citing an existing BYOD security plan, versus a 63 percent rate in 2016.
For the purposes of real asset discovery, legacy asset management systems are simply not up to the test. A basic graphic interface that shows a number of connected computers is hardly anything like a real-time dashboard that shows how the system is tracking and detecting a vast range of devices.
As the Internet of Things begins to emerge, roving devices aren't limited to smartphones anymore. Thinking about things like smart refrigerators and smart dishwashers, it's easy to see how the Internet of Things will involve enormous numbers of dynamic device connections happening all the time, everywhere, all around the network.
Again, perimeter approaches don't work here — IoT devices can often bypass a firewall. Many of these devices are online all the time, which increases vulnerability. Many of them will also not be designed for upgrades in ways that smartphones and computers are; just a brief glance at some of the manufacturer plans for embedded IoT sensors show how these device connections will not be “smart” in ways that we've previously designed them to be. In other words, there's a kind of free-for-all in device connecting philosophy in play, ostensibly for the sake of convenience, that's going to make a carefully pruned tree look like a wild, overgrown mess.
Techtarget refers to this poetically as “network evanescence” and talks about how refined security tools are needed to track the real-time network connections that will be a part of IoT. On top of that, considering the importance of network security, consultants and others often find companies to be relatively lax, as mentioned in this 2013 Frost and Sullivan report where 80 percent of respondents were using “unapproved SaaS” elements.
One of the biggest reasons companies do security upgrades, buying into tools like network asset discovery resources, is a mandate by their industries to maintain a certain level of security compliance. They also invest due to fear of breaches, but in many cases, its industry standards that push the changing tides.
In the medical industry, the Health Insurance Portability and Accountability Act (HIPAA) plays an enormous role in shaping security demands. PHI compliance is both a philosophy and a practice. It requires providers and third parties handling medical data to perform all sorts of network administration upgrades, such as asset discovery, in order to simply meet the standard. Vendors play a role in the accomplishment of that standard, shaping and selling their products in ways that conform to the HIPAA Security Rule, which imposes heavy consequences for substandard data handling.
The security industry has much the same responsibility under the PCI rule. This responsibility has led to a proliferation of specialized tools to help companies in finance enumerate their networks.
Then there’s the U.S. National Institute of Standards and Technology or NIST, which has a stark impact on American commerce. A NIST solution sheet recommends the use of network asset discovery tools to detect unauthorized devices accessing a network.
Some comprehensive security solutions are emerging for asset discovery and transparency in the age of the Internet of Things, but companies still struggle to fully secure their data as networks proliferate.
One common strategy is referred to as “edge computing." The edge computing model involves dealing with individual devices, sensors and connections at the edge of the network — not at the perimeter, but just outside of it — or in other gray areas where incoming or interactive traffic can be closely monitored. The idea of multiple edge gateways is helping many security-minded professionals get their heads around how to compete with hackers in a chaotic environment that seems to favor vulnerabilities. Fog computing is a similar idea, based on strategic use of near-perimeter vantage points to monitor and assess traffic. Some systems provide triage or containment, or complement existing firewalls with heuristics or behavior analysis tools.
While these efforts can be somewhat effective in some cases, they're not a panacea for conquering threats and IoT challenges. Many IT experts lament that for practical security, you really need “eyes on glass” or some type of sentient analysis of network observations. It's hard to come up with the money for implementing broad and sophisticated programs and staffing security teams, but at the same time, the ROI is evident to executives who understand what happens in an IoT world. The 2017 Pwnie Express report breaks down some of the numbers of IoT security budgeting, finding that 39 percent of respondents had budget allocations for “wireless device detection” and 40 percent for device threat detection, both solutions involving the use of network asset discovery for security purposes.
With this in mind, vanguard companies have developed highly evolved visual dashboard products and other resources to deal with network evanescence and help promote transparency, even in an age where everyone and everything is accessing a common Internet, and where outsider devices and nodes are positioned near a company’s network.
Pwnie Express has built Pulse to look for all devices and network nodes, whether wired or wireless, across an entire distributed system. Pulse tracks each asset on the network and detect threats from and vulnerabilities on these assets.
Through a convenient Software as a Service platform, Pulse looks for devices in real time and monitors the airspace around the network. Using a visual dashboard, company analysts can get more cognizant about possible risks to a business system. Consider how these types of advanced security can prepare a business for the dramatic change that is coming our way courtesy of an Internet of Things market and connectivity model.
Request a Demo Below