Internet of Things (IOT) and IOT Security

IOT Vulnerability

With the advent of Industry 4.0, smart factory floors are leveraging the Industrial Internet of Things (IIoT) and Behavioral Analytics, and cloud computing to detect anomalous device behavior and boost factory floor efficiency. Despite these advances, factory floor repairs still often require technicians to visit the factory which leads to prolonged production outages.

IoT adoption in the home and workplace doesn’t show any sign of slowing down. Analyst firm IDC predicts that there will be 200 billion connected devices by 2020 and if standards stay the same that could mean billions of security vulnerabilities. The Marai virus demonstrated how IoT devices with default settings are vulnerable to infection and its effectiveness when used in DDOS attacks. There are more malicious variants underway that target ARC processors embedded into a broad array of Linux-based devices. A recent survey of IT professionals found that less than half of their organizations incorporated security policies that covered IoT devices, and only a third could say it covered home networks used to access corporate systems. Knowing what devices are on your network and implementing comprehensive network access control systems are critical to staying on top of security vulnerabilities.

IOT Security

Pulse Secure, the leading provider of Secure Access solutions to both enterprises and service providers, today announced the release of Pulse Policy Secure (PPS) 9.0R3 to extend its Zero Trust Security model to IoT devices and smart factories. The new version enables factories to streamline machinery repairs and diminish costly production downtime through IT-managed secure access. It also secures networks by expanding its behavioral analytics to IoT devices, detecting anomalies and preventing their compromise.

“Manufacturing customers are using IoT to retool their factory floors, creating smart production lines that report their health and operational efficiency. One benefit of this approach is that customers can proactively perform preventative or predictive maintenance on machines to avoid costly production outages,” said Prakash Mana, Pulse Secure’s vice president of product management. “Our latest Pulse Secure release helps customers not only secure the smart factory floor, but it also helps streamline their maintenance activities by giving service technicians remote access to the equipment they maintain. Regardless if they are on the factory floor or in their remote office, our Zero Trust Security limits technician access to the equipment they maintain and requires that they use secured end-user devices to perform their work.”

Pulse Policy Secure (PPS) is an integral part of Pulse Secure’s combined VPN and NAC solution that provides corporate networks with Zero Trust Security through visibility, “comply to connect” policy enforcement and security orchestration with popular network and security infrastructure. PPS dynamically profiles the network to discover, classify and apply policy to IoT devices, and includes a built-in IoT device identification library. The solution also integrates with Next Generation Firewall (NGFW) solutions to provide identity and device security state data, as well as to fortify micro-segmentation to isolate and manage IoT devices on enterprises networks.

PPS 9.0 extends the Zero Trust Security model to IIoT devices used in smart factories and buildings, with blended IT and OT environments. It automatically discovers and profiles IIoT systems, such as factory floor SCADAs, PLCs and HMIs, or office building HVAC systems, providing dynamic visibility and securing them by enforcing policies for local and remote access by authorized users and contractors. PPS 9.0 also automatically provisions IIoT devices to next-generation firewalls (NGFWs) to facilitate remote access without provisioning overhead.

“A top priority for manufacturing customers is complete visibility and security of IIoT devices on smart factory floor environments. Because failing systems may lead to loss of revenue or human life, customers must emphasize rapid remediation of machines to avoid system outages,” said Tony Massimini, Frost & Sullivan Senior Industry Analyst, Information & Network Security. “The latest Pulse Policy Secure release helps customers protect factory floor system integrity by providing technicians secure remote access. New Behavioral Analytics features also safeguard against attacks by detecting anomalous activity.”

The latest release of PPS also provides sophisticated behavioral analytics that alert security teams of anomalous IoT device behavior and automatically requires added factors of authentication. PPS 9.0 builds baseline behavior profiles for managed and unmanaged IoT devices utilizing information correlated from multiple sources such as NetFlow, user and device data. With these profiles, the platform detects anomalous activity, malware infections and domain generation attacks, allowing security teams to be more responsive to threats and take preemptive measures before attacks succeed.

The new PPS 9.0 IoT support also provides practical relief for the frequent and costly issue of factory floor equipment outages. Aberdeen recently reported that 82 percent of companies reported unplanned downtime in the past three years, which can cost a company as much as $260,000 an hour.

The resulting downtime breaks production and lowers profit, because factory floor repairs often take days when security requirements mandate that service technicians physically visit the factory to diagnose and repair the problem. The latest PPS release works seamlessly with Pulse Connect Secure to solve the problem in an innovative way. The combined NAC and VPN approach enables IT teams to grant remote secure access—authenticated and encrypted—to support contractors for expedited repair and return to service of factory IIoT systems for greater uptime and productivity. IT teams ensure security with remote zero-trust access via auto-provisioned NGFWs, and by enforcing security policies that authenticate contractors based on their technician role, endpoint device status and authorization to work on the targeted IIoT device.

“Some of our customers operate among the manufacturing and transportation industry’s biggest and most distributed internet-connected device deployments. These IIoT networks help our customers gain real-time system diagnostics, reduced downtime and overall lower operational costs,” said Kirk Hanratty, vice president and chief technical officer at IT security and solutions company SynerComm. “For these and other customers, IIoT drives their business where assuring availability and secure access throughout an IIoT infrastructure is paramount. We have found Pulse Secure’s platform to offer our customers the usability, interoperability and reliability necessary to support large scale IIoT applications.”

Enterprises rely on Pulse One to expand and simplify mobility to meet their business and operational needs.

Service Auto-Provisioning - Automatic configuration of user’s email, VPN and Wi-Fi settings eliminates help desk calls.

Container Security - A single security standard for iOS and Android that includes encryption of all data, controlled data sharing between apps, on-demand VPN, policy-based split tunneling, and enterprise wipe.

Single Sign-On - Eliminate the need for passwords with Workspace SSO. Users can access any mobile app simply by unlocking their Workspace and touching an app. No more password problems and help desk calls.

Compliance Enforcement - Host checking for iOS jailbreak and Android rooting ensures safeguards are persistent.

Cloud Access - SSO with device hostchecking ensures that only authorized users with compliant devices access Office 365, Box, Dropbox and other cloud services.

App Management - Curate by group a catalog of enterprise apps that can be mandatorily pushed or optionally downloaded.