Posts

6 things your managed IT services provider should be doing to protect you

Hiring a managed IT services provider is both a challenge and a necessity.

Today’s digital markets are experiencing escalating levels of cyber crimes so having an IT security expert is a requirement. However, the variety of services available and the extent to which those services are offered make it difficult to know which provider is right for your enterprise.

If you’re searching for a managed IT service to help with your organization’s security needs, consider how these options match up with your security concerns.

Protecting internal assets

Ensuring a tight digital perimeter is the first step to securing a company. Your managed IT services provider should ensure that your internal processes are safe.

Access to data

Most companies use authentication procedures to ensure only those authorized to access corporate data can access that information. These days, multi-level authentications are common and require every worker to pass through at least two portals to enter into company information vaults. You can also use the access process to limit who gets into which database, which is another security option.

Email safety

One of today’s biggest security threats is the phishing email. Your provider should have a robust spam and phishing filter to reduce or eliminate these threats.

Higher, stronger firewalls

One of the earliest forms of cyber protection remains one of its most valued services. Firewalls are hard- or software barriers that impede access by anyone without authority. Today’s firewalls deter known threats and can be reconfigured when new ones are discovered.

Protecting against external threats

Even with excellent internal protections, cybercriminals are still devising new threats to defeat them.

DDoS (Distributed Denial of Services)

These attacks are more frequent these days. They use multiple computers to attack a target server or network, then prevent users from accessing that server or network.

The nefarious brains behind the attack can be anyone from a single hacker to an organized crime ring (yes, those exist in cyberspace now). These attacks usually begin with the exploitation of a vulnerability within a server or network, which gives the attacker both an entry point and a home base. From here, the criminal can access multiple other computers, servers, and networks, infect them with malware, and cause the crash of the entire enterprise.

It’s worth it to pay more for heightened DDoS protections.

Mobile device vulnerabilities

Today’s “BYOD” (bring your own device) culture often permits workers to use their personal mobile devices for work purposes. By doing so, however, they open up innumerable vulnerabilities that most corporate security systems aren’t designed to handle.

Some companies curtail the threat with robust BYOD policies while others prohibit the practice entirely. Your managed IT services provider can identify for you how best to handle this situation within your organization.

IoT considerations

Think of the Internet of Things (IoT) explosion as an extension of the BYOD concern, only as a much, much bigger threat. There are hundreds of IoT devices available, some of which may already be installed in your facilities. Most of these digital items have little or no internal security features, so they can operate as an open portal within your enterprise.

Look for a comprehensive cybersecurity package that includes your IoT assets.

On a final note, remember that top-notch security doesn’t equate to complete compliance. If your company has compliance obligations, be certain that your new provider structures your services to meet those, too.

Google joins the empowered edge with Cloud IoT Edge

The internet of things has been a rapidly growing segment of technology over the past decade. Ever since Apple took made the smartphone a consumer success with its first iPhone, users have grown comfortable carrying technology in their hands and pockets. This IoT-filled world has created new opportunities and challenges.

According to IDC, connected devices will generate over 40 trillion gigabytes of data by 2025. This is too much of a good thing, especially if IoT devices remain only collectors and not processors. To help speed up data collection, Google has announced its Cloud IoT Edge platform, as well as a new hardware chip called the Edge tensor processing unit.

What are Google's new announcements?
Google described its decision to move forward on the Cloud IoT Edge platform as "bringing machine learning to the edge." Essentially, current edge devices, such as drones and sensors currently transmit most of their data collection back for internal processing. This procedure uses a lot of bandwidth and reduces the speed at which decisions can be drawn from the data. It also places a lot of stress on constant network connectivity, as any downtime can result in lost information.

Google's new software solution would allow this data processing to happen right at the data source. It will also enable advanced technology, such as machine learning and artificial intelligence, to operate on these edge devices. Enter the Edge TPU: This chip is designed to maximize performance per watt. According to Google, the Edge TPU can run TensorFlow Lite machine learning models at the edge, accelerating the "learning" process and making software more efficient faster.

Google is seen as one of the big three when it comes to cloud infrastructure solutions. Google is seen as one of the big three when it comes to cloud infrastructure solutions.

How does this compare with the greater market?
In this announcement, Google is following in the path of Microsoft. Released globally in July, Azure IoT Edge accomplished many of the same tasks that the Cloud IoT Edge solution intends to. The two aim to empower edge devices with greater machine learning performance and reduce the amount of data that must be transmitted to be understood.

However, as Microsoft has been in the hardware space much longer than Google, no TPU chip needed to accompany the Azure IoT Edge release. It is possible that Google may gain an advantage by releasing hardware designed to optimize its new platform performance.

Amazon's AWS Greengrass also brings machine learning capabilities to IoT devices. However, unlike the other two, this platform has existed for a while and seen modular updates and improvements (rather than a dedicated new release).

The presence of all three cloud platform giants in edge space signifies a shift to at-location data processing. Cloud networks have already been enjoying success for their heightened security features and intuitive resource sharing. As these networks become more common, it has yet to be fully seen how Microsoft, Amazon and Google deal with the increased vulnerabilities of many edge devices. However, with all three organizations making a sizeable effort to enter this market space, businesses should prepare to unlock the full potential of their edge devices and examine how this technology will affect workflows and productivity.

Should companies embrace Microsoft’s Azure IoT Edge?

As of late June 2018, one of Microsoft's newest software platforms, Azure IoT Edge, is generally available. This means that commercial enterprises and independent consumers now have access to it and, thanks to Microsoft's decision to take the platform open source, can begin modifying the technology to fit specific needs.

Every innovation brings new opportunity and unforeseen challenges, and there is no reason to suspect that Azure IoT Edge will be any different. Even programs created by technology industry leaders like Microsoft have their potential disadvantages. 

What exactly is Azure IoT Edge?
Simply put, Azure IoT Edge represents Microsoft's plan to move data analytics from processing centers to internet of things enabled devices. This sophisticated edge computing technology can equip IoT hardware with cognitive computing technologies such as machine learning and computer vision. It will also free up enormous bandwidth by moving the data processing location to the device and allow IoT devices to perform more sophisticated tasks without constant human monitoring.

According to Microsoft, there are three primary components at play:

  1. A cloud-based interface will allow the user to remotely manage and oversee any and all Azure IoT Edge devices.
  2. IoT Edge runtime operates on every IoT Edge device and controls the modules deployed to each piece of IoT hardware.
  3. Every IoT Edge module is a container that operates on Azure services, third-party software or a user's personalized code. The modules are dispersed to IoT Edge machines and locally operate on said hardware.

Overall, Azure IoT Edge represents a significant step forward in cloud computing and IoT operations, empowering devices with functionality that wasn't before possible.

Devices like drones will be able to carry out more sophisticated tasks using Azure IoT Edge. Devices like drones will be able to carry out more sophisticated tasks using Azure IoT Edge.

The cybersecurity concerns of Azure IoT Edge
It is worth remembering that IoT hardware has a long and complicated history with cybersecurity standards. Considering the bulk of IoT technology adoption has been driven by consumer, rather than enterprise, products – issues like security and privacy were placed second to interface design and price point.

Research firm Gartner found that 20 percent of organizations had already reported at least one IoT-centered data breach within the three years leading up to 2018. This risk has led to IoT security spending that is expected to cost $1.5 billion globally in 2018. Some companies scrambling to make their IoT hardware more secure may want to leave this problem as a priority over incorporating Microsoft's newest software platform.

Another potential issue is Microsoft's decision to make the platform open source. The original code is public knowledge and now available to all to modify for personal use. While this flexibility will greatly help the product's user base expand, open source programs have not historically been the most secure from cybercriminals.

Many ecommerce websites ran on the Magento platform, an open source solution that became the target of a brute force password attack in 2018, which ultimately proved successful. The resulting data breach led to thousands of compromised accounts and stolen credit information.

A Black Duck Software report tracked open source programs as they have become more widespread. While the overall quality of open source code is improving, the study found that many organizations do not properly monitor and protect the code once it has been put in place, leaving it vulnerable to exploitation from outside sources.

"Microsoft annually invests $1 billion in cybersecurity research."

The Microsoft advantage
However, Microsoft is arguably in position to address the major security concerns with its Azure IoT Edge platform. The company invests over $1 billion in cybersecurity research each year. According to Azure Government CISO Matthew Rathbun, a lot of this money is spent  with Azure in mind:

"Ninety percent of my threat landscape starts with a human, either maliciously or inadvertently, making a mistake that somehow compromises security," Rathbun told TechRepublic. "In an ideal state, we're going eventually end up in a world where there'll be zero human touch to an Azure production environment."

Azure IoT Edge represents a bold step forward in empowering IoT technology and improving automated productivity. While there are risks associated with every innovation, Microsoft remains committed to staying at the forefront and protecting its platforms. Companies should be willing to invest in Azure IoT Edge while remaining vigilant about the possible risks. 

Cybersecurity tips at a glance: Managing IoT devices

As the realm of the internet of things grows, it is important to understand all aspects of the technology's performance. Companies and industries that see only the benefits open themselves up to data breaches, public embarrassment and even legal action. IoT technology can boost productivity when done right but lead to costly and unnecessary expenses if utilized without proper foresight.

The possible downsides of exercise wearables
Employee wellness is a trend that is sweeping across industries. These initiatives have shown positive results, such as increasing worker morale and promoting healthy behaviors. One study from the Journal of Occupational and Environmental Medicine even found that employee wellness diet programs can reduce health risks.

To this end, exercise wearables, such as Fitbit, appear to make sense. These devices can track heart rate, body temperature, calorie consumption and sleep quality. Many come with a social aspect, as well, allowing co-workers to engage in friendly competition to see who is the most active within the office.

For many industries, these wearables have no real downside. However, employers should know that the data gathered by many fitness wearables can be used to track employee location. This vulnerability has been problematic, especially for those working for the U.S. armed forces. According to The Washington Post, several previously secret military bases were revealed when data gathered by GPS tracking company Strava was made public.

The U.S. army had been using these fitness wearables for their advantages without fully understanding how the technology could be exploited. Most commercial hardware is designed for ease of use and cost affordability. These traits are in part the reason why IoT has famously encountered cybersecurity concerns over the past several years.

For enterprises working with sensitive and classified materials, IoT wearables may have a downside. Outside parties, benign and malicious, can track employee movement, knowing more about workers than may be deemed safe.

Augmented reality glasses can also potentially leak vital secrets, as they see and record all the employee does. Augmented reality glasses can also potentially leak vital secrets, as they see and record all the employee does.

Know where backup data is stored
Many IoT devices provide extra "eyes" on the field. Drones have been performing various types of reconnaissance missions for decades, whether for government contractors or farmers wishing to understand more about their soil. These unmanned aerial vehicles, or UAVs, are built to capture, transmit and store data.

While useful, drones have several serious cybersecurity concerns. They can be intercepted, and if so, their data is easily accessible. This risk is especially a problem for devices that back up information into themselves. A report from Syracuse University indicates that there are concerns that data stored on Chinese manufactured drones could be accessed by their government and would be out of U.S. control. 

Using IoT devices has many advantages, but executives must always consider the full picture before implementation.

How cave fish may help prevent IoT jamming

Jamming is a potential crippling blow to internet of things-enabled hardware. It can bring down drones from the sky, disrupt network connections and lead to economic downtime. In the cybersecurity arena, jamming is more commonly known as dedicated denial of service attacks. According to a CORERO DDoS trend report, this method of cyberattack increased by an incredible 91 percent in 2017.

IoT devices are behind this surge in DDoS attacks, as many lack comprehensive cybersecurity protocols and can be easily jammed. While this deterrent is not enough to slow the pace of IoT adoption, enterprises hoping to make use of mass IoT market penetration must be aware of the risks, as well as what is being done to prevent IoT jamming.

Luckily, a recent study published in Optics Express gives some hope against rampant DDoS cybercrime. As with many technological innovations, the potential salvation is inspired by a system that already works inside the animal kingdom.

Studying the Eigenmannia
The Eigenmannia are a species of cave fish that exist in total darkness. Without light, these creatures need another way to hunt, communicate and otherwise "see" within the perpetual darkness. The researchers studying these fish discovered that they emitted an electric field to sense the environment and communicate with other fish.

Because two or more of these animals could emit the field near one another, the species had to have a way to stop the signal from getting disrupted, otherwise the fish couldn't thrive. The scientists learned the Eigenmannia have the ability to alter their signals. This capability is due to a unique neural algorithm in their brain activity. The purpose and function of the field remains in tact, but its frequency is changed just enough to avoid confusion.

This same trait can be harnessed to help create a light-based jamming avoidance response device.

Drones if jammed run the risk of damaging hardware and products. If jammed, drones run the risk of damaging hardware and products.

Creating a jamming avoidance response device
When two IoT devices operating on the same frequency come close to each other, the fields become crossed, and jamming occurs. The closer the two pieces of hardware drift, the more the disruption intensifies.

However, with a JAR device, similar to the natural solution used by Eigenmannia, these IoT components could adjust their frequency, preserving the function of the signal while avoiding jamming. Using a light-based system would enable IoT devices to shift through a wide range of frequencies.

The resulting machine, created by the research team, shows promise.

"This could allow a smarter and more dynamic way to use our wireless communication systems without the need for the complicated coordination processes that currently prevent jamming, by reserving whole sections of bandwidth for specific phone carriers or users such as the military," said team lead Mable P. Fok.

While it won't single-handedly eliminate the threat of DDoS attacks, JAR device usage on a large scale has some advantages. Essentially, it is a low-cost solution for any agency that utilizes a plethora of IoT content. In addition to the aforementioned military use case, health care facilities like hospitals, air traffic control towers and even educational institutions could find immediate value in this technology.

Since a JAR device would likely lower the bandwidth needed for IoT hardware interaction, DDoS attacks could become less expensive. As these attacks continue to become more prevalent, the value of this research will likely increase. Designing IoT devices on software that can shift frequency will reduce costs and, hopefully, a more secure IoT landscape.