Make those minutes count

Security, Endpoints, and the Internet of Things

shutterstock_277469792In information technology, an endpoint is any device or node that is connected to a network over which it is able to communicate. When it comes to security, endpoints are one of the most important aspects of the network to protect. The goal of almost any attack or attempted breach is to gain control of an endpoint and use it to siphon off information.

In the past there were a limited number of endpoint types, and hardening a network was a relatively simple task. That simplicity has all but disappeared with the arrival of the Internet of Things (IoT).

The Weakest Link

Every endpoint on a network is a potential security weakness. The IoT is all about turning everyday items into network endpoints. This has two main repercussions in terms of keeping a network secure.

  1. The number of endpoints on the network increases exponentially, and tracking and managing them all becomes significantly more difficult.
  2. Rather than a few endpoint types running standard software on standard operating systems, almost every IoT-enabled device is running its own custom operating system and software package.

As a result, one-size-fits-all security is no longer effective and custom solutions have become the norm. Thankfully, the solution to this security quandary is not to ban all IoT-enabled devices from the network. It is possible to maintain effective and efficient network security in an IoT-enabled world. This is most easily accomplished through a three-step approach that involves:

  1. connection monitoring,
  2. patch maintenance, and
  3. prevention of configuration drift.

Maintaining Security

As part of a robust network security strategy, it is important to discover connected endpoints on a continuous, real-time basis. The status of those endpoints and their connections should be monitored and any unusual activity should be logged and dealt with accordingly.

It is also vital to patch vulnerabilities as quickly as possible. Most security breaches are accomplished using publicly known vulnerabilities for which patches are available. Those vulnerabilities would not be available to attackers if patches were applied in a timely manner.

Another element in successful post-IoT security is one that is very often overlooked: configuration drift. When a new device is first provisioned, it has been configured to be in line with the network’s security policies. Over time and with ongoing interaction with end users, settings can change and security elements can be disabled or removed. Before long, the device becomes a gaping hole in the security of the network. To prevent this, endpoint configuration settings should be monitored or even automatically reset to default values at regular intervals.

Security Is Still Possible

The IoT has drastically complicated the practical aspects of network security. The sheer number and variety of endpoints now connected to most networks can be enough to overwhelm even the most competent and organized of network administrators. By sticking to a three-pronged approach of monitoring connections, maintaining patches, and preventing configuration drift, it is possible to keep endpoints, and therefore the network, safe and secure.

A Cloud Cost Assessment

shutterstock_156845033Many companies are turning to the cloud to gain access to scalable and flexible applications and services at a price they can afford. Cloud services offer companies several advantages they might not be able to purchase or implement on their own, including disaster recovery capabilities and the ability to increase or decrease usage or add and drop services based on their operational needs.

But while the advantages of transitioning to cloud-based services is enticing for a variety of reasons, it is wise to take a careful look beneath the surface to ensure the company’s needs and requirements will be met and that the true price point makes sense for the company’s budget.

Compliance Requirements

The first step in determining where a business wants to go is to figure out where it is starting from. When it comes to making a cloud transition, knowing a company’s current and future needs and requirements is crucial.

Early in the process, the company must understand what its compliance requirements are. In some vertical markets, data security regulations may require that certain data can’t be stored in the cloud. Understand from the outset if certain processes and data sets must be retained on private networks.

Personnel Requirements

A business should determine its IT personnel requirements and ensure the entire team is well versed, trained, and prepared for the transition process. Not being prepared with the right participation and knowledge could translate into higher costs.

Application Requirements

Finally, understand where current applications are in their life cycle. Certain legacy assets may not be supported by cloud-based solutions, and moving to the cloud while those applications are still needed could create a headache as well as additional costs. Transitioning to a cloud-based service is likely to be more cost efficient when it occurs at the natural end-of-life stage of applications, when upgraded products or services would have been necessary anyway.

Cost and Elastic Load Balancing

Once a company knows where it is and has figured out where it wants to go, it must then study the costs associated with getting from point A to point B. It can be difficult to compare costs among cloud providers as pricing models can vary widely.

Costs can be controlled to some extent by employing elastic load balancing, which involves shifting capacity between internal assets and cloud solutions. This can increase network efficiency and can lead to cost savings.

Cost and Usage

Monitoring usage is another key to getting the most out of a cloud solution. A predictable monthly fee does not necessarily mean resources are being used in a predictable and constant way. Train personnel to carefully monitor usage and remove unused space as soon as possible to ensure capacity isn’t wasted.

Making the Cloud Decision

The upfront and recurring costs associated with cloud-based services must be weighed against the competitive costs of not deploying cloud services. While one company may shy away from the cloud, its competitors may be turning cloud advantages into competitive advantages. Cost savings reaped from employing a cloud-based service can be passed on to consumers and help companies gain customers and market share.

But that doesn’t mean it’s wise to jump right into a cloud deployment. Understanding the company’s needs and requirements before heading down the cloud path will help ensure that the right cloud applications and services are being purchased at the right price.