This hyperconnection of everything also requires a mind shift in concepts such as endpoint security. The truth is, most companies’ approach to security is not keeping pace with the IoT explosion. Instead, the practice of layering endpoint security tools has left many organizations with dozens of security point solutions that don’t work well together, often leaving security gaps that attackers can easily exploit. For a good, real-world illustration of an IoT security exploit, check out the article and corresponding video, “Hackers Remotely Kill a Jeep on the Highway–With Me in It.”
The IoT security issue is not just one that automobile manufacturers have to address. With everyone’s ecosystem of devices, data and processes interconnected with everyone and everything else, all companies and organizations need embedded security. To be effective, security must pervade the entire infrastructure.
Cisco’s flexible security framework comprises four key components to navigate the highly diverse IoT environment and the related security challenges:
- Authentication. This layer is used to provide and verify the identity information of an IoT entity. When connected IoT devices (e.g., embedded sensors) need access to the IoT infrastructure, the trust relationship is initiated based on the device’s identity.
- Authorization. This layer builds upon the core authentication layer by leveraging an entity’s identity information and controlling a device's access throughout the network fabric. With authentication and authorization components, a trust relationship is established between IoT devices to exchange appropriate information.
- Network-Enforced Policy. This layer encompasses all elements that route and transport traffic securely over the infrastructure, including control, management and actual data traffic.
- Secure Analytics. This layer defines the services by which all elements (e.g., endpoints and network infrastructure) may participate to provide telemetry for the purpose of gaining visibility and eventually controlling the IoT ecosystem.
Using these four components, Cisco’s Security Everywhere strategy embeds multiple enhanced security technologies into the network infrastructure to provide broad threat visibility and minimize the time needed to contain threats. Additionally, Cisco enables customers to maximize existing and future investments by turning the Cisco network into a security sensor and security policy enforcer—providing enhanced visibility, context and control over any user or device that connects to the corporate network. This approach enhances threat visibility and minimizes the time needed to contain threats and allows for scalability, flexibility and operational efficiency.
Through Fly Higher, Ingram Micro offers its Cisco partners several additional IoT services, including:
- Dedicated enterprise networks and security teams
- Pre-sales and field technical support
- Cisco certification and specialization assistance via Cisco On Course
- Training and enablement via online courses and face-to-face boot camps and more
Let Ingram Micro's team of experts help your company deliver security everywhere, so you can protect your customers against the ongoing battle against cyberthreats in the IoT age. Contact Mike Mulvaugh, Channel Account Specialist: firstname.lastname@example.org.