The ATM celebrates its 50th anniversary this year. Some of the oldest cash machines still in use today date back to an era when network security was relatively unsophisticated. Protecting connections between large numbers of disparate ATMs and the banks’ processing centers using VPNs is relatively straightforward. Yet, some banks have not yet taken adequate protective measures. As the Internet of Things gathers pace, the need to protect machine-to-machine communications is becoming urgent. Cybercriminals’ recent success in carrying out remote attacks on ATMs is a timely reminder of how important secure remote connectivity has become for M2M environments.
The growing number of employees using multiple personal and company-owned mobile devices to connect to corporate networks is, according to Ponemon Institute, the biggest endpoint security threat today. In this environment, VPNs play a vital role in encrypting remote communications to keep sensitive and confidential company information exchanges secure and private. Large organizations may have many thousands of endpoint devices accessing the network at any given moment. Managing all these individual components is time-consuming and complex. However, a centralized remote access VPN management system can greatly simplify the process. The secret is in combining intelligence and automation to make remote access management as secure, efficient and productive as possible.
Large organizations today are experiencing a rapid evolution in technology that is challenging traditional security systems and infrastructures. Corporate networks that once only had to support the connectivity of desk-bound workstations and a small number of laptops must now cope with thousands of laptops, tablets and phones along with a rapidly growing population of IIoT/M2M devices. VPNs are an integral part of any mobile device and IIoT security strategy. To manage all of these VPNs easily and efficiently without compromising end-user security requires the IT department to embrace a variety of strategies.
The RSA Conference (RSAC) is always a major highlight in the IT security professional calendar and this year’s show was no exception. In this blog, NCP engineering reviews some of the standout enterprise machine-to-machine (M2M), mobile client and cloud security trends to emerge from RSAC 2017. The show is also a win-win for NCP. Our strong track record with US technology partners means that NCP is well-known to US-base customers and prospects. At the same time, our experience in fulfilling Industrial Internet of Things (IIoT) or Industry 4.0 projects in Germany means we had a great deal of knowledge and insight to share with prospects in this security segment, one that is in its early stages in the United States.
Most IT devices have some form of remote access, whether via web browser or app. As long as devices are accessed by an authorized user from within an internal network, this isn’t a problem. Unfortunately, many devices, especially routers and smart home gateways are also accessible from the internet. And that’s where the problems begin. In fact, they have never stopped. Open remote access is among the greatest yet unfortunately inevitable threats of IT devices. Anybody who can access the management interface can control the device and usually the owner will not notice. Devices that are connected to the internet are constantly scanned and scrutinized for vulnerabilities. Open remote management interfaces should be treated as the digital equivalent of a loaded gun. It can be used but you need to know exactly what you are doing and take every possible precaution.
Energy plants and factories have always been prime targets for delivering a devastating setback and psychological blow against an enemy. Today, successful attacks against critical infrastructure can be launched in cyberspace. In 2015, a cyber-attack on a Ukrainian power station caused a loss of power affecting 225,000 customers and the world took note. In the U.S., the Department of Homeland Security (DHS) has raised concerns over the growing number of cyber attacks on industrial control networks. In response, they recently published guidelines to “provide a strategic focus on security and enhance the trust framework that underpins the IoT ecosystem.” The document calls for a combined approach. Among the measures discussed are considered connectivity and defense in depth. Managed Virtual Private Network (VPN) connections and two-factor authentication can help secure critical connections to give IIoT data traffic the in-depth protection it needs.