Internet of Things (IoT) and machine learning are coming together to bring about a sea change in how we use buildings, at home and at the office. Smart infrastructure makes domestic households more energy efficient and allows companies to optimize their real estate. Almost every large enterprise and government organization is currently working on smart infrastructure projects at some level. It’s no surprise that the market for smart buildings is expected to increase four-fold by 2021. The pursuit of greater efficiency and convenience, however, introduces new risks. Many IoT devices and management systems still run on legacy software and lack any kind of security standards. This makes them vulnerable to attacks by hackers. The answer is to build-in cyber-resilience from the beginning starting with securing all connection points using virtual private networks (VPNs).
Major sporting events are always popular with businesses. The 2018 World Cup tournament in Russia promises to be no exception. The corporate sponsorship opportunities on offer are an ideal way to entertain influential decision-makers of important customers and prospects. Set against this are recent reports of Russia’s tough new internet censorship laws – set to come into effect from November 1, 2017. The move is a security concern for Western company executives anxious that employees and VIPs visiting the event may be unable to prevent sensitive information being exposed to Russia’s extensive surveillance network. The good news is that the new regulation only blocks access to web services and online information that are outlawed already and does not extend to personal or legitimate business Virtual Private Network (VPN) use. With a corporate VPN and some simple guidelines it should be possible for visiting executives to conduct business over the Internet securely during World Cup 2018.
Starting May 2018, any business offering goods and services to EU citizens will have to comply with new GDPR rules. These rules explicitly require companies to take all measures necessary to protect the integrity of consumer data that they process or store. A key principle of GDPR is “privacy by default” which requires the digital information in everything from emails and mobile apps to cloud storage systems and M2M communications to be kept private and secure at all times. Studies show that U.S. organizations are no less committed to compliance as those in the EU. One of the most powerful protection measures a company can take is to encrypt data at every stage – in use, in motion and in storage. A tried and tested way to transport sensitive personal data securely across public networks is via business-grade VPNs. VPNs provide an encrypted tunnel to communicate privately between email and mobile connections as well as internal databases and cloud storage facilities.
We recently briefed Rik Turner, Principal Analyst of Infrastructure Solutions at OVUM Consulting, on our VPN client software (IPsec and SSL), VPN gateways, central management consoles and personal firewall product, Net Guard. Given our extensive experience in the manufacturing and process industries, we discussed the expansion of NCP technology into the Internet of Things and the Industrial Internet of Things.
Small business owners have many things on their mind but IT security should not be one of them. Not so long ago, network protection for a small business amounted to maintaining a firewall and some antivirus software. Now, recent technology advances have blurred the boundaries between the company perimeter and the world at large. Consumerization of IT and flexible working mean employees now need secure, private remote access to company resources from their own devices at any time of day from anywhere in the world. This translates into increased risk to the business and the potential for higher levels of stress for business owners, especially if they take on fixing security issues in person. A small business requires additional protection, particularly once they begin to expand. This is where remote access Virtual Private Networks (VPNs) for employees and Industrial Internet of Things (IIoT) can help.
A hacking and cyberespionage group is currently targeting industrial control systems at energy companies. According to a survey by Symantec they have broken into 27 corporate networks so far. The Dragonfly group, also known as Energetic Bear is using spear phishing campaigns and malware-infected websites to collect credentials for corporate networks. Dragonfly has been active since at least 2011 and was exposed by security analysts in 2014. Afterwards, the group seemed to go underground and has only recently emerged again in the public eye. Symantec researchers refer to the current attacks as “Dragonfly 2.0” because they replicate many aspects of the previous attacks. The attacks target industrial control systems (ICS) which belong to companies that operate pipelines, generate electricity, and other energy-related companies. The Dragongly group appears to be particularly active in Switzerland, Turkey and North America.