With sensors everywhere, how can we keep data secure?

The idea behind the Internet of Things (IoT) is that everyday objects can connect to each other and exchange data via the Internet. Even the smallest components, such as sensors for measuring temperature, angle of inclination or acceleration can send information or accept commands via the network. Current and future systems are based on the Internet protocol and will probably soon include ipv6 support. They transmit data in an open and well-known format. Depending on the application, data will most likely be transmitted via public networks. This means that data is in principle open to everyone who is connected to the network. Subject to the type of data the consequences range from unpleasant to catastrophic, which is why confidentiality must be protected and safeguarded. There are many ways of achieving this, especially through encryption.

IPv6: Looking Back on Year One

It was only one year ago that the world welcomed the launch of IPv6, the long-anticipated solution to the problem of the world running out of IP addresses. In its first year, IPv6 has started to take root. Take a look at Google’s IPv6 adoption chart, for example, and you will notice that the growth has been exponential over the past year. However, the communications protocol still has a long way to go before becoming widespread. Over the next several years, the need for IPv6 will become more evident though. North America will run out of IPv4 addresses this month, according to the Internet Society’s infographic we previously referenced; meanwhile, Europe and Asia have run out already. On top of this, the increasing number of web-enabled smart devices, including smartphones, tablets, household appliances and vehicles, will put a further strain on IPv4’s networks. Despite the glaring need for IPv6, IT infrastructure is still a limiting factor in its adoption. Rainer Enders had this to say in an IT Business Edge article: “The truth is, the transition to IPv6 will be a slow rollout that will happen over the next 10 years. There’s still too much work that needs to be done from providers in terms of upgrading their wiring, pipes and firmware.” Sadly, this is still the case, as many organizations have used workarounds like Network Address Translation (NAT) as band-aids rather than confronting the inevitable transition to a long-term solution. Luckily, organizations are slowly starting to embrace the new era of the Internet. Operators such as AT&T, Verizon and Deutsche Telekom have championed the new protocol, with each...

What We're Reading: Week of 12/31

CSO – Could China blocking VPNs lead to spying on business? IT Business Edge – BYOD in 2013: Yes, It Is Going to Get Worse Ars Technica – IPv6 takes one step forward, IPv4 two steps back in 2012 eWeek – Targeted Attacks, Weak Passwords Top IT Security Risks in...

What We’re Reading: Week of 12/31

CSO – Could China blocking VPNs lead to spying on business? IT Business Edge – BYOD in 2013: Yes, It Is Going to Get Worse Ars Technica – IPv6 takes one step forward, IPv4 two steps back in 2012 eWeek – Targeted Attacks, Weak Passwords Top IT Security Risks in...

Q&A with Swen Baumann, product manager at NCP engineering

We recently spoke to NCP engineering’s Swen Baumann about split tunneling and its role in IPv6, and how to best deploy it when working remotely.  VPN Haus: How is split tunneling impacted by IPv6 dual-stack networking? Swen: The main thing to remember is, split tunneling needs to be specifically configured. For instance, in a “dual-stacked” world – which implements both IPv4 and IPv6 stacks — you will have to configure either both or just only one, depending on which stacks you plan to use. Once you’ve completed this configuration, split tunneling will be processed — no matter if the traffic is IPv4 or IPv6. Simply put, to enable split tunneling on IPv6, you only need to configure the stack – but otherwise it should run smoothly. VPN Haus: How does split tunneling differ from inverse split tunneling? Swen: I know it’s stating the obvious, but it’s inverse. Here’s what that means. With conventional split tunneling you configure some networks that are to be processed within the tunnel, which means there are others not be taken into the tunnel. With inverse split tunneling it is just the other way round. You configure those networks that are not be processed through the tunnel and all the rest will be taken into the tunnel. In other words, split tunneling becomes the rule — not the exception. VPN Haus: In cases of split tunneling for the home office, do you recommend the corporate VPN be set as the default gateway to first route all traffic, dropping those requests deemed unnecessary to secure? Swen: Usually yes. But ultimately, it depends on the security policies...