Verifying the performance of the IoT devices, protecting the connection, and recognizing the IoT datais accomplished through focused testing before deployment and monitoring during operation. Mr. Jeff Harris, VP, Solutions Marketing, ixia talks to Shanosh Kumar From EFY Group
Q. Does the emerging security threats really need analytics ?
A. Attacks are getting more sophisticated and the volume of attacks increasing dramatically. In 2005, one million attacks a year seemed like an enormous number. In 2015, there were one million new attacks launched per day according to AV Test. Security needs analytics to sort through it all because the data will tell you everything, if:
(a) you have access to it
(b) you can handle the volumes
(c) you know how to analyse it to find what you are looking for.
Q. What should be kept in mind while applying updated security protocols with respect to connected devices?
A. Protocol changes are inevitable to accommodate more data at higher speeds. Every change requires validation to make sure it is sending out data correctly. Ixia’s protocol test business lives that every day and we have an entire research labs team focused on staying ahead of those innovations. Once devices and their protocols are validated, data from those connected devices end up becoming part of the overall enterprise data stream that needs to be monitored. For that, you need a smart visibility architecture that cannot just see the data, but understand the security implications of various traffic types so they can be analysed. Ixia has a family of visibility products that tap into the network Security Fabric. In between them is the part that is critical to security. Every time someone in IT observes unusual behaviour, they would alert their developer team who attempt to replicate the problem in the lab. That takes time. Ixia has a feature called TrafficRewind that captures all of the traffic streams and conditions of live networks so those exact conditions can be played back in the lab for faster troubleshooting.
Q. What could be the probable security threats faced by connected devices, particularly at the edge?
A. With 5.5 million IoT devices being activated every day in 2015, many of them within corporate networks, there are a lot of devices sending data into the corporate network. The majority of those devices are unattended most of the time, so anyone can walk up to them. Add to that mobile devices like cell phones, tablets and laptops, and physical security has to be a concern. The fact that a growing population of workers conduct some level of business on their personal devices, and personal on their business devices, and the risk increases as mobile device infection rates are not zero.
Q. Do security breaches affect the efficiency and effectiveness of a connected environment?
A. There of course plenty of examples of IoT devices being breached like the 2014 German Steel Mill meltdown. The Department of Homeland Security ICS-CERT database lists pretty much every vendor’s IOT known vulnerabilities and advisories.
These types of breaches can happen for all types of reasons. One of the most avoidable disruption issues on connected devices is the wireless. Sometimes the disruption can be accidental, as many of those devices use standard wireless like WiFi to interact. Disruptions from RF interference, fading, and hijacking can cause local disruptions with disproportionate impact. Medical devices, for instance, in RF noisy hospital settings need to be fully vetted in harsh RF environments.