Industry View: Demystifying Device Security, Part Two

Mocana’s Adrian Turner describes the kinds of protective measures required as more and more devices connect to the Internet.

. What's this?

By Adrian Turner

January 16, 2008CSO — The Internet’s profound potential lies in its ability to connect billions upon billions of smart sensors, devices, and ordinary products into a global "digital nervous system."  Already, people are able to purchase products directly from their cell phones, or receive automated, real-time traffic updates while driving in their cars.  As devices continue to proliferate and connect to a global network, it is increasingly important to ensure the security and integrity of those devices.  With the right security infrastructure, companies can not only address the integrity issues but also facilitate new, automated context-aware applications and services.

With this “Internet of Things” connectedness, there is a dramatic change in the network landscape and the nature of emerging threats or security attacks upon it.  For instance, today’s malware including viruses, are spreading easier and more effectively than ever before.  The type and number of threats is increasing exponentially and attacks are becoming much more sophisticated, making them harder to detect and near impossible to remove.  It is estimated that the cost of malware and attacks to the industry is over $100 billion dollars a year.

 Companies need to better understand their device security options and address this changing threat landscape with the right security approach. But, how?

Software designed for PCs and servers simply cannot be repurposed and applied to the Internet of Things.  There are different and unique challenges such as scalability and automated provisioning that must be addressed with a new approach. For example, the use of digital certificates to tie a certificate identity to a device becomes more complicated. With devices, provisioning requires dealing with tens of thousands of connected heterogeneous devices. This is very different than dealing with hundreds or thousands of homogeneous PCs or servers.

Likewise, the anti-virus model that is pervasive on PCs simply will not work for other classes of connected devices.  Instead, a new behavioral-based approach is needed; one that is much more efficient, less memory and CPU intensive and can prevent zero-day attacks.  Device security should be able to detect in real-time if software on the device is not running the way it was intended to, with no false positives.

To truly protect devices, organizations must employ an extensible security framework that secures all aspects of device data access and communications in a standard way that, ideally, is designed and architected from the beginning for non-PC devices. The framework should include software that is resident on the device, plus offer capabilities delivered across the network.  Device security software must be high-performance to deal with voice, video and data applications on any connected device. It needs to have a small footprint because the majority of devices don’t possess excess memory or CPU resources.  Security software must also be asynchronous and event-driven so that it is able to process tasks in parallel to drive efficiency and performance of the device. 

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER