Tag Archives: IoT

Improve your IoT security.

Make IoT Efforts Worthwhile with IoT Security

Improve your IoT security.The biggest problem in Internet of Things (IoT) networks is just what makes them so powerful. IoT networks depend on dozens, even hundreds, of small devices that relay information back to a central point. The devices have to be simple; if they were complex they couldn’t be so easily deployed. The simplicity involved means that protection sometimes suffers, so the proper use of IoT operations comes with a clear focus on IoT security.

IoT Security Makes a Porous Network More Resilient

Shoring up that porous network can be a lot simpler than some might expect.

Consider regulations. Your customers may already be working under a set of regulations that dictate security measures to take. Generally, these will cover what’s needed for IoT security since that same data needs to travel the network covered by regulations.

Check your passwords. Let your customers know that proper network security starts with good passwords. Ensure the passwords in place use mixes of letters, numbers and symbols, and also consider the use of multi-factor authentication, like using a text message to an employee’s cell phone or the like.

Never use the stock password. If a device comes with a password, your customer should change it immediately. Hard-coded passwords can be used by outsiders, and by making a change as quickly as possible during installation, that improves the chances of keeping outsiders out.

Don’t leave everything on. Some IoT devices come with features that aren’t really necessary, and some of these can be used to circumvent security. Shut off automatic connection or buttons that allow password changes.

Consider your traffic. Your customers should check the software ports on your IoT devices; if they’re not already blocking incoming traffic, be sure those ports are restricted. Also suggest that your customer consider the use of a virtual private network (VPN) to further mask traffic.

Look into encryption. So much of security is about keeping outsiders outside, but why risk data security on that all-or-nothing ploy alone? Using encryption to protect data allows companies to get the best of all worlds. While perimeter defense works to keep hackers out, encryption makes their efforts ultimately fruitless.

Getting Started with IoT Security

IoT benefits are wide-ranging, but IoT security is vital to making sure your customers get the most out of the system without leaving themselves wide open to outside intruders. Learn more about IoT security by getting in touch with us at MicroCorp. We have a wide range of solutions available, including a complete slate of complex network solutions that includes over 80 different carrier and service providers.

SD-WAN answers many of the challenges posed by security that demands a higher focus on networks.

SD-WAN Offers Answers to Network Security Problems

SD-WAN answers many of the challenges posed by security that demands a higher focus on networks.Enterprises often take a layered approach to security, deploying solutions for network, compute and application. With so many solutions increasingly being network-centered, such as Internet of Things components and cloud technology, many organizations are recognizing the need for a network-focused security strategy. In many cases, software-defined wide area network (SD-WAN) is able to address the challenges of network security.

Networks are the area to which there’s been the most change in recent years, so it makes sense that security is more advanced in this realm. Here are five recommendations for implementing secure SD-WAN:

  1. Add encryption to your WAN transport. When they choose SD-WAN, companies have access to low-cost broadband and can encrypt all Internet flow to each site without the need for administrators to make manual configuration changes to routers after each change to the network. It’s also important to note that SD-WAN is more secure than most private IP services because there can’t be a breach to the data even if the carrier network is threatened.
  2. Make sure your cloud connection is secure. It doesn’t matter how secure your client’s public cloud service is, whether they’re accessing Amazon or Salesforce. Every time they transfer sensitive data over the Internet to get to the cloud service, it’s an opportunity for a security breach. The SD-WAN provider may offer granular Internet breakout so that your client can distinguish between security mandates to move traffic through particular secure gateways. They’ll also have next-generation firewalls stationed at your branch or in the cloud or data storage center. All of the inherent risks associated with cloud solutions is mitigated by SD-WAN.
  3. Cover local branch security. Each of your client’s branch offices will require security, especially in cases where there is direct Internet access. The cost of buying and configuring physical appliances for each site can be prohibitive, and this method requires an engineer to travel to each site. SD-WAN allows your client to deploy VPNs, firewalls or WAN optimization from a central location by using network functions virtualization. This makes it convenient to provide security coverage for each branch location.
  4. Meeting requirements for compliance. The rules governing healthcare and financial services, including HIPAA or PCI data security fit perfectly with SD-WAN technology. SD-WAN allows the enterprise to create virtual overlays to segment applications traffic.
  5. Create secure segmentation. Segmentation allows the IT team to isolate applications traffic for security purposes or to work with specific performance requirements. While legacy networks could do this, it was time-consuming and challenging. Segmentation with SD-WAN allows for consistency of configurations and best practices defined and enforced through business intent policies.

With security becoming a growing IT cost, MicroCorp anticipates more customers selecting an SD-WAN technology to create a secure and manageable cloud-based environment. As the demand for more agile, cloud-based WAN-technologies accelerates, we continue to provide focus to the variety of WAN technologies available. Contact us today to find out the best solution for your business.

Disaster Recovery

The Increasing Importance of Disaster Recovery Planning

Disaster RecoveryHow secure is the cloud, and how much need is there to have a disaster recovery plan? These are valid questions as the Internet of Things (IoT) comes into full bloom and the world becomes increasingly digitized.

Recently, an outage of Amazon Web Services (AWS) brought some attention to cloud disaster recovery. For companies running critical systems in the public cloud, this outage made them more aware of the potential for problems. However, despite the human error that led to this outage, a public cloud infrastructure still has advantages to on-premise data centers. At the same time, cloud IT services aren’t impervious to issues, which is why it is critical to have a disaster recovery plan in place.

Whether you’re a company as large as Amazon, or a mom and pop startup operating in the cloud, you need to focus on business continuity and disaster recovery options. These strategies, when properly implemented, will help you protect your data.

Your strategy should center around backing up data at multiple, geographically disparate locations. Should a natural disaster occur and several data centers are wiped out, the data will still be available from a location that is far removed from that natural disaster.

The loss of data can come at a great expense for your company. Take British Airways as an example. The company experienced a computer failure that resulted in losses estimated around $200 million. The damage to the British Airways brand was significant as passengers around the world were left stranded. While the company continues to blame a power surge for the problem, it’s rumored that the fault was actually with a back-up system that was supposed to provide uninterrupted power to the computer system.

While cloud-based systems are most often a better choice than on-premise solutions, it’s not always the right answer in every situation. Cost for long-term use can be prohibitive for some organizations. Also, due to a shortfall in qualified individuals working in cloud infrastructure, security is sometimes suspect. While it’s true that some cloud types offer better security than others, organizations give up control over too much of their data in many cases.

At MicroCorp, we are a master agent that takes cloud security and disaster recovery very seriously. With many years of experience in offering multi-layer support services, we have our agents and their clients covered. Contact us today and let’s discuss how you will maintain control over your data while experiencing top-notch business continuity and disaster recovery efforts.

Hacker

Preparing for Today’s Generation of Ambitious Hackers

Make sure your cyber security strategy will protect your business against today's hackers.Online businesses are increasingly improving against their brick-and-mortar counterparts. With this success, however, has come a whole new threat: the rise of a cyber attacker who isn’t showing much restraint, even for the biggest targets.

Hacker Ambition on the Rise

In just the last couple years, hackers have been seen going after targets that even five years ago might have been unthinkable. While retail store breaches were standard fare, new cyber attackers pursued online banks, and some evidence suggests that hackers may have even targeted the 2016 U.S. Presidential Election, though to what extent is unclear.

The growth of the Internet of Things (IoT) has emboldened some hackers, who in another incident used connected devices as part of a massive botnet of semi-autonomous connected devices to engage in distributed denial of service (DDoS) attacks that shut down websites.

Surprising Weaknesses Appear

Perhaps the good news in the current hacking-filled environment is that it reveals just how insecure networks really are. Stolen credentials are only the beginning, and lower-tech attacks do plenty of damage as well. Business email compromise–essentially just highly-targeted phishing operations–caused $3 billion in losses over three years, according to Symantec.

More Cloud, More Problems

Perhaps worst of all, companies are contributing to their own downtime through everyday business processes. The growth of the IoT is putting more potential points of access into play, and many of these are poorly secured thanks to a faulty perception that a connected device is a low-value target. The device itself may be, but the network that it’s connected to is of much higher value.

Symantec’s reports were grim on this front as well; attacks on IoT devices doubled throughout 2016, and at the worst of it, there was one attack every two minutes on an IoT device. Increased movement to cloud-based systems was likewise bringing out fresh targets of opportunity for hackers.

Eternal Vigilance Is the Price of Liberty…Online

So what can be done? Proper security must be observed at every turn, even when doing so seems inconvenient or cumbersome. Furthermore, the tools to protect security must be improved; after all, tools that cause as many problems as they prevent aren’t worth using.

Tools like those found at MicroCorp can be a great start toward a process of continuous security improvement, helping users better protect systems against outside intrusion. It’s a project that requires everyone’s cooperation, from the end user to the security developer, and one that makes us all safer. For more information about how MicroCorp can help secure your business, contact us today.