Monday Morning Impact – September 14
Dell Suggests Best Practices for IoT Security Policies
Dell has put a stake in the ground regarding security for the Internet of Things (IoT), outlining five suggested best practices for channel partners and service providers. Dell sees security as a vital opportunity through which partners can add additional value by helping customers assess, prepare and implement security measures necessary for effective defense.
“Resellers and their customers need to be careful about not jumping into a full-scale IoT program implementation without understanding the impact these devices can have on security,” said Curtis Hutcheson, executive director and vice president, Dell Security. “Organizations must carefully evaluate the myriad devices being implemented in their networks, as well as the surge of data coming to and from those devices and networks. Without proper preparation and ongoing management, the explosion of data stemming from IoT devices can overwhelm existing security infrastructures putting organizations at increased risk.”
Therefore, Dell is recommending five steps that can increase security while enabling executives, employees and customers to take full advantage of IoT devices:
1) Ensure data is secured and encrypted from the data center or the cloud to the endpoint and everything in between. Take a holistic approach that incorporates endpoint security, network security, and identity/access management. Be aware of the data device vendors collect. If they are collecting data on all of their customers, this consolidated data set may be a very attractive target for hackers.
2) Evaluate the IoT devices accessing and planned for access to the system. Understand what they do, what data they collect and communicate, who owns the data collected from the device, where the data is being collected, and any vulnerability assessments or certifications the devices have.
3) Understand the impact of IoT on network traffic in its current state. Do an audit to assess what is currently accessing the system, when does it access the system, what it does when it sees data, systems with which it communicates, and where the data is sent. This will enable an organization to reassess its network performance and identify any changes on an ongoing basis as additional devices are knowingly or unknowingly added or removed.
4) Engage a ‘no-trust’ policy when it comes to IoT devices. Ensure they are on a separate network segment or virtual LAN (VLAN) so they are not able to access or interfere with critical corporate data.
5) Recognize that the IoT will continue to evolve and change rapidly over the coming months and years. As such, it will be critical to ensure IT, security and network teams educate themselves about the latest devices, standards and issues. Be prepared for consolidation and emerging standards.
Channel Impact
Each of these five points represents an important discussion that partners must have with customers engaging the Internet of Things. For best results, consider various potential customer viewpoints and how you might answer – and solve – each of the issues they may propose, or need to consider, in advance of the discussions.
Webroot Introduces Toolkit to Assist Integrators with IoT
Webroot announced the release of the Webroot IoT Security Toolkit, which is designed to enable designers and system integrators to integrate cloud-based, real-time threat intelligence services and intelligent cybersecurity device agents into a variety of devices.
The toolkit leverages the company’s BrightCloud Threat Intelligence product to detect and classify and defend against potential online threats to virtually any class of next-generation device, gateway, server, or network element.
“As the world begins to unlock the potential of IoT devices and platforms, cybercriminals are deploying more advanced attacks to hijack critical applications inside edge devices,” said John Sirianni, VP of IoT Strategic Partnerships at Webroot. “Because the Webroot IoT Security Toolkit leverages real-time threat intelligence to protect deployed systems against cyberattacks, solution designers and integrators can meet the mandatory requirements for security and safety systems by ensuring that critical devices and systems operate as expected.”
The toolkit also features software agents that detect new and altered files or anomalous conditions and a cloud-based service that inspects and filters all incoming and outgoing traffic between devices and their control system over the internet.
Channel Impact
The Internet of Things can enable a wide variety of new services and capabilities, but it also opens up an even wider variety of possible attack vectors. Integrators who are working in this area will clearly need to build robust security into their value propositions.
Paessler Rolls Out New Partner Program
Paessler AG, a network monitoring specialist based in Germany, has unveiled a new partner program that now includes an upgraded deal registration process, rewards for marketing activities and an enhanced certification program.
The program, divided into four tiers (Platinum, Gold, Silver and Bronze), offers incentives for various marketing programs, discounts on licenses, upgrades, and renewals, and certifications at all levels, with increasing deal registration discounts offered as the levels progress. Partner levels are determined by a combination of sales volume and marketing activities.
In the new program, deal registration discounts of up to 25 percent apply and registered deals are valid for 90 days, as opposed to 30 days under the former program.
Channel Impact
The 90-day window brings the deal registration program in line with those of many first tier vendors in the IT industry.
Stay in the Know
Keep tabs on what’s happening in the channel and the impact it will have on the partner community by subscribing to Channel Impact communications.
Recent News
Search Buzz
Buzz Categories