Pulse Secure’s IoT Effort a Big MSP Opportunity

There is no denying that the internet of things (IoT) is having a disruptive impact on businesses today.

After all, enterprises are turning to IoT devices for everything from production line controls, to environment management, to physical security. In other words, IoT is making a difference and is here to stay. Silicon Valley-based Pulse Secure is focusing on the challenges that come with IIoT (industrial IoT) and is striving to bring solutions to the channel to ease the adoption of the technology.

Pulse Secure’s James Tolosa

“It has become critical to discover and profile IoT devices operating within a factory or building to secure those devices,” said James Tolosa, senior director of product marketing at Pulse Secure. “Only by identifying those devices can one hope to build policies that can secure IoT for local and remote access.”

Tolosa clearly points out that the adoption of IoT devices brings with it security concerns, as well as the potential to disrupt business in a more traditional sense.

Simply put, reliance on IoT solutions opens up businesses to a new category of threats, which can include theft of data and interruption of business operations. Those threats must be taken seriously, as evidenced by some recent attacks that took advantage of IoT:

• The production outage caused by the 2017 NotPetya ransomware outbreak cost pharmaceutical giant Merck more than $300 million in each of the third and fourth quarters. The massive ransomware bill Merck faced echoes the financial hits taken by other enterprises like Maersk and FedEx. They were among the most high-profile victims of the Petya campaign, which spread rapidly by utilizing the leaked NSA exploit EternalBlue, targeting Microsoft Windows systems.
• For the container ship and supply vessel operator, the Petya campaign required Maersk to reinstall 4,000 servers, 45,000 PCs and 2,500 applications. Losses of up to $300 million were reported.
• The same exploit was used to spread WannaCry ransomware, which caused horrendous disruption to the U.K.’s National Health Service (NHS) and French automaker Renault, which halted production in several of its factories. Some 200,000-300,000 computers were affected in at least 150 countries. The estimated damage caused by WannaCry in just the initial four days would exceed $1 billion.

Preventing those types of attacks and the latest attacks that are sure to rear their ugly heads takes proactive planning, best practices and the technology to prevent attacks in the first place.

Tolosa explained that many enterprises are turning to the ideology of “air gapping” systems, where systems are isolated from each other, as well as the internet.

“While it is a sound methodology that can prevent external attacks, it comes at a cost — one where devices must be managed on site and in person. What’s more, air gapping means that real-time data processing becomes an impossibility and also hampers functions such as business intelligence. AIr gapping also does little to prevent insider threats. If managing a device requires physical access, then physical access can become an infiltration point to spread malware.

Add to those concerns the lack of unified orchestration of IoT, and differing standards and protocols, and it becomes obvious that protecting IoT takes more than air gapping and simple policy implementation.

It is those issues, as well as several others that has led Pulse Secure to work with the channel to create a platform that brings discovery, policy creation, and enforcement to the world of IoT.

Earlier this month, Pulse Secure announced the release of Pulse Policy Secure (PPS) 9.0R3 to extend its Zero Trust Security model to IIoT devices and smart factories. The new version enables factories to …