Pulse Secure's platform brings discovery, policy creation and enforcement to IoT.

Frank J. Ohlhorst, IT Consultant, Editor-at-Large

December 18, 2018

6 Min Read
IoT Security
Shutterstock

There is no denying that the internet of things (IoT) is having a disruptive impact on businesses today.

After all, enterprises are turning to IoT devices for everything from production line controls, to environment management, to physical security. In other words, IoT is making a difference and is here to stay. Silicon Valley-based Pulse Secure is focusing on the challenges that come with IIoT (industrial IoT) and is striving to bring solutions to the channel to ease the adoption of the technology.

Tolosa-James_Pulse-Secure.jpg

Pulse Secure’s James Tolosa

“It has become critical to discover and profile IoT devices operating within a factory or building to secure those devices,” said James Tolosa, senior director of product marketing at Pulse Secure. “Only by identifying those devices can one hope to build policies that can secure IoT for local and remote access.”

Tolosa clearly points out that the adoption of IoT devices brings with it security concerns, as well as the potential to disrupt business in a more traditional sense.

Simply put, reliance on IoT solutions opens up businesses to a new category of threats, which can include theft of data and interruption of business operations. Those threats must be taken seriously, as evidenced by some recent attacks that took advantage of IoT:

  • The production outage caused by the 2017 NotPetya ransomware outbreak cost pharmaceutical giant Merck more than $300 million in each of the third and fourth quarters. The massive ransomware bill Merck faced echoes the financial hits taken by other enterprises like Maersk and FedEx. They were among the most high-profile victims of the Petya campaign, which spread rapidly by utilizing the leaked NSA exploit EternalBlue, targeting Microsoft Windows systems.

  • For the container ship and supply vessel operator, the Petya campaign required Maersk to reinstall 4,000 servers, 45,000 PCs and 2,500 applications. Losses of up to $300 million were reported.

  • The same exploit was used to spread WannaCry ransomware, which caused horrendous disruption to the U.K.’s National Health Service (NHS) and French automaker Renault, which halted production in several of its factories. Some 200,000-300,000 computers were affected in at least 150 countries. The estimated damage caused by WannaCry in just the initial four days would exceed $1 billion.

Preventing those types of attacks and the latest attacks that are sure to rear their ugly heads takes proactive planning, best practices and the technology to prevent attacks in the first place.

Tolosa explained that many enterprises are turning to the ideology of “air gapping” systems, where systems are isolated from each other, as well as the internet.

“While it is a sound methodology that can prevent external attacks, it comes at a cost — one where devices must be managed on site and in person. What’s more, air gapping means that real-time data processing becomes an impossibility and also hampers functions such as business intelligence. AIr gapping also does little to prevent insider threats. If managing a device requires physical access, then physical access can become an infiltration point to spread malware.

Add to those concerns the lack of unified orchestration of IoT, and differing standards and protocols, and it becomes obvious that protecting IoT takes more than air gapping and simple policy implementation.

It is those issues, as well as several others that has led Pulse Secure to work with the channel to create a platform that brings discovery, policy creation, and enforcement to the world of IoT.

Earlier this month, Pulse Secure announced the release of Pulse Policy Secure (PPS) 9.0R3 to extend its Zero Trust Security model to IIoT devices and smart factories. The new version enables factories to …

… streamline machinery repairs and diminish costly production downtime through IT-managed secure access. It also secures factory networks by expanding its behavioral analytics to IoT devices, detecting anomalies and preventing their compromise.

“Manufacturing customers are using IoT to retool their factory floors, creating smart production lines that report their health and operational efficiency. One benefit of this approach is that customers can proactively perform preventive or predictive maintenance on machines to avoid costly production outages,” said Prakash Mana, Pulse Secure’s vice president of product management. “Our latest Pulse Secure release helps customers not only secure the smart factory floor, but it also helps streamline their maintenance activities by giving service technicians remote access to the equipment they maintain. Regardless if they are on the factory floor or in their remote office, our Zero Trust Security limits technician access to the equipment they maintain and requires that they use secured end-user devices to perform their work.

“PPS 9.0 enhances security for managed and unmanaged IoT devices with new behavioral analytics that utilize user and device traffic patterns to detect compromised IoT devices,” added Tolosa. “PPS 9.0 Behavioral Analytics builds baseline behavior profiles for IoT devices by collecting and correlating NetFlow, user and device data. Profiled base behavior is used to detect anomalous device activity, malware infections and domain-generation attacks. Once detected, alerts are automatically generated so that security teams can proactively isolate and mitigate the detected issue.”

Therein lies the opportunity for MSPs. Small and medium enterprises (SMEs) often lack the resources and expertise to properly secure IIoT and IoT platforms, meaning they must turn to a solution provider to take on the role of securing IoT. As more businesses adopt IoT platforms, the needs of security will increase. For MSPs, that can only be good news.

“Some of our customers operate among the manufacturing and transportation industry’s biggest and most distributed internet-connected device deployments. These IIoT networks help our customers gain real-time system diagnostics, reduced downtime and overall lower operational costs,” said Kirk Hanratty, vice president and chief technical officer at IT security and solutions company SynerComm. “For these and other customers, IIoT drives their business where assuring availability and secure access throughout an IIoT infrastructure is paramount. We have found Pulse Secure’s platform to offer our customers the usability, interoperability and reliability necessary to support large scale IIoT applications.”

Research house GrowthEnabler predicts that the IoT market will grow to $8.9 trillion in 2020, attaining a nearly 20 percent compound annual growth rate (CAGR).

The latest features of Pulse Policy Secure 9.0 are available on physical or virtual Pulse Secure Appliances (PSA). Existing customers with PSA appliances under PPS subscription or software maintenance can readily upgrade at no charge. PPS on a virtual appliance with a three-year subscription starts at $31,000 MSRP for 500 concurrent connections. Pulse Connect Secure customers can cost-effectively extend their VPN investment to include network visibility, access control and mobile security with the Pulse Access Suite, the company said.

Pulse Secure will host a webinar on Jan. 8, 2019, for those interested in learning more on the topic.

Read more about:

MSPs

About the Author(s)

Frank J. Ohlhorst

IT Consultant, Editor-at-Large

Frank J. Ohlhorst is an award-winning technology journalist and technology analyst, with extensive experience as an IT business consultant, editor, author, presenter and blogger. He frequently advises and mentors technology startups and established technology ventures, helping them to create channel programs, launch products, validate product quality, design support systems, build marketing materials, as well as create case studies and white papers.

Mr. Ohlhorst also has extensive experience assisting businesses looking to launch analytics projects, such as big data, business intelligence and resource management. He also has taken on contract roles as a temporary CIO, CTO and data scientist for startups and new ventures. Mr. Ohlhorst also provides forensic services for data security and assist with compliance audits, as well as researching the implications of compliance on a given business model.

Mr. Ohlhorst also has held the roles of CRN Test Center director, eWeek’s executive editor, technology editor for Channel Insider, and is also a frequent contributor to leading B2B publications.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like