IT/IoT Security Requires Fundamental Change
Core processes make security discussions complex. In the early development of network security, there was virtually no security, until arpanet progressed to limited security with TCP/IP (no native security) to complex implementations on top of TCP/IP in an attempt to manage our networked/cloud economy.
Security issues are growing in complexity as different types of attacks and vulnerabilities appear. The vast majority of communications are built upon TCP/IP protocol therefore our security infrastructure is inherently flawed.
A focus on the vulnerabilities rather than the inherent communications infrastructure weakness means the problems will persist and grow until a new strategy is adopted.
The Gartner Group 2018, detailed the protection hierarchy which is a good illustration showing the complexities of security implementations.
Source: Guardicore – https://www.guardicore.com/blog/learning-from-the-equifax-data-breach-cyber-attack/
Hiding as a Security Trend
Virtual LANs (VLANs) are used to hide devices by using parallel addressing. Virtual Private Networks (VPNs) are used for remapping. Servers are virtualized to hide and optimize hardware usage. Gateways hide devices behind a firewall while creating secure connections to another service. Abstracting or hiding from users seems to be a growing security strategy.
Smart Talk Beacon is a software-defined network (SDN) that hides devices, organizations, and users within impenetrable protective meshes. Only mesh members with permission can communicate with one another.
A Beacon mesh is a collection of peer devices owned by an organization or legal entity. Peer devices communicate with each other and with a server cluster. Meshes can be small or large based on an organization’s needs. Mesh devices securely operate within a network, between networks or on the open internet. Beacon mesh networks are secure.
Beacon’s architecture supports a distributed control/backup server cluster. Devices are aware of peers and servers, meaning they communicate peer to peer and peer to server. Servers, devices, users, and businesses protect one another from intrusions independent of location.
Mesh devices are smart; they are both a gateway and relay agent for other devices. They talk to each other and protect each other independent of location. Devices can be on different networks, subnets, or simply on the internet.
A Beacon mesh defines access, operation, and supports processes independent of the network architecture, thereby maximizing the security of operations. Smart devices work closely with a host server cluster to maintain mesh integrity. Devices have independence and relationship between one another and servers.
Heterogeneous Device Implementation
Beacon is device agnostic.
Beacon is easily implemented on any Linux device and can be adapted for specialized implementations. Beacon adds security, inter-device operations, management, monitoring, and support functionality, without diminishing device design functionality.
This means different devices, from different manufacturers can interoperate on different levels such as:
- Protecting one another
- Share information
- Share functions
- Share support services
Most important, Beacon agents are easily implemented and are provided free of charge.
Operations Monitoring Centers
Security solutions have been trending toward integrating operations, management, and support. Operations centers are focusing on AI and learning engines for QoS and efficiencies. Cloud services are making this process more challenging in some ways and simpler in others.
Smart Talk Beacon is more than an SDN because it includes network monitoring, user management, access control, physical access, inventory management, and support management to name a few solutions. Devices and servers can identify and solve most issues because they can securely communicate with one another to share important information and functions.
Smart protective agents work together to identify threats such as malicious behavior by users, devices, or servers. Once a threat is identified, mitigating action is taken by devices and servers in the form of an alert to other servers, devices, and monitoring services. Malicious devices, servers, and users are removed from operations when identified as problematic. Self-healing properties of the health ecosystem make this possible.
Unauthorized access attempts are identified, tracked, and reported. The IP address of the intruder can be blocked by a device or router firewall permanently or for a defined time period.
The trend toward centralized management and control has been important for deal with the growing complexities in large organizations and for cloud computing. By bringing together server, user, application, and network monitoring processes, issues can be identified and resolved. Edge processing must be integrated into the control management processes. The effectiveness of a support process must be measurable using a metric such as quality of service (QoS)
Quality of Service must be Measurable
The goal is to improve monitoring, management, operations, and support. The challenge is how to measure the quality of service. Determining QoS is not a simple task when dealing with different organizations, information types, different needs, and complex data interactions. AI and learning engines deal with complex analysis. Learning engines help with identifying malicious behavior, abnormal user activity, and unexpected telemetry.
Advanced IoT implementations produce a lot of information with complex interactions making it difficult for staff to understand system behaviors. AI identifies trends and abnormalities in large amounts of data but human involvement often reduces accuracy.
Data quality, quantity, and reliability are required for high QoS outcomes. Allowing devices to deliver real-time telemetry, senor information, network connection information, and functional information is important for effective issue identification. Analysing information with the appropriate AI solutions automates alerts and notifications. QoS metrics, in an IoT environment, must include an array of quality data sets to be analysed for accurate issue resolution. Determining a business’s ideal outcome is the basis of comparison for measuring one QoS.
Beacon mesh telemetry includes detailed network telemetry, device sensor telemetry, function telemetry, and server telemetry. In an implementation of 10 devices, there are 10! (factorial) potential connections pathways (3,628,800 options). By gathering and analysing available data points, we paint a powerful picture of mesh activity.
A learning engine based on information from the manufacturer (usually included in the device) and users make it possible for issue resolution to be completed effectively in a timely manner. Knowledge bases are tools for users to resolve complex issues more efficiently. Access to the appropriate knowledge anywhere and anytime is key. Issue or error specificity is required for error resolution. Beacon’s learning engines are device model and error specific and based on manufacturer specification as defined by the device so that issues are resolved quickly and effectively.
Networks are Complex Ecosystems
QoS processes such as the gathering of device telemetry, network telemetry, sensor telemetry, user telemetry are included in a Smart Talk Beacon Health and Support Ecosystem. The term ecosystem best describes this approach to dealing with a set of complex requirements and outcomes. The biological term is defined as a complex of living organisms, their physical environment, and all their interrelationships in a particular unit of space. (Encyclopaedia Britannica)
An IoT ecosystem includes devices, servers, networks, and users. Determining the health of these components involves individual units, interactions between units, and interaction of the units within the ecosystem itself. Physical, functional, and network component data sets must be captured and measured are used for intrusion detection, malicious behavior, and compromised system detection.
Malware, attach vectors, and intrusion techniques
Elevation of Privileges
Malicious or negligent insiders
Mobile device threats
Man in the Middle
DoS and DDoS
Unknown software vulnerabilities
Real-time, historic, static, user-defined, and functional information is gathered from devices, servers, and users to provide high-quality, large volume, and reliable data sets.
The result is a high degree of confidence in the AI results leading to quality solutions and resolution of issues in a timely manner. Beacon is an integrated solution for securing, managing, monitoring, operating, and supporting IoT implementations.
Defining Ownership is the Future of IoT
Today’s cloud implementations restrict the true power of IoT by limiting business control processes. Two of the major control issues are as follows:
Definition of owners
If you buy a car, you can choose who drives the car. You can choose who fixes your car and you can choose who has keys to the car. You control all aspects of the car’s operation.
In most cloud implementations you have an account(s). You assign user access and permissions to user accounts. How the device is managed depends on the provider along with access to data and information based on operation policies defined by the provider.
With Beacon, owners have an independent account.
Owners define relationships between other owners, devices, and users to increase operational independence. Owner policies and permissions define operations. Devices have policies and permissions. Users have policies and permissions and businesses have policies and permissions.
The relationship between users to devices and devices to devices within the protective mesh is defined by owner policies as opposed to provider policies. In addition, owners are legal entities and as such, make agreements with other legal entities based on business agreements.
An agreement defines each business’s relationship for device access, information, and operation sharing. Policies and permissions define the relationships between legal entities as they do for individual device relationships.
This better reflects the real world of business as found in a distribution or support channel.
Device assignment and sharing
Devices are registered to an owner (entity). The owner has total control over device operations, as defined by business, and is related to the device’s purpose and functions. This includes peer assignment and function control.
Devices can be shared with other entities outside one’s mesh through legal entity agreements. Device owners retain complete control over their devices. Shared device operations are based on assigned policies and permissions.
This means devices in 2 meshes can be shared between different entities for the purpose of operations, support, and information sharing. This includes function triggering between devices in different meshes.
A set of cameras owned by company A can be shared by company B for the purpose of video management and monitoring. A third company C has the right to provide technical support related to onsite issue resolution based on location. Here you have 3 companies involved with optimizing operations and the owner is not compromised or restrained related to ownership. A 4th company D can request company A to have a camera trigger a function to be sent to company D’s lighting system to deter intruders.
Beacon is hardware and network agnostic therefore inter-device operations are easy to implement.
Know your inventory and manage your inventory.
Scan for shadow devices.
Review which security applications should run in the cloud
Implement “shift-left” security practices
Analyze which security efforts can be automated
How and Why
Inventory management includes updates, activity monitoring and security risk analysis.
Identify potential device threat devices
“At the same time, cloud connections can significantly increase the risk of exposure or data breaches because they open up a closed-loop system to allow access from the outside by connecting to the cloud.”
“Shift-left” refers to the practice of moving security to the earliest possible point in the software development process.”
“With the ongoing rapid development of AI, several traditional security solutions are being supplemented by Machine Learning capabilities to deliver better and often faster outcome.”
Data privacy is becoming increasingly important for business and private protection. Traditional permissions and policies systems poorly adapt to the requirements of the General Data Protection Regulation (GDPR).
The relationship between data, function, and users needs to be changed to include the role, data, function, policies, and permissions. Beacon access to any data is based on the reason an individual needs to see data and functions driven by policies and permissions. This means data access is granted based on purpose and need.
For example, Support staff does not have access to any device or data until:
- A device generates an error(s) requiring support
- The errors are sufficient in severity to generate a trouble ticket
- Regional, technical, and time requirements are matched to the device type and regional assignment of individuals to the trouble ticket
- Data and device access granted as long as the device is in error. Once the trouble ticket has been resolved, all access to the device and related operational, historical or present data access is removed.
Data privacy is a core security issue requiring strict access management as provided by Smart Talk Beacon.
A Secure Network Protocol Makes Life Easier
Building security into a mesh network eliminates many security risks such as network discovery, unauthorized communication, intrusion identification, and malicious behavior while limiting attacks such as DoS attacks.
Network devices and servers are empowered with the ability to detect issues, validate issues, and respond to issues through peer interactions such as the reporting of malicious behavior to peers and servers and the rejection of communications from malfunctioning devices or servers. User behavior, access, and actions are monitored to minimize and eliminate user threats.
An integrated security solution includes monitoring, management, operations, and support to ensure issues are identified and resolved as part of a best practice strategy. QoS relies on the quality, quantity, and integrity of data measured against perfection. Automated processes are required to resolve issues for complex IoT implementations. The remaining issues require a knowledge base with error-specific information for support agents and field representatives to make informed decisions.
Distributed server clusters support public, private, hybrid, and stand-alone implementations for optimal performance and implementation flexibility. Beacon distributed servers work as a cluster of primary servers. All servers are hot with complete operational knowledge. Devices communicate with servers based on availability and operational requirements and as such, servers monitor one another to ensure duplication and compliance. Failover, replication, and disaster recovery are inherent to the Beacon protocol.
Ownership and control are required to free IoT devices from the constraints of today’s cloud implementations. Owners must control all aspects of their implementations including who, what, and why access to a device, information, and functions are granted.
Smart Talk Beacon makes it possible for an organization to:
- Secure devices anywhere and anytime.
- Define and control business relationships
- Share devices while retaining total control over said device
- Greatly improve the QoS related to operations, management, monitoring, and support.
- Devices can securely work together as needed.
Smart Talk Beacon is a disruptive technology because it fundamentally changes the way IoT devices communicate and operate on networks.
Protect your future with Smart Talk Beacon. In a world where devices can be anywhere, be shared, and be supported, these new solutions are required.