April 15, 2026
image
Home Security Services Archive by category Cyber Security (Page 4)

Cyber Security

New data center security tech for integrators to utilize

Data centers are like many mission-critical facilities, overwhelmed by an ever-increasing volume of data generated by many siloed safety and security systems. While all these systems provide valuable information, the sheer volume of unfiltered and uncorrelated inputs results in data “noise” that drowns out what’s essential and overloads operators.

By Prasanth Aby Thomas, asmag.com

“Today, more data centers are implementing situational awareness platforms that allow operators to focus on critical insights and execute the necessary actions to help protect what matters most,” explains Alan Stoddard, President of Cognyte Situational Intelligence Solutions. “These types of technologies identify the data needed to protect an organization’s most significant assets — in this case, network infrastructure — and are also part of the power of the intelligent security operations center.”

Additionally, the data visualization framework empowers security leaders to present historical data from systems into a live dashboard. With this type of centralized, real-time view, security teams can transform the way they track, visualize, analyze, and reach their security goals.

Focus beyond the data in data centers

 Data centers should consider deploying the same types of countermeasures that you would in any mission-critical facility, such as multi-factor authentication, anomaly detection, identity management, access control, and video surveillance.

But John Rezzonico, CEO of Edge360, points out that often the focus is still on the data security side. If the same protocols in establishing cybersecurity measures were used across physical security, these facilities would be better prepared to protect physical assets from threats.

“It’s also crucial for data centers to closely evaluate their video management platforms to ensure they can scale as risks and needs evolve,” Rezzonico said. “New VMS solutions today are built on modern IT infrastructure and containerization. A containerized system leads to better security because full-application isolation makes it possible to set each application’s primary process in separate containers. This also provides ease of maintenance and sustainment across an enterprise, which is more important when maintaining critical systems remotely.”

Physical security without compromising cybersecurity

While physical security integrators do need to look beyond data to get their work done, this should come at the cost of cybersecurity. In fact, ensuring both physical and cyber security with equal importance should become a prerogative for integrators because of the interconnected nature of modern devices.

“Security integrators need to ensure the vendors they are working with follow a security-first strategy when developing physical security systems,” Stoddard said. “Manufacturers should be providing physical security products that are cyber secure and tested regularly to ensure optimal compliance. This is non-negotiable in today’s evolving risk environment.”

Cyber security and physical security go together, and integrators need to know how to consider the impact of both physical and cyber breaches as part of their deployments. They must invest in understanding both sides of the security equation to deliver comprehensive service to mission-critical businesses like data centers. If not, they are opening the door to risk.

What integrators should know

Worldwide IT spending is projected to total $4.5 trillion in 2022, an increase of 3 percent from 2021, according to the latest forecast by Gartner. Spending on data center systems is forecast to experience the strongest growth of all segments in 2022 at 11.1 percent. This suggests the potential growth for physical security in this segment.

But while data centers offer a great business opportunity for security systems integrators, they need to make the customer realize its relevance. It’s essential for security integrators to work closely with the customer to make sure they know the considerations that need to be completed and the requirements for physical security within these complex environments.

“If integrators cannot teach the customer why they need to deploy the protections necessary, they shouldn’t be working within the data center market,” Rezzonico said. “To be truly successful in this market, integrators must understand the needs of the market and facilities as it relates to physical security and the customer’s complete business strategy.”

In short, to take advantage of the demand in this sector, integrators must have a clear understanding of the market and should be able to impart this knowledge to the customer. There are a number of solutions at their disposal for data center projects, but working with the unique requirements of each customer would prove to be the key.

Data centers often receive more attention for cybersecurity because of the nature of the assets they hold. While this is important, it leaves the physical side of things vulnerable to theft, robbery, and vandalism. Post the pandemic, this has become an even more critical issue because of the increased amount of data entrusted to these places.

The seriousness of the situation is not lost on most major data center managers. A quick search on Google for data center physical security would throw up specific pages on how AWS and Microsoft Azure protect their sites. That these companies feel the need to explain the measures they take indicates the severity of the matter.

But the biggest challenge in protecting data centers is the rapid pace at which they grow and evolve. Integrating physical and logical systems in such a dynamic environment requires careful consideration of various factors and optimized strategy. Asmag.com spoke to some of the top industry professionals to understand the biggest threats to data centers and how integrators can go about protecting them.

Major threats to data centers

Most data centers focus on software and implement data security tools such as firewalls to identify and mitigate cyber threats. But the need for the physical security of these facilities is paramount. A breach in physical security can lead to data theft and cause breaches that compromise data security.

“With the increasing threat of cyberattacks and natural disasters, we must work to ensure the security of data centers to protect intellectual property, ensure compliance and maintain security and resiliency standards to keep these facilities safe,” said Alan Stoddard President at Cognyte Situational Intelligence Solutions. “Additionally, we must be cognizant that data centers are evolving. The increased deployment of cloud-based and edge data center facilities will increase the demand for physical security solutions in the coming year.”

But perhaps the real problem now is not the lack of technology to protect data centers but the lack of its appropriate use. John Rezzonico, CEO of Edge360, pointed out that the lack of timely upgrades and maintenance is a major cause of concern.

“Data centers typically have many physical security devices in a small space or area, which can be challenging to manage,” Rezzonico said. “On top of that, many data centers establish security systems and then allow physical security software, like video management platforms, to become outdated. But this fact must change: As more businesses shift to remote work and the storage of critical data via the cloud and within these data centers expands, the need for solid security in these facilities is growing, and protecting them becomes more critical.”

It’s also important to note that the focus for these facilities has primarily been on protecting the network, which means physical security programs have taken a back seat. But the protection of the brick-and-mortar facility is just as, if not more, important as ensuring captured data is protected.

Checklist for data center physical security

Data center security should follow a specific formula for protecting assets, with the idea of concentric circles. The outer layer represents perimeter security; the next is the hardening of the facility itself and preventing unauthorized access.

Next, security leaders should focus on securing the racks where the data and servers are stored. Finally, there must be another added layer of security around the controls for those server rooms to prevent any bad actors from accessing them.

“At each level, there needs to be a standard amount of physical and cyber security protection, which should be common practice across data centers, whether public, private, co-located, or on-site,” Rezzonico said. “The same policies and methodologies should be applied no matter the size, type of data center, or location. Still, they are often not, creating a facility that lacks the proper security measures for protecting critical data.”

Stoddard agrees that the best way to secure a data center is to manage it in layers. A multi-layered approach best supports proactive planning and makes identifying and mitigating a failure or breach easy. Here are some best practices that he suggests to consider:

1.Conduct regular audits: Internal audits ensure that systems and processes are working as intended. Audits should check for vulnerabilities in the data center facilities as well as across systems and devices.

“Access control systems, video surveillance cameras, and electronic locks must be checked to ensure proper function,” Stoddard said. “Security leaders should also continually assess whether a change in personnel calls for an update in the procedures and systems.”

2. Strengthen situational awareness: Any facility requiring extra protection, like a data center, should adopt an intelligent security approach. Funneling all data and systems into one centralized platform provides a higher level of oversight over security and operations.

3. Establish redundancy: Avoid the opportunity for downtime or system failure that results in a shutdown by creating redundancy across your data center operations. Data center failures can be prevented with proactive planning, testing, and awareness.

4. Enhance video surveillance: Video systems should be comprehensive and cover indoor and outdoor areas. Additionally, 24/7 video monitoring is critical to helping identify potential anomalies before they become more significant issues. Security guards can also be an essential component in augmenting technology.

5. SOP updates: Standard operating procedures need to be evaluated and tested regularly. This process also includes refresher training on the emerging or new security measures that need to be followed. Because risks are changing and evolving rapidly, regular checks of existing processes and procedures are recommended.

Conclusion

The technology needed for physical security at data centers is not complex. But what is often not up to the mark is the maintenance and operation. Steps like regular audits and SOP updates that Stoddard suggested highlight this concern.

In the coming years, we will likely see the number of data centers increase worldwide as more customers become aware of the importance and convenience of cloud-based solutions. This means more opportunities for physical security systems integrators. While challenges are a concern, it presents new growth areas with the right approach.

Computer Vision Is Transforming the Transportation Industry

Computer vision is helping to reshape the transportation industry at every level from streamlining the passenger experience to preemptive fleet maintenance to fuel optimization. As the transportation industry continues to evolve, converging technologies such as 5G and powerful edge compute will enable the next generation of prescriptive and adaptive data-driven outcomes benefiting passengers, the industry and sustainability.

Byline: Wayne Arvidson, Global Director, Market Development and Strategy, Dell Technologies

Whether moving people or goods, transportation environments are in constant motion. Railways, airports, cargo ships, and public and private transportation are complex use cases for computer vision. They require real-time situational awareness, based on the analysis of many different data points, which taxes compute and storage resources at the edge—defined as where the physical world meets the data world.

The challenge is being met using a real-time federated approach with scalable, high-performance hyperconverged infrastructures (HCI), allowing organizations to capture and process large amounts of data at the edge, and provide real-time insights. The results, not the actual data, are then sent back to a centralized location for re-training of the analytics model which then is pushed back out to all edge locations, thus delivering better quality insights in near real-time.

Although computer vision has not yet been widely adopted industry wide, transportation organizations that have invested are realizing gains in terms of safety, customer experience, operational efficiency, sustainability and revenue generation, and are looking to take advantage of further advances in technology in the future. Automation and touchless processes integrated with computer vision greatly enhance transportation services as well.

Collectively, this has a big impact on adopters, especially when organizations are hard-pressed to maximize profits amidst rising costs and reduced resources.

 What transportation industry challenges are addressed or resolved with computer vision?

 All facets of the transportation industry have seen tremendous loss in revenue and resources over the last few years. As the economy began to turn around, public and private transportation organizations were under pressure to rebound with lower budgets and labor shortages, spurring efforts to find ways to be more efficient.

In addition, safety is a key requirement across rail, water, air, and roadways, often requiring split-second decisions that can often be enhanced by machine learning. And predictive maintenance, where parts are replaced before equipment and vehicles break down, is extremely valuable to operations but often difficult to do well due to the number of variables involved.

In any of these situations, different data points can be ingested once, and analyzed for multiple uses. A security infrastructure can provide a foundation which captures audio and video data, and data from IoT devices, which the computer vision system then combines and analyzes, producing insights that can be used to positively impact safety, the customer experience, operational efficiencies, sustainability and revenue generation.

How can computer vision improve passenger, personnel and facility safety?

 A significant part of passenger and personnel safety is to ensure that the facility and equipment itself is physically secure. Through the use of cameras and sensors, computer vision enables more precise inspection of passenger baggage and cargo.

Certain types of behaviors or objects can also be monitored. Electronic devices, such as smartphones and laptops, each have a unique MAC address. Airports today can capture device MAC addresses to track devices throughout a facility. When combined with data from sensors, those devices can be automatically tracked and decisions made in real time. If an unauthorized person enters a secure area, security personnel are alerted to take immediate action. Computer vision systems can also determine how many people are in a location, for example if an evacuation is necessary.

Examples of computer vision affecting the customer experience

 An important focus of airports is to get people through the facility as quickly as possible. Part customer experience and part operational efficiency, computer vision with artificial intelligence can improve queue management by proactively determining when to add customer service personnel to an airport check-in counter or open another security line.

The touchless passenger experience is also gaining traction, which aims to minimize time from curb to gate while enhancing the passenger experience throughout the journey (Figure 1). For example, passengers could be automatically checked in upon arrival, prechecked to walk through security, be alerted to gate changes, order a coffee that’s waiting at the shop closest to the gate and use frictionless boarding. This scenario is possible through the correlation of data, with the computer vision system making the decision that you are the correct passenger.

 

Figure 1. Use of computer vision to streamline the passenger experience

We briefly mentioned the value of predictive maintenance to organizations; it also has a considerable impact on fuel consumption and costs, and can reduce an organization’s carbon footprint. Cameras and thermal vision technology are used to visually inspect vehicles for wear and tear, and when integrated with IoT sensors, can more accurately identify parts that should be replaced.

Airports can use computer vision to greatly increase the efficiency of ramp operations and plane turnaround. The system monitors the location of planes that just landed and whether the luggage offboarding equipment is in place. It also automatically notifies the catering truck, fuel truck, and ramp personnel.

Public transportation also benefits from the efficiencies brought on by computer vision. As municipal transit agencies look to increase ridership and fuel efficiency, some communities are experimenting with dynamic routing of buses to reduce instances of empty buses on routes. For passenger vehicles, some cities charge a fee when your vehicle enters the city center. Pollution sensors detect elevations in airborne chemicals, such as carbon monoxide, triggering an alert that results in varying fees paid by those vehicle owners.

Railways equip trains with cameras and install them in stations to inspect and monitor parts as the train rolls down the track, increasing safety, efficiency and revenues. For a detailed look at how computer technology is used to inspect railcars, browse this Duos Technology Group case study.

Does computer vision affect sustainability in transportation?

In the context of transportation, sustainability focuses mainly on the consumption and proper management of power and fuel. Airports, for example, deal with large amounts of fuel and are concerned about the release of potentially dangerous amounts of vapors and chemicals that could increase air pollution or contaminate groundwater. Deicing planes also requires the use of chemicals, so cameras and sensors can assist in deicing a plane just enough to make it safe without an excess of chemicals flowing from the tarmac or runway into the ground. Airports and railways deal with vegetation control as a means of fire suppression. Computer vision technology monitors fuel usage, air and ground contamination, and even the height of vegetation around landing strips and railyards.

Similar to smart cities, airports, train stations and cruise ships can use computer vision to control power consumption, water usage, air conditioning and heating. Based on where people are and their usage patterns, smart lighting can be automatically controlled to turn off or use downlighting during the brightest part of the day and light other areas 24/7 for safety purposes.

Generating revenue for transportation companies and the public sector

 This gets back to doing more with fewer resources as well as enhancing current revenue streams. For an airport, that means steering passengers toward retail within the facility to maximize their spend and turning aircraft around quickly, to allow more flights per day. A single flight can generate tens of thousands of dollars in fees, so getting one more flight through a gate per hour has a significant impact on revenue.

Depending on how crowded an airport is, dynamic pricing could be implemented automatically to adjust parking pricing. States and local municipalities also benefit from dynamic pricing. Drivers typically need a tag or pass for high-occupancy lanes on freeways. Computer vision technology can increase the fee for high-occupancy lane usage based on the current amount of traffic.

How do mobile edge computing and 5G affect computer vision in transportation?

 Real-time actionable insights and learning is critical to situational awareness in the field, and technologies like 5G and mobile edge computing enable faster response times.

Consider rolling stock, like a public bus. The driver needs to focus on the road and passengers. A bus equipped with cameras and a compact hyperconverged infrastructure can use computer vision to create real-time situational awareness for the driver as well as for transit hub staff. As the vehicle approaches a bus stop, the system captures the number of waiting passengers, or passengers with special needs. The increased bandwidth of 5G enables fast transfers of the insights back to a central location for analysis, with the results of the analysis streamed back to the bus in near real time.

Computer vision is truly transforming the transportation industry, aided by automation, touchless technologies and 5G. Edge computing and machine learning capabilities make faster and better-quality decision making and situational awareness in the field possible, which in turn increases efficiencies, makes environments safer, lowers carbon emissions, raises customer satisfaction and helps organizations be more profitable.

For an overview of computer vision and its impact on industries, see The Future Is Computer Vision – Real-Time Situational Awareness, Better Quality and Faster Insights.

For more information:

 

 

 

How sanctions on Russia could impact US security buyers

Source: Prasanth Aby Thomas, Consultant Editor, asmag.com

The US and many nations have imposed sweeping and severe sanctions on Russia after it invaded Ukraine. These sanctions could have certain downstream effects for US security buyers.

Asmag.com recently spoke to Brian Schwab, Founder and Principal Consultant of S3SDC and partner at eSRX, to understand the extent of these effects. This category includes video surveillance equipment, access control, intrusion detection equipment, etc. The current sanctions list prohibits the export of advanced, dual-use technology to Russia. This will seriously curtail that country’s ability to produce physical security components or equipment of any value for export purposes. But the impact will not be the same for buyers in the US.

“When analyzing the overall global physical security equipment market, in my opinion, Russia does not produce any equipment in this area that is qualitatively or technologically distinctive from any other global producer,” Schwab said. “Generally speaking, physical security equipment, or components thereof, are what economists call “substitutional goods.” This means that given price and availability, a consumer can simply switch from one equipment manufacturer to another and still be able to meet their immediate security needs with little noticeable loss in quality.”

That said, Russia is not a major global market player in equipment production. Most of the top physical security equipment manufacturers are in Asia, western Europe, and the Americas. The market for Russian physical security goods in the US is already minuscule, and these sanctions may not have any noticeable impact on US buyers in sourcing products.

 More impact on cybersecurity

Any tangible impact of the sanctions is likely to be felt in the cyber security realm. The COVID-19 pandemic transformed the everyday work environment making telecommuting or remote work the new norm. Online communication devices and info sharing platforms (such as Zoom, Teams, and Dropbox) have become extremely popular. This has increased the number of potentially vulnerable devices and network connections, resulting in a sharp rise in the number and type of potential threats US businesses and other organizations face.

“One major Russian cyber security firm, Kaspersky Labs, has already said it will be unaffected by the sanctions and that it will fulfill its contracts and obligations to international customers and partners,” Schwab continued. “This seems to be because Kaspersky opened a security network data center in Zurich, Switzerland, to handle information voluntarily shared with users in North America, Europe, and Asia.” This allows Kaspersky to mollify any concerns that Russia can exploit data, with or without the company’s cooperation or consent. Yet, Kaspersky’s sales in the US market were flat in 2020 and were estimated to have increased by 2.8 percent in 2021.

Any specter of doubt in the minds of many US security buyers, already cautioned by the 2017 National Defense Authorization Act and actions taken by the US Department of Homeland Security that same year, will likely have already caused many to switch their service provider to a non-Russian organization.

Cybersecurity threats also impact buyers

A second-order effect of the sanctions would be hacktivist or state-sponsored cyberwarfare activities aimed at disrupting business activities, compromising data, and other nefarious activities conducted on behalf of the Russian state.

“This is where I would anticipate the largest financial impact to US security buyers will likely be seen through an increase in costs associated with data protection measures,” Schwab said. “However, with increasing ransomware attacks over the past few years, many US firms have already begun to move in this direction. As such, the second-order effect of implementing these security activities may already be factored into these US firms’ acquisition process and not as much of a heavy lift as one may at first think.”

For those who have not switched but remain committed to using one of several large data analytics firms of Russian origin or location, there are legal issues that must be measured and assessed as part of those firms’ Enterprise Security Risk Management process. This will likely require US buyers to assess their contracts with these Russian firms to determine whether force majeure measures exist, whether these protections would apply (i.e., the undeclared war Russia launched may not be included under force majeure provisions), and how any potential risk of data exposure, compromise, or loss may impact the US company’s downstream clients. If force majeure is not viable, protections may be available under “Restatement of Contracts,” which would allow cancellation of existing contracts due to either supervening impracticability or frustration of purpose. While these will not protect against possible misuse/abuse of data these Russian firms maintain, they will provide some measure of legal protection if data is breached or maliciously compromised.

Impact on the supply chain

 Russia plays a small but essential role in supplying specific raw materials used to create security- and defense-related equipment. Russian raw materials, such as titanium, are integral parts of defense and aerospace equipment.

“However, many US firms had begun to diversify their raw materials suppliers following the 2014 Russian takeover and annexation of Crimea,” Schwab pointed out. “Firms may now begin to look to China to pick up the slack, but this is not a guaranteed way to eliminate supply issues caused by sanctions, given the trade war between the US and China that began during the Trump Administration as well as the growing Sino-Russian “strategic partnership.”

Conclusion

 In short, Russia’s penetration into the US security market was limited even before this war started. Given Russia’s lack of market share, it is unlikely that US security buyers will see a significant impact from the sanctions imposed on Russia in the wake of its invasion of Ukraine.

The real impact will likely be a drop in immediate supplies of raw materials needed to create security-related equipment and devices. This will potentially cause short-term shortages that will increase prices and the availability of some equipment. However, as new raw material sources are developed, this is likely a short- to mid-term impact only for US buyers.

Finally, US firms will have to assess their existing contracts with Russian firms to protect themselves legally. While this is a time-consuming process in itself, US firms may also experience a corresponding increase in cyber security spending above pre-invasion levels to protect themselves against anticipated Russian cyberwarfare and other state-sponsored malicious hacking activities.

D-Link unveils high‑speed, up to 20 km long‑range wireless bridges

Point‑to‑point and point‑to‑multipoint connection solutions that overcomes the challenges of rural areas and tricky terrain to supply stable, high‑speed connectivity over vast distances

D-Link, a global leader in network technologies, today announces two new additions to its family of connectivity solutions. The new 5km long-range Wireless AC Bridge (DAP-3711) and 20km Long Range Wireless AC Bridge (DAP-3712) are designed to offer highly resilient, stable, and fast connectivity to previously impossible-to-reach areas in both urban and rural environments.

Built with industry-leading core technologies and specifically designed for long-distance coverage, the DAP-3711 and DAP-3712 are equipped with high-gain 15 and 23 dBi directional antennas. These enable high-speed, stable network coverage equivalent to a wired connection of up to 5km and 20 km away, respectively, ideal for setting up video surveillance or wireless access in remote locations as well as across cities and rural towns.

The DAP-3711 and DAP-3712 offer transfer speeds of up to 867 Mbps and designed with TDMA technology, which filters out interference by creating a schedule for the bridge’s access point and the client. Transmissions are allocated a time slot, eliminating data collisions and cutting down interference to maximise airtime efficiency and transfer rates. What’s more, the new launches also come with built-in 128-bit personal and enterprise wireless encryption to support end-to-end security.

Designed especially to withstand a wide range of outdoor environments, the DAP-3711 and DAP-3712 are enclosed in robust IP66-rated, water-resistant and dust-tight housings, as well as in-built 8 kV surge protection. Ideal for shielding networks in all-weather events and harsh environments, these combined design features allow the DAP-3711 and DAP-3712 to be deployed wherever needed to guarantee consistent connectivity.

The new wireless bridges support Power-over-Ethernet (PoE) and come with a PoE injector included. This allows network managers to run a single cable connection and for devices to be installed quickly and effortlessly without the need to run separate power lines.

Key Features:

– Allows to wirelessly connect networks and devices of up to 5km and 20km distance apart
– High-gain directional antennas provide fast, stable, and long-range wireless coverage
– High speeds and consistent coverage that filters out interference with TDMA technology
– IP66-rated water-resistant and dust-tight housing allows for deployment in harsh outdoor conditions
– Power over Ethernet makes for a cleaner installation with power and network connectivity over one cable
– 8 kV surge protection protects your network against unexpected surges, such as lightning strikes
– Blazing 5 GHz wireless AC speeds of up to 867 Mbps
– 128-bit personal and enterprise wireless encryption for a more secure network

Hikvision launches new Academy with Cybersecurity course

HOOFDDORP, the Netherlands — XX April 2021 — Hikvision, an IoT solution provider with video as its core competency, has developed an online training platform to help raise awareness, knowledge and expertise in numerous topics affecting the security industry. It launches with a new Cybersecurity course to increase awareness in the industry, making it more cybersecure for the future.

The Hikvision Academy is designed with learning in mind, using easy-to-understand, practical and example-led modules to empower users with understanding and skills to meet their needs. Learning is optimized in three ways – Online Courses, for in-depth knowledge of a certain topic; Webinars, to give users an engaging way to catch up with the latest technologies; and Certification, to give users a way to use their learning. The platform works alongside classroom learning sessions, where appropriate and possible, to help users get the best of both worlds.

A hot topic in the security industry is Cybersecurity, and Hikvision’s Cybersecurity Course has just been added to the Academy portfolio. This course gives a broad and detailed over view of the challenges to the industry by the risks that go hand in hand with advances in technology. The course is made up of six lectures:
– The Basics of Cybersecurity
– Product cybersecurity
– Vulnerabilities and vulnerability management within the security industry
– How an IP camera can be hacked and what to do to prevent this
– The privacy perspective within the security industry
– How to implement cybersecurity in practice.

Among the other Online Course topics already available, or coming soon, are: NVRs, IP Camera and HikCentral. Hikvision also hosts live webinars on a number of topics ranging from Smart Buildings to All-in-one Smart PTZ, and these are also available to view through the Academy website afterwards. Finally, the comprehensive Certification program gives users the ability to prove their knowledge in various stages as they progress in their learning.

“It’s important to us at Hikvision to give back to the industries we work within. Launching the Hikvision Europe Academy will help us deliver on that commitment by sharing knowledge and providing a way to help customers and partners strengthen their knowledge and skills”, says Derek Yang, General Manager at Hikvision Europe.

Click here to go to the Cybersecurity course details

Click here to go to the Hikvision Academy home page.

Consumer IoT security: From “nice to have” to “new normal”

The current rise of the Internet of Things (IoT) ecosystem is something that cannot be denied. For example, smart building elements, vehicles connected to a smart transport infrastructure, or gadgets that can be controlled remotely through mobile applications and cloud are only a few examples of the current state. Moreover, the rate at which IoT is expanding is currently accelerating. Based on recent reports, it is expected that 5.8 billion IoT endpoints will be in use by the end of 2020, only in automotive and enterprise environments.

Whenever the term IoT is mentioned, the thoughts are initially running towards smart consumer gadgets. In fact, this paradigm, even though slightly outdated, is still correct for a large extend. Based on reports, the market of consumer IoT products is projected to reach 153.8 Billion $ by 2026 . However, together with the increase in connected products volume and functionality, the cybersecurity risks associated with these products are strongly increasing as well. Due to the volume of this market, as well as its connectivity to other high-risk environments, this becomes a serious issue.

Are there published guidelines for securing IoT devices?
The responsibility for introducing sufficient security controls inside IoT products lies mostly with their developers, as they are the ones who have technically the ability to design such security functionalities. But often one of the biggest challenges is knowing precisely what kind of security controls to include. Is simple authentication and encryption of data sufficient, or should IoT products include more sophisticated features such as secure boot, protection against physical tampering or side channel attacks? Since this is an essential question, the need for sufficient and good quality international standards and best practices is critical for consumer IoT domain. Luckily, we don’t lack such publications. The IoT Security Foundation framework, IEC 62443-4-2, GSMA IoT requirements or ETSI EN 303 645 are examples of well known publications which can be used as reference for implementing security by design in such products. It is sometimes hard to pick the favorite out of this list (and with even many more other publications that address the domain as well). However, in the last two years, the cybersecurity world has started to focus its attention more and more towards ETSI EN 303 645, with the hope that this could become the ultimate reference standard that we were all looking for.

ETSI EN 303 645, officially released by ETSI in June 2020, provides a common view on what a consumer IoT security baseline should look like. Straight to the point, while leaving out of scope requirements which would make the testing effort difficult and too long. The standard is split into 13 chapters, including requirements focused on various domains of control, such as secure authentication, software updates, software integrity, secure installation, etc.

The standard itself aims to provide a baseline of security requirements, therefore, as expected, the testing depth is medium. General security evaluation knowledge related to hardware, software and protocols security are sufficient in order to go through the requirements. The difficulty comes however from interpreting some requirements which are made “flexible” on purpose. For example, the requirement “The product shall have an update mechanism for the secure installation of updates” requires first of all consensus on what is meant by “secure installation”, especially in sense of what is good enough and what is not good enough. There are multiple other instances of such requirements where common interpretation is needed in order to reach a testing verdict. Finally, the smooth applicability of the standard will require a certain set of evidences to be provided by the developer to facilitate the evaluation. This is still expected to be much less extensive than the evidence set for a, for example, Common Criteria evaluation.

Is it possible to currently certify the security of IoT products?
In one word, yes! The existence of relevant security certification schemes was an essential aspect in the increase of security by design adoption among developers. Being able to get this official recognition in return, and use it for creating a market advantage, can stimulate manufacturers of consumer IoT products to allocate more time and budget to cybersecurity. There are in fact several options that developers can choose from, and currently the most relevant are based on the ETSI EN 303 645 standards. National certification schemes for IoT have been established in Finland and Singapore . At the same time, private certification schemes exist for certifying based on the ETSI norm . We all know that security is not a cheap business. In order to certify a product, developers will need to invest not only in contracting a testing facility, but also in order to create the necessary product documentation, as well as address possible detected security gaps. However, at the end of the day, these kind of labels and certificates distinguish a product among the thousands of other similar devices on the IoT market. And finally, a certification assignment is not only a checkbox kind of work. The testing and documentation evaluation will often help the developer in making the product more mature, improve its user and deployment guidance, or address security gaps which were not spotted during the development.

Are there, or will there be mandatory laws for IoT products security?
A regulatory background focused specifically on (consumer) IoT products has been missing so far, but it’s becoming a more and more hot topic of discussion. This is mostly because consumers will almost always be more attracted by the functionalities (or price) of a product, rather than researching its security capabilities. Therefore, such security validation needs to happen in the background, in order for consumers to be able to choose only from minimum protected devices.
The EU, as well as UK, USA, Brazil and other regions are considering local laws and regulations aimed to mandate a minimum level of cybersecurity in the products which are placed on the market. In the beginning, it is aimed that this minimum level should be something that developers can achieve without unreasonable costs or effort. Laws like the RED (Radio Equipment Directive in EU), UK IoT security law or the California IoT security law ask for a baseline security, including secure passwords, vulnerability disclosure procedure or secure software updates. While minimal, such a beginning set of mandatory requirements is expected to make a major difference in improving the security posture of IoT products available on the market. As the years go on, it is expected that this set of minimum requirements will be expanded, and the security of consumer IoT products will gradually get higher. The only thing we can hope is that, in several years from now we will see security as the “new normal”, instead of a “nice to have” feature.

D‑Link adds McAfee Protection to its Covr AC2200 Tri‑Band Whole Home Mesh Wi‑Fi System

The COVR‑2202 now combines world‑class security features with sophisticated mesh Wi‑Fi technology for a safer, more secure and seamless connectivity.

COVR-2202 D-Link adds McAfee Protection to its Covr AC2200 Tri-Band Whole Home Mesh Wi-Fi System
The COVR-2202 now combines world-class security features with sophisticated mesh Wi-Fi technology for a safer, more secure and seamless connectivity

D-Link, a global leader in network-based solutions, has announced innovative security features for its AC2200 Tri-Band Mesh Wi-Fi System (COVR-2202), to provide blackspot free, high-speed, seamless Wi-Fi with added safety and security – specifically designed to meet the demands of the modern smart home.

The integrated McAfee Protection comes with five-year Secure Home Platform subscription and two-year McAfee LiveSafe Protection, and provides end-to-end security for each and every device connected to a home network. Emerging threats and vulnerabilities are identified and blocked thanks to McAfee’s Global Threat Intelligence, and its advanced parental controls ensure parents can keep their children safe from unsuitable online content. What’s more, existing owners can add this feature to their COVR-2202 by simply upgrading their device to the latest firmware.

The new feature forms part of D-Link’s expansion of McAfee Protection across its range of routers and home Wi-Fi solutions, which also includes the recently launched EXO Smart Mesh Wi-Fi routers (DIR-1960, DIR-2660 and DIR-3060).

The McAfee Secure Home Platform gives users complete control of their devices and ensures they are the first to know and respond to potentially threatening activity. This includes any devices trying to connect to malicious addresses, unidentified devices attempting to join the network, and the option to deny any new devices from connecting to a network. It also works with Amazon Alexa, providing an all-new way to control a network using voice commands. This feature allows users to monitor their network, block devices, and get up to speed on network notifications without lifting a finger. The two-year McAfee LiveSafe™ subscription allows antivirus software to be installed on an unlimited number of computers, tablets and smartphones.

The COVR-2202 works with a user’s existing router to create an expanded network that works seamlessly across an entire home. Each point creates an exclusive high-speed Wi-Fi zone, which allows users to run demanding multimedia applications from anywhere in a home.

Seamless, buffer-free connectivity is supported by the COVR-2202’s Smart Roaming technology with MU-MIMO and Smart Steering. This allows users to enjoy media streaming and internet phone calls throughout their entire home, avoiding drop outs and lag, even when moving from room-to-room. The system comprises two high-performance AC2200 Tri-Band Covr Points that eliminate Wi-Fi dead spots and provide fast Wi-Fi to homes of up to 550m2.

COVR-2202’s key features include:

Tri-Band AC2200 – two 5GHz bands and one 2.4 GHz with Wi-Fi speeds of up to 866 Mbps and 400 Mbps respectively
Smart Backhaul – dedicated 5GHz backhaul band for communication between Covr Points to optimise bandwidth across the whole Wi-Fi network
Smart Roaming – seamlessly connects to the strongest signal as you move from room to room, eliminating the need to disconnect and reconnect
MU-MIMO technology – creates a powerful, fast, and highly efficient Wi-Fi network that can handle a greater number of connected devices
Expandable network – Covr is a scalable solution. Simply add extra Covr Points where you need more coverage

ComNet: Prevent against physical disruptions to security infrastructure

ComNet is an ACRE company that specializes in audio, video, data, and Ethernet communication products. One such area where the company’s Ethernet products come in useful is when combatting the threat of cybersecurity.
When it comes to cybersecurity, the threat of physical interruptions to a system by breaking into its infrastructure devices are rarely considered. However, through this method, it is possible to compromise and cause complete failure of a security system.
“Due to their nature, security and surveillance networks put network connections in both secure and unsecured locations. Vulnerable positioning provides ample opportunities for the would-be-attacker, so due care and attention must be paid to equipment protection,” explains Iain Deuchars, ComNet Regional Manager for the UK and Ireland.
For instance, the security threat to a network at this level results from a third-party physically connecting to the switch, or by removing an edge device from the system and attaching unauthorized equipment in its place. The connection could be to an optical port, but that would require the third-party to have the correct optical interface. So, for opportunistic reasons, it tends to be a connection via an electrical interface. Electrical Ethernet ports are based around an industry standard, so connecting to these is relatively simple. As every laptop today has such a connection, the probable weapon of attack is readily available.
Ethernet switches are available in managed or unmanaged forms, where the managed platform has many more features and allows the user to configure and remotely monitor the device. The unmanaged unit has no such facilities; it merely does the primary job based on its shipped configuration. “Media converters tend to be in an unmanaged format only. Where security is concerned, managed units offer several facilities to prevent unauthorized entry to the network. In contrast, unmanaged forms do not,” states Deuchars. “Therefore, managed Ethernet switches should be used throughout your network.”
Those who ignore the basics of network security and opt instead for cheaper, unmanaged devices, are exposing their networks to the risk of hackers. Hackers who can very quickly turn a sophisticated security network to their own advantage. And with the safety and protection of critical infrastructure, data and communications at stake, are you prepared to take that risk?

ISSUES

Global Security d.o.o.

Hasiba Brankovića c, 71000 Sarajevo, Bosna i Hercegovina
Tel: +387 (0)33/788-985
Fax: +387 (0)33/788-986
Web site: www.asadria.com
Marketing: marketing@asadria.com
Subscription: pretplata@asadria.com
VAT no: 201142740001
ID no: 4201142740001
ISSN 1986-5

a&s Adria – professional security magazine for providing total security solutions is a monthly circulating publication and a licenced representative of Messe Frankfurt New Era Business Media for Adriatic region, which consists of following countries: Bosnia and Herzegovina, Croatia, Kosovo, Montenegro, FYR Macedonia, Slovenia and Serbia.