At the Intel Developer Forum in San Francisco this week, Christopher Young, general manager of the Intel Security Group, gave a talk on cybersecurity and the Internet of Things (IoT). IoT refers to Internet connectivity for things that don't usually have them, like refrigerators, cars, and thermostats. Intel estimates that there will be 50 billion of these devices around the global world by 2020, and the company is creating a security model to keep your personal data safe and the devices themselves protected from unauthorized use. The security landscape right nowMr. Young paints a grim picture of current security. ��� ��������� ������ ��� ������ �������� on this page. Without poorly secured IoT devices proliferating throughout the world even, hacking has become "industrialized," as in turned into an industry. Of viruses being created by individuals working alone instead, malware is a product being developed by governments and organized crime syndicates now. The black hats are no longer only after credit card information and personal data. Now they're creating botnets, networks of controlled devices remotely, which they can use to shut down access to websites or to crack encrypted files that protect sensitive information. ���� � �������� ����������. In one extreme example, we've seen a demonstration of a Net-connected car being taken over remotely, right down to control of the steering wheel, gas pedal, and brakes. The car in question was being sold at a dealership just like any other vehicle, but its embedded computer contained flaws in its software that could be exploited when linked to the Internet. servictrades. Finding solutionsThe implication is that the Internet of Things is not currently being built with security in mind. For example, key questions should include: Are users being verified? Is the data collected by the device being placed and transmitted securely? Are the devices that the devices are talking to getting verified as well? Young brought in Intel CIO Brent Conran to talk about what Intel is doing on that front, since the company intends for its hardware to be in a lot of IoT devices in the future. Conran said that building code that vendors can trust is important when working in a proprietary world, where you can't show the vendor everything about how exactly your hardware or software works. CyberArkIn an office environment, monitoring and controlling privileged user accounts is important also, since (according to Conran) nearly every security breach starts from this entry point. Conran has implemented a privileged account management system designed by CyberArk. In this system, passwords are checked in and out like books, and accounts are monitored using algorithms that flag anomalous behavior, like persons accessing the network at odd hours and attempting to download a bunch of data. User accounts can also be flagged for removal if they haven't been used in a long time (periodically culling the set of authorized users can cut down on old accounts falling into the wrong hands). Quick tip: Quick unzip with WinZip there. CyberArk uses Intel's Data Exchange Layer (DXL), a system in which security parts like an antivirus program and a browser plug-in could communicate directly to each other in real time to respond to threats as a combined, coordinated force. By using DXL, CyberArk's software can quickly identify compromised user accounts connected to the network and shut them down. Unfortunately, these systems aren't things that individual consumers have much control over when signing up for a Net-connected home security system or creating an online bank account. But you can at least ask questions about the product and its security to make informed purchasing decisions.
0 Comments
Leave a Reply. |