With the holidays over and the statistics pouring in, it is easy to see that the idea of the Smart home has taken off in new ways. It was predicted that smart home device sales would top 854 million in 2020. Everywhere you look there are new ways to integrate your appliances, lights or other devices into the Internet of Things (IoT). The demand for these devices is slated to grow to over 1.4 billion in the next three to four years. Devices using the internet to connect and relay information to and from the cloud is the way of the future.
It is more than smart speakers installed in a home. Wearable healthcare technology has blossomed from fitness trackers that count steps to a larger industry with sensors collecting information and sending it straight to your medical professional.
Having technology at our fingertips is exciting; automating your life to fit your needs is essential. There are some hidden considerations that need to be assessed. Every time a camera is added, or a smart speaker plugged in, a new endpoint is created. Adding an endpoint is like adding another door; not generally an issue if there is a secure lock on it. But this is not simply any door, it is an elevator that can take you directly into a person’s home or straight into their network or workload.
70% of all security breaches originate at the endpoint. Cybercriminals breach endpoints for a variety of different reasons, but they are always opportunistic when inside. Once they have a foothold on a device or endpoint, they use this foothold to do any number of tactics, techniques and procedures like persistence, lateral movement, and credential harvesting. Attackers will move low and slow to prevent tipping off security tools in place.
Once a cybercriminal is inside your home network, they can do many things. Whether it is weaponizing a television or a home automation device to be eavesdrop; or using that home network to pivot into an organization. If the network is compromised without a plan, the door remains open. There has been a wide range of breaches in the past five years, where an average cost of a breach is $3.86 million. Ransom notices may not happen immediately; cybercriminals are happy to wait for the most opportune moment.
Companies have a responsibility to their customers to ensure that their information is safe while protecting company data. The security landscape is constantly changing and evolving. Security is not an application that can be installed and then left on its own. It is crucial to have a team of people working toward an intrinsically secure system. It is not about being reactive to threats and hoping they do not happen. It is about being proactive to threats, preventing these breaches from happening in the first place.
Visibility into the endpoints is crucial. Without clear visibility, it becomes almost impossible to prevent, detect and respond to the changing attacker landscape. Having an intrinsically safer system is not solely about one part of your environment being safe; you cannot merely stop at having security at the endpoint. Protecting data happens at every control point. At the workload level, micro-segmentation can play a large role in limiting what a cybercriminal has access to and where they can go. Every rule you add or sensor you install into your system is a barrier between your data and the attacker.
Having this level of security can sound overwhelming, and there are many different aspects you must think about to secure your environment and keep information safe.
VMware Professional Services Intrinsic Security experts take the time to understand your environment and your goals. We can evaluate its current level of security by reviewing your rules and policies and performing an audit of your network, workload and endpoints. This audit will reveal any gaps in your security that could lead to a costly breach.
After the assessment is complete, our experts will create a gap analysis and compare it to your desired outcomes. Together, we will make custom recommendations for your environment and control points that will optimize your system’s protection and outline steps to stop modern security threats, and help you prevent breaches.
Ready to join us on a journey to a more intrinsically safe environment? Click here to learn more.