Modernizing Authentication — What It Takes to Transform Secure Access
When it comes to protecting enterprise Internet of Things (IoT) deployments, Resilient Network Systems believes two security approaches are better than one.
The San Francisco-based secure access control specialist today announced a new IoT security offering dubbed Resilient IoT Guardian. The solution was jointly developed with RunSafe Security to both harden an organization's connected devices and ensure the integrity of the IoT data that flows through the network.
The device-hardening part of Resilient IoT Guardian comes courtesy of RunSafe Security. With a focus on the industrial IoT and embedded systems, the firm's technology effectively makes "each device from a hacker's perspective unique," Joe Saunders, CEO of RunSafe Security, told eSecurity Planet. It works by modifying the binary files and memory of IoT devices, making each one distinct while keeping its functionality intact.
If attackers were able to reverse engineer an exploit for an IoT device protected by RunSafe's technology, "one their exploits or malware won't work on the rest," assured Saunders. In short, a hacker will have wasted precious time on an exploit that can only be used once.
Building on this uniqueness, Resilient Network Systems' middleware uses the device-specific credentials created by the joint solution to enable policy-driven contextual access control. This ensures that devices are securely and appropriately communicating with one another over the network using dynamic whitelisting and continuous authentication to thwart even the sneakiest attempts to access IoT data.
"This offering provides immediate defensive benefits and long-term assurance that your network continues to be trustworthy," said Ethan Ayer, CEO of Resilient Network Systems, in a statement. "Instead of worrying about hacks and misuse of your devices, we give you visibility into your network and the ability to manage it."
Securing the IoT has quickly become a top priority for businesses, and vendors are stepping up.
In April, Cloudflare launched its Orbit service, which inspects IoT traffic to sniff out signs of an attack. This firewall-like approach also enables customers to create their own rules which can be quickly propagated to all connected devices protected by the solution.
Earlier this month, Cisco debuted its new IoT Threat Defense Platform. Also taking a layered approach to IoT security, the solution uses the network segmentation capabilities found in Cisco TrustSec along with a handful of the company's other network security, access control and management solutions to protect devices from external attacks.