SlideShare a Scribd company logo

Security Architecture for Small Branch and IoT

Barcoding, Inc.
Barcoding, Inc.

This document discusses the benefits of parallel networking and network segmentation for IoT devices. It describes how traditionally networks are monolithic with everything connected, but this poses security risks. The solution proposed is to use separate, dedicated networks for different systems like POS, customer WiFi, digital signage, HVAC etc. This physically segments the networks for increased security. The benefits are improved PCI compliance by reducing the scope of networks auditors need to assess, and eliminating opportunities for hackers to pivot from one network to another. It gives an example of how network segmentation could have prevented the Target data breach.

Technology
1 of 20
Download to read offline
Parallel networking and IoT Kent Woodruff, CSO, Cradlepoint
Internet / Private Network The Monolithic Network Server Employee Tablet Back Office Customer Area Equip Room Customer Smartphone Corporate Applications and Data Center (Cloud-based ) Network Admin Customer Marketing Security Mgmt Store Operations Primary Network (WAN) Typically T1, DSL or Cable Failover Connection 4G-LTE as a backup WAN connection 4G-LTE
Segmentation
Go PhishYourself
Spear Phishing Example
Spear Phishing Example
The Result and Impact • The Industry Experts’ Analysis – They passed its PCI Compliance audit in September – They may have not done enough to wall off its payment systems from the rest of its vast network people who work with large corporate networks said. – The company has since moved to isolate its different platforms and networks to make it harder for a hacker to move between them an executive said. – So-called segmentation issues, where computer systems that shouldn't be connected for security reasons are in fact linked, are a problem at a number of retailers a person familiar with retail breaches said. – There shouldn't have been a route between a network for an outside contractor and the one for payment data people familiar with large corporate networks said. Source:
Why is Segmentation Hard?
And then…
And then…
Internet / Private Network The Monolithic Network Server Employee Tablet Back Office Customer Area Equip Room Customer Smartphone Corporate Applications and Data Center (Cloud-based ) Network Admin Customer Marketing Security Mgmt Store Operations Primary Network (WAN) Typically T1, DSL or Cable Failover Connection 4G-LTE as a backup WAN connection 4G-LTE
Solution: Parallel Networking Physically separate networks for 3rd parties and non-core applications Kiosk Network 4G LTE 4G LTE Digital Signage Network HVAC System Network 4G LTE Customer WiFi Network 4G LTE Employee Network 4G LTE 4G LTE Energy Mgmt Network Point-of-Sale Device Network 4G LTE 4G LTE 4G LTE Security System Network Store within a Store Network 4G LTE Internet / Private Network Solution Overview  Cloud-managed IoT/M2M routers dedicated to a single use  Typically used by 3rd-parties for BYON (BringYour Own Network)  Creates physically separate networks for increased security Benefits  Increases PCI Compliance by reducing scope of network – PCI Auditors must evaluate everything in the Cardholder Data Environment (CDI) – Removing usage from the CDI such as customer WiFi, digital signage, 3rd=parties, etc reduces scope, increases PCI compliance, and reduces security risk. – Dedicated networks for POS devices (checkout, kiosk, etc) have fewer security risks  Eliminates 3rd-party dependencies on branch/store network – 3rd-parties include kiosks, store-within-a-store, digital signage, security, HVAC, energy mgmt – 4G-LTE enables network connectivity with no wires to install or manage – 3rd-parties prefer to homogeneous networks for control, consistency and manageability  Security through Separation – Eliminates the opportunity for thieves to hack into the network and launch a “pivot attack” – Network segmentation that is “logical” rather than “physical” is prone to misconfiguration – The Target breach highlights the susceptibility of monolithic networks to a pivot attack.  Enables Offload of Non-Core Traffic from the Private Network – Eliminates the opportunity for thieves to hack into the network and launch a “pivot attack” – Network segmentation that is “logical” rather than “physical” is prone to misconfiguration
In-Vehicle Networks • The Connected Bus Trends Driving In-Vehicle Networks • Mobility (Access & Deployment) • Pervasiveness of Affordable, High Bandwidth, 4G LTE • Cloud-basedApplications • Big Data CCTV Cameras for Security Internal Digital Signage Passenger WiFi Credit Card Processor Connected Exterior Digital Signage Bus DriverTablet
…and if you don’t segment?
DEMOs • Reverse Engineering CANbus • Searching for easy IoT targets • Spoofing email
Thank you! #SupplyChainGeek Kent Woodruff Cradlepoint kwoodruff@cradlepoint.com

Recommended

Security in IoT
Security in IoTSecurity in IoT
Security in IoT
SKS
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
gr9293
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
Radouane Mrabet
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITY
The Avi Sharma
 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough?
Ravindra Dastikop
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT Security
CAS
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson
 
IoT Security
IoT SecurityIoT Security
IoT Security
Peter Waher
 

Recommended

Security in IoT
Security in IoTSecurity in IoT
Security in IoT
SKS
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
gr9293
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
Radouane Mrabet
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITY
The Avi Sharma
 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough?
Ravindra Dastikop
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT Security
CAS
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson
 
IoT Security
IoT SecurityIoT Security
IoT Security
Peter Waher
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
Intel® Software
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
Ulf Mattsson
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
University of Ontario Institute of Technology (UOIT)
 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by Clearnetwork
Clearnetwork
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
sreelekha appakondappagari
 
Iot Security
Iot SecurityIot Security
Iot Security
MAITREYA MISRA
 
Security issues and solutions : IoT
Security issues and solutions : IoTSecurity issues and solutions : IoT
Security issues and solutions : IoT
Jinia Bhowmik
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of Things
Somasundaram Jambunathan
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
Sanjay Kumar (Seeking options outside India)
 
Introduction to IOT security
Introduction to IOT securityIntroduction to IOT security
Introduction to IOT security
Priyab Satoshi
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
Vasco Veloso
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
ClicTest
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
CableLabs
 
Securing Internet of Things
Securing Internet of ThingsSecuring Internet of Things
Securing Internet of Things
Rishabh Sharma
 
IoT Security by Sanjay Kumar
IoT Security by Sanjay KumarIoT Security by Sanjay Kumar
IoT Security by Sanjay Kumar
OWASP Delhi
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of thingsMonika Keerthi
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Eurotech
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Stanford School of Engineering
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
SecPod Technologies
 
asabe2014
asabe2014asabe2014
asabe2014J Boisvert-Chouinard
 
Dataset Quality Ontology - An Engineering Experience
Dataset Quality Ontology - An Engineering ExperienceDataset Quality Ontology - An Engineering Experience
Dataset Quality Ontology - An Engineering Experience
jerdeb
 

More Related Content

What's hot

IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
Intel® Software
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
Ulf Mattsson
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
University of Ontario Institute of Technology (UOIT)
 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by Clearnetwork
Clearnetwork
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
sreelekha appakondappagari
 
Iot Security
Iot SecurityIot Security
Iot Security
MAITREYA MISRA
 
Security issues and solutions : IoT
Security issues and solutions : IoTSecurity issues and solutions : IoT
Security issues and solutions : IoT
Jinia Bhowmik
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of Things
Somasundaram Jambunathan
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
Sanjay Kumar (Seeking options outside India)
 
Introduction to IOT security
Introduction to IOT securityIntroduction to IOT security
Introduction to IOT security
Priyab Satoshi
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
Vasco Veloso
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
ClicTest
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
CableLabs
 
Securing Internet of Things
Securing Internet of ThingsSecuring Internet of Things
Securing Internet of Things
Rishabh Sharma
 
IoT Security by Sanjay Kumar
IoT Security by Sanjay KumarIoT Security by Sanjay Kumar
IoT Security by Sanjay Kumar
OWASP Delhi
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of thingsMonika Keerthi
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Eurotech
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Stanford School of Engineering
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
SecPod Technologies
 

What's hot (20)

IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by Clearnetwork
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
 
Iot Security
Iot SecurityIot Security
Iot Security
 
Security issues and solutions : IoT
Security issues and solutions : IoTSecurity issues and solutions : IoT
Security issues and solutions : IoT
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of Things
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
 
Introduction to IOT security
Introduction to IOT securityIntroduction to IOT security
Introduction to IOT security
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
 
Securing Internet of Things
Securing Internet of ThingsSecuring Internet of Things
Securing Internet of Things
 
IoT Security by Sanjay Kumar
IoT Security by Sanjay KumarIoT Security by Sanjay Kumar
IoT Security by Sanjay Kumar
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of things
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
 

Viewers also liked

Dataset Quality Ontology - An Engineering Experience
Dataset Quality Ontology - An Engineering ExperienceDataset Quality Ontology - An Engineering Experience
Dataset Quality Ontology - An Engineering Experience
jerdeb
 
IoD Woman in Leadership Digital Transformation March 2016
IoD Woman in Leadership Digital Transformation March 2016IoD Woman in Leadership Digital Transformation March 2016
IoD Woman in Leadership Digital Transformation March 2016
Niall McKeown
 
JQuery mobile
JQuery mobileJQuery mobile
JQuery mobile
dam01pucminas
 
ASR_Sharjah_20091214_Presentation
ASR_Sharjah_20091214_PresentationASR_Sharjah_20091214_Presentation
ASR_Sharjah_20091214_PresentationNathan Lopez
 
Managing knowledge work KMWorld 2015
Managing knowledge work KMWorld 2015Managing knowledge work KMWorld 2015
Managing knowledge work KMWorld 2015
Gordon Vala-Webb
 
Secure and efficient data transmission for cluster based wireless
Secure and efficient data transmission for cluster based wirelessSecure and efficient data transmission for cluster based wireless
Secure and efficient data transmission for cluster based wireless
Sai Sirisha
 
Script of a story
Script of a storyScript of a story
Script of a story
jasleen1234
 
Seminar (VK)
Seminar (VK)Seminar (VK)
Seminar (VK)S P ROHIT
 
Start IoT with JavaScript - 7.프로토타입
Start IoT with JavaScript - 7.프로토타입Start IoT with JavaScript - 7.프로토타입
Start IoT with JavaScript - 7.프로토타입
Park Jonggun
 
R. Klingbeil, 2012: Challenges to Water Resources Management in the Middle East
R. Klingbeil, 2012: Challenges to Water Resources Management in the Middle EastR. Klingbeil, 2012: Challenges to Water Resources Management in the Middle East
R. Klingbeil, 2012: Challenges to Water Resources Management in the Middle East
BGR - Federal Institute for Geosciences and Natural Resources, Germany
 
Soil Erosion for Vishwamitri River watershed using RS and GIS
Soil Erosion for Vishwamitri River watershed using RS and GISSoil Erosion for Vishwamitri River watershed using RS and GIS
Soil Erosion for Vishwamitri River watershed using RS and GIS
vishvam Pancholi
 
Fishery Arts 7
Fishery Arts 7Fishery Arts 7
Fishery Arts 7
Elmer Gamba
 
Enterprise Content Management - Grundlagen und Praxis
Enterprise Content Management - Grundlagen und PraxisEnterprise Content Management - Grundlagen und Praxis
Enterprise Content Management - Grundlagen und Praxis
Gerald Pitschek
 

Viewers also liked (17)

asabe2014
asabe2014asabe2014
asabe2014
 
Dataset Quality Ontology - An Engineering Experience
Dataset Quality Ontology - An Engineering ExperienceDataset Quality Ontology - An Engineering Experience
Dataset Quality Ontology - An Engineering Experience
 
IoD Woman in Leadership Digital Transformation March 2016
IoD Woman in Leadership Digital Transformation March 2016IoD Woman in Leadership Digital Transformation March 2016
IoD Woman in Leadership Digital Transformation March 2016
 
JQuery mobile
JQuery mobileJQuery mobile
JQuery mobile
 
User Stories
User StoriesUser Stories
User Stories
 
ASR_Sharjah_20091214_Presentation
ASR_Sharjah_20091214_PresentationASR_Sharjah_20091214_Presentation
ASR_Sharjah_20091214_Presentation
 
Managing knowledge work KMWorld 2015
Managing knowledge work KMWorld 2015Managing knowledge work KMWorld 2015
Managing knowledge work KMWorld 2015
 
Secure and efficient data transmission for cluster based wireless
Secure and efficient data transmission for cluster based wirelessSecure and efficient data transmission for cluster based wireless
Secure and efficient data transmission for cluster based wireless
 
Tele nurse presentation 2015
Tele nurse presentation 2015Tele nurse presentation 2015
Tele nurse presentation 2015
 
Script of a story
Script of a storyScript of a story
Script of a story
 
Seminar (VK)
Seminar (VK)Seminar (VK)
Seminar (VK)
 
Clean Code
Clean CodeClean Code
Clean Code
 
Start IoT with JavaScript - 7.프로토타입
Start IoT with JavaScript - 7.프로토타입Start IoT with JavaScript - 7.프로토타입
Start IoT with JavaScript - 7.프로토타입
 
R. Klingbeil, 2012: Challenges to Water Resources Management in the Middle East
R. Klingbeil, 2012: Challenges to Water Resources Management in the Middle EastR. Klingbeil, 2012: Challenges to Water Resources Management in the Middle East
R. Klingbeil, 2012: Challenges to Water Resources Management in the Middle East
 
Soil Erosion for Vishwamitri River watershed using RS and GIS
Soil Erosion for Vishwamitri River watershed using RS and GISSoil Erosion for Vishwamitri River watershed using RS and GIS
Soil Erosion for Vishwamitri River watershed using RS and GIS
 
Fishery Arts 7
Fishery Arts 7Fishery Arts 7
Fishery Arts 7
 
Enterprise Content Management - Grundlagen und Praxis
Enterprise Content Management - Grundlagen und PraxisEnterprise Content Management - Grundlagen und Praxis
Enterprise Content Management - Grundlagen und Praxis
 

Similar to Security Architecture for Small Branch and IoT

Security Issues for Cloud Applications
Security Issues for Cloud ApplicationsSecurity Issues for Cloud Applications
Security Issues for Cloud ApplicationsGuillermo Remache
 
Securing Digital_Adams
Securing Digital_AdamsSecuring Digital_Adams
Securing Digital_AdamsJulius Adams
 
Internet of things - Introduction and Variations (Architecture)
Internet of things - Introduction and Variations (Architecture)Internet of things - Introduction and Variations (Architecture)
Internet of things - Introduction and Variations (Architecture)
Mayank Vijh
 
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
Adrian Wright
 
IRJET- Research Paper Firewall- Prevent Unauthorized Users
IRJET- Research Paper Firewall- Prevent Unauthorized UsersIRJET- Research Paper Firewall- Prevent Unauthorized Users
IRJET- Research Paper Firewall- Prevent Unauthorized Users
IRJET Journal
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber Security
JAZEEL K T
 
Discussion paper: ”The coming obsolescence of the enterprise network”
Discussion paper: ”The coming obsolescence of the enterprise network” Discussion paper: ”The coming obsolescence of the enterprise network”
Discussion paper: ”The coming obsolescence of the enterprise network”
Ericsson
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Jiunn-Jer Sun
 
Computer Networking for Small & Medium Businesses - Boney Maundu.pdf
Computer Networking for Small & Medium Businesses - Boney Maundu.pdfComputer Networking for Small & Medium Businesses - Boney Maundu.pdf
Computer Networking for Small & Medium Businesses - Boney Maundu.pdf
Boney Maundu Slim
 
vpn
vpnvpn
vpn
vimal0123
 
Retail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—RecommendationsRetail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—Recommendations
AirTight Networks
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enVET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
Karel Van Isacker
 
Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docx
ikirkton
 
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
SecurityGen1
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdf
Security Gen
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdf
Security Gen
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation?
PECB
 
Data Center Trends And Network Security Impact
Data Center Trends And Network Security ImpactData Center Trends And Network Security Impact
Data Center Trends And Network Security Impact
Kingfin Enterprises Limited
 

Similar to Security Architecture for Small Branch and IoT (20)

02 ibm security for smart grids
02 ibm security for smart grids02 ibm security for smart grids
02 ibm security for smart grids
 
Security Issues for Cloud Applications
Security Issues for Cloud ApplicationsSecurity Issues for Cloud Applications
Security Issues for Cloud Applications
 
Securing Digital_Adams
Securing Digital_AdamsSecuring Digital_Adams
Securing Digital_Adams
 
Internet of things - Introduction and Variations (Architecture)
Internet of things - Introduction and Variations (Architecture)Internet of things - Introduction and Variations (Architecture)
Internet of things - Introduction and Variations (Architecture)
 
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
 
IRJET- Research Paper Firewall- Prevent Unauthorized Users
IRJET- Research Paper Firewall- Prevent Unauthorized UsersIRJET- Research Paper Firewall- Prevent Unauthorized Users
IRJET- Research Paper Firewall- Prevent Unauthorized Users
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber Security
 
Discussion paper: ”The coming obsolescence of the enterprise network”
Discussion paper: ”The coming obsolescence of the enterprise network” Discussion paper: ”The coming obsolescence of the enterprise network”
Discussion paper: ”The coming obsolescence of the enterprise network”
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
 
Computer Networking for Small & Medium Businesses - Boney Maundu.pdf
Computer Networking for Small & Medium Businesses - Boney Maundu.pdfComputer Networking for Small & Medium Businesses - Boney Maundu.pdf
Computer Networking for Small & Medium Businesses - Boney Maundu.pdf
 
E-commerce Security
E-commerce SecurityE-commerce Security
E-commerce Security
 
vpn
vpnvpn
vpn
 
Retail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—RecommendationsRetail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—Recommendations
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enVET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
 
Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docx
 
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdf
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdf
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation?
 
Data Center Trends And Network Security Impact
Data Center Trends And Network Security ImpactData Center Trends And Network Security Impact
Data Center Trends And Network Security Impact
 

More from Barcoding, Inc.

Keynote Session: A Crooked Yardstick—a Better Way to Measure Winning and Mana...
Keynote Session: A Crooked Yardstick—a Better Way to Measure Winning and Mana...Keynote Session: A Crooked Yardstick—a Better Way to Measure Winning and Mana...
Keynote Session: A Crooked Yardstick—a Better Way to Measure Winning and Mana...
Barcoding, Inc.
 
Microsoft Handheld Strategy with Windows 10
Microsoft Handheld Strategy with Windows 10Microsoft Handheld Strategy with Windows 10
Microsoft Handheld Strategy with Windows 10
Barcoding, Inc.
 
Winning Experiences: Delivering Better Solutions through Outcome-Driven Design
Winning Experiences: Delivering Better Solutions through Outcome-Driven DesignWinning Experiences: Delivering Better Solutions through Outcome-Driven Design
Winning Experiences: Delivering Better Solutions through Outcome-Driven Design
Barcoding, Inc.
 
Driver Productivity: Where the Rubber Meets the Road
Driver Productivity: Where the Rubber Meets the RoadDriver Productivity: Where the Rubber Meets the Road
Driver Productivity: Where the Rubber Meets the Road
Barcoding, Inc.
 
Post Windows Mobile: New Application Development Platforms
Post Windows Mobile: New Application Development PlatformsPost Windows Mobile: New Application Development Platforms
Post Windows Mobile: New Application Development Platforms
Barcoding, Inc.
 
The Key Challenges in Implementing Enterprise Asset Management Systems
The Key Challenges in Implementing Enterprise Asset Management SystemsThe Key Challenges in Implementing Enterprise Asset Management Systems
The Key Challenges in Implementing Enterprise Asset Management Systems
Barcoding, Inc.
 
Mobility Analytics — Uncovering the Root Causes that are Limiting Your Mobile...
Mobility Analytics — Uncovering the Root Causes that are Limiting Your Mobile...Mobility Analytics — Uncovering the Root Causes that are Limiting Your Mobile...
Mobility Analytics — Uncovering the Root Causes that are Limiting Your Mobile...
Barcoding, Inc.
 
The IoT Advantage
The IoT AdvantageThe IoT Advantage
The IoT Advantage
Barcoding, Inc.
 
Continuous Improvement Program Workshop
Continuous Improvement Program WorkshopContinuous Improvement Program Workshop
Continuous Improvement Program Workshop
Barcoding, Inc.
 
CFO Perspective: Best Practices for Technology Deployment, Adoption and Reten...
CFO Perspective: Best Practices for Technology Deployment, Adoption and Reten...CFO Perspective: Best Practices for Technology Deployment, Adoption and Reten...
CFO Perspective: Best Practices for Technology Deployment, Adoption and Reten...
Barcoding, Inc.
 
Automating Transportation and Logistics
Automating Transportation and LogisticsAutomating Transportation and Logistics
Automating Transportation and Logistics
Barcoding, Inc.
 
Traceability in Manufacturing
Traceability in Manufacturing Traceability in Manufacturing
Traceability in Manufacturing Barcoding, Inc.
 
No Barcodes? No Problem!
No Barcodes? No Problem!No Barcodes? No Problem!
No Barcodes? No Problem!
Barcoding, Inc.
 
Improving Patient Care and Safety with Mobile Technology
Improving Patient Care and Safety with Mobile TechnologyImproving Patient Care and Safety with Mobile Technology
Improving Patient Care and Safety with Mobile Technology
Barcoding, Inc.
 
Automated Data Capture in Distribution
Automated Data Capture in Distribution Automated Data Capture in Distribution
Automated Data Capture in Distribution
Barcoding, Inc.
 
It's Not Just a Label
It's Not Just a LabelIt's Not Just a Label
It's Not Just a Label
Barcoding, Inc.
 
The Essential BYOD Handbook
The Essential BYOD HandbookThe Essential BYOD Handbook
The Essential BYOD Handbook
Barcoding, Inc.
 
5 Biggest Mistakes in Food Traceability
5 Biggest Mistakes in Food Traceability 5 Biggest Mistakes in Food Traceability
5 Biggest Mistakes in Food Traceability
Barcoding, Inc.
 
How to Evaluate and Implement RFID Technology
How to Evaluate and Implement RFID TechnologyHow to Evaluate and Implement RFID Technology
How to Evaluate and Implement RFID Technology
Barcoding, Inc.
 
Mobile, Wearables, Big Data and A Strategy to Move Forward (with NTT Data Ent...
Mobile, Wearables, Big Data and A Strategy to Move Forward (with NTT Data Ent...Mobile, Wearables, Big Data and A Strategy to Move Forward (with NTT Data Ent...
Mobile, Wearables, Big Data and A Strategy to Move Forward (with NTT Data Ent...
Barcoding, Inc.
 

More from Barcoding, Inc. (20)

Keynote Session: A Crooked Yardstick—a Better Way to Measure Winning and Mana...
Keynote Session: A Crooked Yardstick—a Better Way to Measure Winning and Mana...Keynote Session: A Crooked Yardstick—a Better Way to Measure Winning and Mana...
Keynote Session: A Crooked Yardstick—a Better Way to Measure Winning and Mana...
 
Microsoft Handheld Strategy with Windows 10
Microsoft Handheld Strategy with Windows 10Microsoft Handheld Strategy with Windows 10
Microsoft Handheld Strategy with Windows 10
 
Winning Experiences: Delivering Better Solutions through Outcome-Driven Design
Winning Experiences: Delivering Better Solutions through Outcome-Driven DesignWinning Experiences: Delivering Better Solutions through Outcome-Driven Design
Winning Experiences: Delivering Better Solutions through Outcome-Driven Design
 
Driver Productivity: Where the Rubber Meets the Road
Driver Productivity: Where the Rubber Meets the RoadDriver Productivity: Where the Rubber Meets the Road
Driver Productivity: Where the Rubber Meets the Road
 
Post Windows Mobile: New Application Development Platforms
Post Windows Mobile: New Application Development PlatformsPost Windows Mobile: New Application Development Platforms
Post Windows Mobile: New Application Development Platforms
 
The Key Challenges in Implementing Enterprise Asset Management Systems
The Key Challenges in Implementing Enterprise Asset Management SystemsThe Key Challenges in Implementing Enterprise Asset Management Systems
The Key Challenges in Implementing Enterprise Asset Management Systems
 
Mobility Analytics — Uncovering the Root Causes that are Limiting Your Mobile...
Mobility Analytics — Uncovering the Root Causes that are Limiting Your Mobile...Mobility Analytics — Uncovering the Root Causes that are Limiting Your Mobile...
Mobility Analytics — Uncovering the Root Causes that are Limiting Your Mobile...
 
The IoT Advantage
The IoT AdvantageThe IoT Advantage
The IoT Advantage
 
Continuous Improvement Program Workshop
Continuous Improvement Program WorkshopContinuous Improvement Program Workshop
Continuous Improvement Program Workshop
 
CFO Perspective: Best Practices for Technology Deployment, Adoption and Reten...
CFO Perspective: Best Practices for Technology Deployment, Adoption and Reten...CFO Perspective: Best Practices for Technology Deployment, Adoption and Reten...
CFO Perspective: Best Practices for Technology Deployment, Adoption and Reten...
 
Automating Transportation and Logistics
Automating Transportation and LogisticsAutomating Transportation and Logistics
Automating Transportation and Logistics
 
Traceability in Manufacturing
Traceability in Manufacturing Traceability in Manufacturing
Traceability in Manufacturing
 
No Barcodes? No Problem!
No Barcodes? No Problem!No Barcodes? No Problem!
No Barcodes? No Problem!
 
Improving Patient Care and Safety with Mobile Technology
Improving Patient Care and Safety with Mobile TechnologyImproving Patient Care and Safety with Mobile Technology
Improving Patient Care and Safety with Mobile Technology
 
Automated Data Capture in Distribution
Automated Data Capture in Distribution Automated Data Capture in Distribution
Automated Data Capture in Distribution
 
It's Not Just a Label
It's Not Just a LabelIt's Not Just a Label
It's Not Just a Label
 
The Essential BYOD Handbook
The Essential BYOD HandbookThe Essential BYOD Handbook
The Essential BYOD Handbook
 
5 Biggest Mistakes in Food Traceability
5 Biggest Mistakes in Food Traceability 5 Biggest Mistakes in Food Traceability
5 Biggest Mistakes in Food Traceability
 
How to Evaluate and Implement RFID Technology
How to Evaluate and Implement RFID TechnologyHow to Evaluate and Implement RFID Technology
How to Evaluate and Implement RFID Technology
 
Mobile, Wearables, Big Data and A Strategy to Move Forward (with NTT Data Ent...
Mobile, Wearables, Big Data and A Strategy to Move Forward (with NTT Data Ent...Mobile, Wearables, Big Data and A Strategy to Move Forward (with NTT Data Ent...
Mobile, Wearables, Big Data and A Strategy to Move Forward (with NTT Data Ent...
 

Recently uploaded

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 

Recently uploaded (20)

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 

Security Architecture for Small Branch and IoT

  • 1. Parallel networking and IoT Kent Woodruff, CSO, Cradlepoint
  • 2. Internet / Private Network The Monolithic Network Server Employee Tablet Back Office Customer Area Equip Room Customer Smartphone Corporate Applications and Data Center (Cloud-based ) Network Admin Customer Marketing Security Mgmt Store Operations Primary Network (WAN) Typically T1, DSL or Cable Failover Connection 4G-LTE as a backup WAN connection 4G-LTE
  • 7. The Result and Impact • The Industry Experts’ Analysis – They passed its PCI Compliance audit in September – They may have not done enough to wall off its payment systems from the rest of its vast network people who work with large corporate networks said. – The company has since moved to isolate its different platforms and networks to make it harder for a hacker to move between them an executive said. – So-called segmentation issues, where computer systems that shouldn't be connected for security reasons are in fact linked, are a problem at a number of retailers a person familiar with retail breaches said. – There shouldn't have been a route between a network for an outside contractor and the one for payment data people familiar with large corporate networks said. Source:
  • 11. Internet / Private Network The Monolithic Network Server Employee Tablet Back Office Customer Area Equip Room Customer Smartphone Corporate Applications and Data Center (Cloud-based ) Network Admin Customer Marketing Security Mgmt Store Operations Primary Network (WAN) Typically T1, DSL or Cable Failover Connection 4G-LTE as a backup WAN connection 4G-LTE
  • 12. Solution: Parallel Networking Physically separate networks for 3rd parties and non-core applications Kiosk Network 4G LTE 4G LTE Digital Signage Network HVAC System Network 4G LTE Customer WiFi Network 4G LTE Employee Network 4G LTE 4G LTE Energy Mgmt Network Point-of-Sale Device Network 4G LTE 4G LTE 4G LTE Security System Network Store within a Store Network 4G LTE Internet / Private Network Solution Overview  Cloud-managed IoT/M2M routers dedicated to a single use  Typically used by 3rd-parties for BYON (BringYour Own Network)  Creates physically separate networks for increased security Benefits  Increases PCI Compliance by reducing scope of network – PCI Auditors must evaluate everything in the Cardholder Data Environment (CDI) – Removing usage from the CDI such as customer WiFi, digital signage, 3rd=parties, etc reduces scope, increases PCI compliance, and reduces security risk. – Dedicated networks for POS devices (checkout, kiosk, etc) have fewer security risks  Eliminates 3rd-party dependencies on branch/store network – 3rd-parties include kiosks, store-within-a-store, digital signage, security, HVAC, energy mgmt – 4G-LTE enables network connectivity with no wires to install or manage – 3rd-parties prefer to homogeneous networks for control, consistency and manageability  Security through Separation – Eliminates the opportunity for thieves to hack into the network and launch a “pivot attack” – Network segmentation that is “logical” rather than “physical” is prone to misconfiguration – The Target breach highlights the susceptibility of monolithic networks to a pivot attack.  Enables Offload of Non-Core Traffic from the Private Network – Eliminates the opportunity for thieves to hack into the network and launch a “pivot attack” – Network segmentation that is “logical” rather than “physical” is prone to misconfiguration
  • 13. In-Vehicle Networks • The Connected Bus Trends Driving In-Vehicle Networks • Mobility (Access & Deployment) • Pervasiveness of Affordable, High Bandwidth, 4G LTE • Cloud-basedApplications • Big Data CCTV Cameras for Security Internal Digital Signage Passenger WiFi Credit Card Processor Connected Exterior Digital Signage Bus DriverTablet
  • 14. …and if you don’t segment?
  • 15.
  • 16.
  • 17.
  • 18.
  • 19. DEMOs • Reverse Engineering CANbus • Searching for easy IoT targets • Spoofing email