Grounded in the Cloud
cancel
Showing results for 
Search instead for 
Did you mean: 

Mass Industrialization of IoT Requires Embracing—Not Fearing—Risk

bpatrick001

We are only at the dawn of the explosion of connected, intelligent devices, dubbed the Internet of Things. Low cost, dynamically programmable sensors are popping up everywhere, doing things like safeguarding the entire food and beverage supply chain with real-time tracking and environmental control, enhancing provider-patient relationships with pertinent, up-to-the-minute health records, and protecting our troops on the battlefield with predictive insights.

Aerial drones will redefine the home, from inspection to surveillance, and bring real-time video and analysis not just to a packed 80,000 person stadium but to your son or daughter’s regional travel soccer tournament too.

When Ransomware gets Personal

The excitement will come to a quick halt when news spreads revealing hackers taking control of a personal drone or hackers spying on a homeowner through their own wireless cameras (of course, this is already happening with drones and cameras). While still relatively nascent today, threats from ransomware will escalate to a whole new and personal level (this is also happening: Hollywood hospital example from earlier this week).

Advanced persistent threats from nation-state cyber threats will take on a whole new risk, evolving from primarily theft of intellectual property and personally identifiable data, to hijacking personal, industrial, and military devices with malware that is dormant until reprogrammed with shockingly sophisticated choreography.

A no-finger pointing clause required

The challenge is not simply the responsibility of the end-user, the software on the edge device, the security of a variety of mobile networks, or the computing and storage that work together to turn the edge device into edge intelligence or interactive entertainment. To be truly secure, there can be no finger pointing. The answer is not as simple as to make a Snapchat or Cyberdust message disappear.

A single ecosystem of devices, network, mobility and cloud must work together to protect this new distributed reality.

Protected to Innovate

At the core, the cloud needs to be built to match its inherent economics and availability benefits with end-to-end data-centric security and proactive visibility, coordination and control. It must associate and segment carefully users (including privileged users), applications, and data. Security and policy frameworks must be common and complied throughout.

HPE End-to-End Security POV for IoTHPE End-to-End Security POV for IoT

 

Since Hewlett-Packard split into two companies last November, Hewlett Packard Enterprise (HPE) has recognized its imperative to ensure customers are protected to innovate. Our job is to be the IoT partner that can help customers embrace the risk by designing, delivering and securing end-to-end.

For many enterprises and government organizations, securing a hybrid infrastructure spanning private and public clouds and extending to the edge, will require a secure, private cloud, like HPE Helion CloudSystem built on a hardened configuration of OpenStack and Cloud Foundry, working in careful coordination with select public clouds. It will include a variety of defensive technologies delivered end-to-end, such as Identity-based and Format-Preserving encryption, and state-less security tokenization and key management. It must include responsive and preventive tools, such as HPE’s Correlation Optimized Retention and Retrieval (CORR) technology delivered with HPE Arcsight, to detect and correlate more incidents and address higher volumes of data faster. All of this must smartly integrate with ingest/sensor/connectivity security at the edge.

Of course, there is also a shared responsibility that must be well choreographed. For example, HPE develops products and services with security features built-in, while our customers and partners are responsible for defining and implementing security policies and managing security from within the cloud, performing functions such as application control, data protection and access management. The is where our army of security professionals, trainers and managed security services can mitigate and even offload these functions when appropriate.

As people become more aware of the risks, security will become the selling point. Gearing up for RSA Conference 2016, we will demonstrate HPE’s comprehensive view of cloud security from the core to the edge.

Here is to hoping intelligent devices flourish fast without the fear. Stay tuned.

Bobby

  • HPE Cloud
0 Kudos
About the Author

bpatrick001

Events
28-30 November
Madrid, Spain
Discover 2017 Madrid
Join us for Hewlett Packard Enterprise Discover 2017 Madrid, taking place 28-30 November at the Feria de Madrid Convention Center
Read more
See posts for dates
Online
HPE Webinars - 2017
Find out about this year's live broadcasts and on-demand webinars.
Read more
View all