In recent years, the number and variety of devices and systems that are connected to a network in some way is rapidly and continuously growing.
While laptops, printers, smartphones and tablets are among the obvious devices connected to the network, home appliances, cars and TVs are just a few of the expanding number of “fringe” devices that now offer network capability. For example, if you’re running low on milk or eggs, your networked refrigerator can e-mail you a reminder. Similarly, your car might also alert you via text if one of your tires is low on air or if your brake pads are getting worn.
Known as the Internet of Things (IoT), this trend shows no signs of stopping or even slowing anytime soon. According to estimates by a number of research firms, there could be anywhere from 26 billion to more than 45 billion Internet-connected devices in service by 2020.
Naturally, this movement toward connecting more and more devices to networks brings tremendous convenience into our everyday lives. Beyond that, each device and system generates data, adding up to vast amounts of data that can be collected, stored and analyzed to generate a higher level of insight than has ever been available until now.
Unfortunately, convenience, access and data-driven intelligence also come at a cost… elevated risk levels. This presents a quandary for many organizations, which have a need and a duty to protect personal and sensitive data stored on and transmitted across their networks from hackers and others while also enabling their employees to perform their duties as efficiently as possible.
The ability of networked and integrated systems to share information makes them gateways for potentially sensitive information, such as HR files, financials, intellectual property and more. Computers and servers are the most obvious targets for hackers and other cybercriminals, but thanks to the IoT, they are by no means the only options. Every networked device can serve as a potential entry point which hackers and other cybercriminals can exploit to gain access to other systems and devices—and the sensitive data stored on them—connected to that same network. With information from multiple systems becoming so closely intertwined with overall operations, this is a very real—and very scary—possibility for end users of all types.
One notable example of this risk is the high-profile data breach that the retail chain Target experienced in 2014. In that instance, hackers were able to breach and gain access to the corporate network using stolen credentials that had been issued to a third-party service provider for remotely monitoring the HVAC system at a number of Target stores.
The ever-increasing number of these entry points that hackers can now access in their never-ending attempts to breach networks makes securing networks and data critical today. However, some devices and systems are more vulnerable than others; a network in general is only as secure as its least secure connected device. Any hacker who is able to access these systems could potentially cause significant problems related to financial information, security and much, much more with a single breach.
The harsh reality is that cyberattacks have become a constant threat, with hackers continually employing more sophisticated methods to circumvent network security. Therefore, it is critical that all networked devices and systems incorporate data encryption. Given that hackers are constantly upping their game to overcome the latest security measures, there is always a chance that they will be able to access the network. Data encryption provides the highest level of security by translating data into a new, more secure format. This ensures that even if someone is able to breach the network, the data it contains will still be protected.
Augmenting data encryption with a firewall allows only certain people to access the network through specific access points or “doorways.” This helps maintain network security without having too much of a negative impact on the convenience factor users have come to rely on so heavily.
These measures are particularly important with networked security systems, which surprisingly are often overlooked in the data protection process. One area within the security program which may not be considered is the use of physical keys. Despite rapid advances in video surveillance, access control and other security technologies, physical keys continue to play an important role in overall security for many organizations, and networked key management systems are the best solution to maintain security while providing information about usage. Beyond keys, these systems can also be used to store access cards, smartphones and other tools individuals need to perform their day-to-day jobs.
Designed to control usage and provide safekeeping of mechanical keys and other assets, networked key management systems authorize removal of these items only by users with pre-programmed PIN codes, access cards or biometrics. Key management systems with networking capability allow multiple systems to be connected to enable increased management, control and tracking capabilities. These solutions also connect to the Internet to enable remote monitoring and alerting via PCs, smartphones or tablets. Up-to-date usage reports can be scheduled and automatically generated and e-mailed to authorized recipients to provide a complete audit trail that can be used for investigation and to demonstrate compliance with regulations many organizations may be required to follow.
For heightened security and situational awareness, if a key or other asset contained within a cabinet is overdue for return the system will notify the appropriate parties via e-mail. Knowing exactly who removed the asset allows management and security personnel to quickly locate that individual and close a potential physical security breach by ensuring the asset is promptly returned. These and other remote management capabilities further enhance the effectiveness of networked key management solutions.
Many vendors have formed partnerships with security solutions providers, enabling integration between networked key management systems and access control systems. This lets users more efficiently manage system configurations for access, storage, key tracking and other applications through their access control systems. This is a big plus for security personnel, who are often tasked with managing and monitoring multiple systems simultaneously.
Organizations can mitigate many of the risks associated with networked key management and additional Internet-connected devices and systems with robust authentication methods. In today’s world, data is generated and stored everywhere, and the growth of mobile technology means many connected devices are not located behind a firewall. As a result, a lot of data cannot be protected by traditional network-centric solutions. Network security in the IoT age will continue to require the development of different strategies, tools, technologies and approaches from those commonly used today.
Because the main function of security is to protect people, places and assets, it is imperative to ensure the security of data generated and shared by key management and other security and non-security systems. This requires deploying an end-to-end “encrypt everything” strategy using the most robust and most appropriate technology available. This will ensure that data is protected at every endpoint, regardless of whether it is located behind a firewall or not. For example, rather than deploying solutions with encryption methods that are based on blocks or files, organizations should seek out solutions that perform real-time compression and encryption on data at the most basic byte level.
Encryption technologies must also be designed for the varying levels of sophistication of devices. In the mobile world, this is especially important with regard to processing power and battery life, both of which can be taxed with traditional encryption technologies. With these considerations in mind, organizations can raise their level of data protection while ensuring that user experience won’t be compromised by the slow performance associated with resource- and processor-intense methodologies.
Encrypting network traffic using a gateway device or system is another good way to ensure that data communicated across a network is secure. These solutions enable all data shared enterprise-wide is encrypted regardless of format, origin or protocol, reducing the complexity of data security.
In light of the ever-growing number and variety of networked devices being deployed today—and the differing levels of vulnerability associated with each—data security must be a chief concern for everyone. It may be difficult to understate the role encryption plays in protecting data generated by and stored in key management and other systems connected to both public and private networks. Deploying the most robust and most appropriate encryption across all networked devices will help to ensure the integrity of the sensitive data hackers constantly strive to access and steal.