IoT Hardware Asset Visibility

IoT Hardware Asset Visibility

Sepio IoT Hardware Asset Visibility, provides enterprises with full visibility to whatever is connected and uncovers hidden hardware attacks.

Just a few years ago the Internet of Things (IoT) was a buzzword that many people were talking about, but very few knew what it actually meant. Now, IoT is no longer a futuristic concept, but is a part of our everyday lives; sometimes without us even realizing it. In our personal lives IoT devices make many activities much easier to do. Our coffee machines can automatically prepare us a latte as soon as we wake up, we can control the temperature of our house from anywhere in the world, and we can switch off the lights without having to get up.

IoT in the workplace

IoT devices also provide advantages in the workplace. As a result, these devices are increasing in daily use. With them, organizations can work smarter. These devices can provide a real-time glimpse into the inner workings of the company’s systems by presenting information on machine performance and supply chain operations, for example. Additionally, IoT devices can reduce costs for an enterprise by automating processes, improving services, reducing waste and providing transparency into customer transactions.

For employees, IoT devices allow them to be connected anywhere at any time. Because of this, fewer devices are needed to carry out different tasks; personal devices can now be used for work purposes. This is especially beneficial when circumstances require remote work (i.e. when a global pandemic essentially causes the entire world to shut down).

Is your office coffee machine an everyday cyber risk?

Thanks to its many advantages, almost all organizations are utilizing IoT devices in a number of ways to improve efficiency. However, as the name suggests, IoT devices require internet access in order to operate. This means an increased number of devices connected to an organization’s network. To an attacker, this is understood as more entry points to exploit in a cyberattack. Some IoT devices might not even be considered a security threat. How could the super cool coffee machine in the office’s kitchen be an everyday cyber risk? Well, it is connected to the network and that is all a bad actor needs to cause substantial damage.

IoT Hardware Asset Visibility

Using IoT devices out of office does not alleviate the risk; in fact, it only proliferates it. COVID-19 has meant many employees are working remotely and this often means using personal devices to do so. This emphasized BYOD effect provides perpetrators with an easier way of gaining access to an organization’s network. This is due to the fact there are not only more devices being used, but these devices often have insufficient security measures to detect – let alone prevent – an attack. Additionally, working remotely can allow employees to work over public Wi-Fi hotspots which can be manipulated to provide bad actors with network access.

With the increasing use of IoT devices, organizations are having a difficult time keeping up with what devices are connected to its infrastructure. This is extremely dangerous from a cybersecurity aspect as it increases the chances of a successful hardware attack.

Sepio’s solution

Sepio’s solution provides enterprises with full visibility to whatever is connected to the infrastructure and uncovers hidden hardware attacks operating over network and USB interfaces.

As the only company in the world to undertake Physical Layer fingerprinting, Sepio’s solution identifies, detects and handles all peripherals. No device goes unmanaged. With this total visibility, a stronger cybersecurity posture is achieved. There is no longer a need to rely on manual reporting. Legacy inventory reports and employee compliance to determine if there is a vulnerable device installed by a malicious actor. Sepio Systems now provides answers to questions such as:

–        Do we have an implant or spoofed device in our network?

–        How many IoT devices do we have?

–        Who are the top 5 vendors for devices found in our network?

–        Where are the most vulnerable switches in our network?

Having visibility across all IT assets provides the organization with a more comprehensive cybersecurity defense and can greatly reduce the risk of a hardware attack being successful.

 

Sepio platform uses a novel algorithm, a combination of physical layer fingerprinting module coupled with a Machine Learning module – providing the sought-after visibility and enforcement level, it is further augmented by a threat intelligence database – ensuring a lower risk hardware infrastructure.

Hardware Assets Control solution for iot security

Sepio Hardware Access Control HAC-1, provides 100% hardware device visibility.

HAC-1 enables Hardware Access Control by setting rules based on the devices characteristics.

HAC-1 instantly detects any devices which breach the set rules and automatically block them to prevent malicious attacks.

The idea is to Verify and then Trust that those assets are what they say they are.

With greater visibility, the zero-trust architecture can grant access decisions with complete information.

Thus, enhancing the enterprise’s protection within, and outside of, its traditional perimeters.

The Hardware Access Control capabilities of HAC-1, block Rogue Devices as soon as they are detected

Our HAC-1 solution stops an attack at the first instance, not even allowing such devices to make network access requests.

Sepio Hardware Access Control HAC-1 provides 100% hardware device visibility. No device goes unmanaged. Rogue Devices are block as soon as they are detected. HAC-1 solution stops an attack at the first instance, not even allowing such devices to make network access requests.

Physical Layer Fingerprinting

Sepio is the only company in the world to undertake Physical Layer fingerprinting . HAC-1 detects and handles all peripherals; no device goes unmanaged.

With this total visibility, a stronger cyber security posture is achieved. There is no longer needed to rely on manual reporting or employee compliance. Sepio manage security and provides answers to questions such as:

  • Do we have an implant or spoofed device in our network?
  • How many IoT devices do we have?
  • Who are the top 5 vendors for devices found in our network?
  • Where are the most vulnerable switches in our network?

Having visibility across all hardware assets provides a more comprehensive cyber security defense.

Reduce the risk of a hardware attack being successful and our private health data being stolen.

Founded in 2016 by cybersecurity industry veterans from the Israeli Intelligence community, Sepio’s HAC-1 is the first hardware access control platform that provides visibility, control, and mitigation to zero trust, insider threat, BYOD, IT, OT and IoT security programs.

Sepio’s Technology

Sepio’s hardware fingerprinting technology discovers all managed, unmanaged and hidden devices that are otherwise invisible to all other security tools.

Sepio is a strategic partner of Munich Re, the world’s largest re-insurance company, and Merlin Cyber, a leading cybersecurity federal solution provider.

Heavy spending on cybersecurity should bring a high return on investment, yet gaps in visibility limit this. Sepio Hardware Access Control (HAC-1) solution provides a panacea to gaps in device visibility to ensure you are getting the most out of your cybersecurity investments.

HAC-1 integrates with existing solutions, such as NAC, EPS, SIEM and SOAR, to enhance the organization’s cybersecurity posture. HAC-1’s deep visibility capabilities mean no device goes unmanaged; the solution identifies, detects, and handles all IT/OT/IoT devices.

Moreover, HAC-1’s policy enforcement mechanism and Rogue Device Mitigation capabilities instantly block any unapproved or rogue hardware. In doing so, ultimately, HAC-1 enables a Zero Trust Hardware Access approach which stops attackers at the first line of defense.

Sepio supporting compliance

Sepio Systems’ Hardware Access Control (HAC-1) solution provides entities with the Physical Layer coverage they need to obtain complete device visibility. And, in doing so, also provides protection against hardware-based attacks.

As the leader in Rogue Device Mitigation (RDM), Sepio’s solution identifies, detects and handles all peripherals; no device goes unmanaged.

HAC-1 fingerprinting technology

HAC-1 uses Physical Layer fingerprinting technology and Machine Learning to calculate a digital fingerprint from the electrical characteristics of all devices and compares them against known fingerprints.

In doing so, HAC-1 is able to provide organizations with ultimate device visibility and detect vulnerable devices and switches within the infrastructure.

In addition to the deep visibility layer, a comprehensive policy enforcement mechanism recommends on best practice policy and allows the administrator to define a strict, or more granular, set of rules for the system to enforce.

When a device breaches the pre-set policy, HAC-1 automatically instigates a mitigation process that instantly blocks unapproved or Rogue hardware.

Furthermore, HAC-1’s RDM capabilities support compliance with Section 8 of the EO, which concerns the government’s investigative and remediation capabilities. Section 8 focuses on enhancing data collection efforts in order to improve the investigation and remediation processes following an incident. HAC-1 logs all hardware asset information and usage and maintains such data for a period defined by the system administrator.

Leave a Reply