The first rule of building a secure and feature-rich ecosystem is software management — push and pull software updates and software discovery through an app store mechanism from a trusted source.In the go-to-market IoT race, though, that often doesn’t happen. Many Internet of Things (IoT) product developers have ignored the traumatic early history of Microsoft Windows, Android and web platforms, and expoits of IoT devices — because software updates have not been designed in — are regularly reported.+ Also on Network World: How to improve IoT security +
Those earlier platforms have been hardened, updates have been automated, and the app discovery and installation have been made trustworthy. IoT developers need to follow their lead. To read this article in full or to leave a comment, please click here
One of the most attractive promises of IoT-powered connected cars is enhanced safety. Connected cars use the Internet of Things (IoT) to help avoid accidents and control a wide array of safety technologies, from anti-lock brakes to airbags.But according to security firm Trend Micro, these safety systems are even more vulnerable to hacking than was previously thought. In a blog post published last week, "The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard," the company publicized an effective, vendor-neutral hack that is “currently indefensible by modern car security technology.”To read this article in full or to leave a comment, please click here
Ransomware attacks are becoming more rampant now that criminals have learned they are an effective way to make money in a short amount of time. Attackers do not even need any programming skills to launch an attack because they can obtain code that is shared among the many hacker communities. There are even services that will collect the ransom via Bitcoin on behalf of the attackers and just require them to pay a commission. This all makes it more difficult for the authorities to identify an attacker.+ Also on Network World: Network vulnerability analysis 101: Free online training +
Many small and medium-size businesses pay ransoms because they do not backup their data and do not have any other options available to recover their data. They sometimes face the decision of either paying the ransom or being forced out of business. Also, hospitals that do not back up all their critical patient data and are not able to retrieve it in a timely manner will immediately pay the ransom because it is critical to access records of patients who require immediate care. It can become a life-or-death situation for someone in intensive care.To read this article in full Continue reading
Docker announced the first major update to its flagship Docker Enterprise Edition 17.06, with a clear eye to on-premises data centers and DevOps. Docker rolled out the rebranded Docker EE in March, based on what was previously known as the Docker Commercially Supported and Docker Datacenter products. With that launch, Docker added the ability to port legacy apps to containers without having to modify the code.The major new feature of this update — which seems to borrow from Microsoft’s year/month naming convention for Windows 10 updates — is support for IBM z Systems mainframes running Linux. Now containerized apps can be run on a mainframe, with all of the scale and uptime reliability it brings, and they run with no modifications necessary.To read this article in full or to leave a comment, please click here
The tsunami-sized trend to add intelligence with sensors and actuators and to connect devices, equipment and appliances to the internet poses safety, security and privacy risks.Proof comes from a recent meta-study titled The Internet of Hackable Things (pdf) from researchers at the Technical University of Denmark, Denmark; Orebro University, Sweden; and Innopolis University, Russian Federation—compiled from industry and academic research reports—that finds smart devices used in healthcare and smart homes and buildings pose daunting risks.The authors quantify the risks of Internet of Things (IoT) devices:To read this article in full or to leave a comment, please click here
As a free and open internet continues to come under assault by the FCC’s proposal to effectively end net neutrality, investors, programmers, and internet users of all stripes have vociferously voiced their support of the Internet of Things (IoT) and the open web that enables it. It appears those voices have been heard, as the U.S. Senate may be taking steps to secure the IoT's future.So, what exactly is the U.S. Senate up to, and how might its actions impact the health of the IoT? What are the specifics of the bill in question, and how might its text impact American’s everyday lives as they make use of the IoT?A hopeful IoT security bill
A new bipartisan bill published Tuesday by Sen. Mark Warner (D-Va.) and Sen. Cory Gardner (R-Colo.), the Internet of Things Cybersecurity Improvement Act of 2017, hopes to beef up America’s internet security. The bill highlights the enormous complexity of the IoT and the huge benefits it provides to the American economy, but it also notes the fragility and vulnerability of the system to outside attacks.To read this article in full or to leave a comment, please click here
As a free and open internet continues to come under assault by the FCC’s proposal to effectively end net neutrality, investors, programmers, and internet users of all stripes have vociferously voiced their support of the Internet of Things (IoT) and the open web that enables it. It appears those voices have been heard, as the U.S. Senate may be taking steps to secure the IoT's future.So, what exactly is the U.S. Senate up to, and how might its actions impact the health of the IoT? What are the specifics of the bill in question, and how might its text impact American’s everyday lives as they make use of the IoT?A hopeful IoT security bill
A new bipartisan bill published Tuesday by Sen. Mark Warner (D-Va.) and Sen. Cory Gardner (R-Colo.), the Internet of Things Cybersecurity Improvement Act of 2017, hopes to beef up America’s internet security. The bill highlights the enormous complexity of the IoT and the huge benefits it provides to the American economy, but it also notes the fragility and vulnerability of the system to outside attacks.To read this article in full or to leave a comment, please click here
Safely store massive amounts of photos, videos and music with this 4TB external drive from WD. It comes equipped with WD Backup software so you can automatically back up photos, videos, music and documents on your preferred schedule. And built-in 256-bit AES hardware encryption with WD Security software helps keep your content private and safe. The 4TB My Passport model is currently priced just $10 higher than its 3TB counterpart with this 31% off deal. See it now on Amazon.To read this article in full or to leave a comment, please click here
Safely store massive amounts of photos, videos and music with this 4TB external drive from WD. It comes equipped with WD Backup software so you can automatically back up photos, videos, music and documents on your preferred schedule. And built-in 256-bit AES hardware encryption with WD Security software helps keep your content private and safe. The 4TB My Passport model is currently priced just $10 higher than its 3TB counterpart with this 31% off deal. See it now on Amazon.To read this article in full or to leave a comment, please click here
In the real estate world, the mantra is location, location, location. In the network and server administration world, the mantra is visibility, visibility, visibility. If you don't know what your network and servers are doing at every second of the day, you're flying blind. Sooner or later, you're going to meet with disaster.Fortunately, many good tools, both commercial and open source, are available to shine much-needed light into your environment. Because good and free always beat good and costly, I've compiled a list of my favorite open source tools that prove their worth day in and day out in networks of any size. From network and server monitoring to trending, graphing, and even switch and router configuration backups, these utilities will see you through.To read this article in full or to leave a comment, please click here
"I am all about useful tools. One of my mottos is 'the right tool for the right job.'" –Martha StewartIf your "right job" involves wrangling computer networks and figuring out how to do digital things effectively and efficiently or diagnosing why digital things aren't working as they're supposed to, you've got your hands full. Not only does your job evolve incredibly quickly becoming evermore complex, but whatever tools you use need frequent updating and/or replacing to keep pace, and that's what we're here for; to help in your quest for the right tools.[ Don’t miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]
We've done several roundups of free network tools in the past, and since the last one, technology has, if anything, sped up even more. To help you keep up, we've compiled a new shortlist of seven of the most useful tools that you should add to your toolbox.To read this article in full, please click here
For decades, enterprises have relied on the public internet for business-critical SaaS applications and data traffic. The reason why is pretty simple: it’s cost-efficient, it’s easy to use and it’s already there. Compare that to the logistical, financial and implementation challenges of installing an alternative private network, and it’s clear why enterprises have been pretty content with the internet for their entire digital lives.But, it’s 2017. And, if there’s one thing clear about the public internet today, it’s that it no longer cuts it. Rampant DDoS attacks and other cyber threats posed by hackers, rogue employees and nation-states have not just revealed the security, reliability and transparency cracks in the public internet — they’ve blown them wide open.To read this article in full or to leave a comment, please click here
For decades, enterprises have relied on the public internet for business-critical SaaS applications and data traffic. The reason why is pretty simple: it’s cost-efficient, it’s easy to use and it’s already there. Compare that to the logistical, financial and implementation challenges of installing an alternative private network, and it’s clear why enterprises have been pretty content with the internet for their entire digital lives.But, it’s 2017. And, if there’s one thing clear about the public internet today, it’s that it no longer cuts it. Rampant DDoS attacks and other cyber threats posed by hackers, rogue employees and nation-states have not just revealed the security, reliability and transparency cracks in the public internet — they’ve blown them wide open.To read this article in full or to leave a comment, please click here
While the Internet of Things (IoT) has carved out a comfortable place for itself in today’s society and markets, many still fear that the interconnectivity-driven phenomenon is extraordinarily vulnerable to outside attacks. A number of U.S. Senators believe they may have a solution to the problem, and have put forward the Internet of Things Cybersecurity Improvement Act of 2017.What are the exact details of the text of the bill, and how does it intend to secure one of the most diverse and unregulated assets of the economy? What potential pitfalls stand in the bills way, and how much of a chance does it have of becoming law? An analysis of the IoT Act reveals that it’s a healthy step in the right direction, but it may not be enough.To read this article in full or to leave a comment, please click here
While the Internet of Things (IoT) has carved out a comfortable place for itself in today’s society and markets, many still fear that the interconnectivity-driven phenomenon is extraordinarily vulnerable to outside attacks. A number of U.S. Senators believe they may have a solution to the problem, and have put forward the Internet of Things Cybersecurity Improvement Act of 2017.What are the exact details of the text of the bill, and how does it intend to secure one of the most diverse and unregulated assets of the economy? What potential pitfalls stand in the bills way, and how much of a chance does it have of becoming law? An analysis of the IoT Act reveals that it’s a healthy step in the right direction, but it may not be enough.To read this article in full or to leave a comment, please click here
Apple's iOS has long had the reputation of being more secure than Android, but that may not necessarily be the case. Here's how to evaluate each side's claims about mobile security.
Apple's iOS has long had the reputation of being more secure than Android, but that may not necessarily be the case. Here's how to evaluate each side's claims about mobile security.
Wrapping up an SD-WAN workshop session with a client last week, I reflected on how rapidly the branch office WAN connectivity and management model is changing. Some great opportunities are emerging for enterprise IT teams that can materially impact how the network is designed, paid for and managed. Here are some thoughts:1. Public cloud is driving a lightweight edge security model
Most people agree that SD-WAN can facilitate service chaining, and a selective backhaul model is interesting to many enterprises that want to concentrate next-generation firewall services in larger locations. But with the rapid growth of distributed content in public cloud applications (even from Microsoft and Salesforce, who long resisted this trend that Google pioneered) it’s increasingly counterproductive to backhaul browsing traffic long distances from the end users. It reduces performance, and adds significant load at hubs on the network — not ideal when this can represent 80 percent or more of the traffic.To read this article in full or to leave a comment, please click here
Wrapping up an SD-WAN workshop session with a client last week, I reflected on how rapidly the branch office WAN connectivity and management model is changing. Some great opportunities are emerging for enterprise IT teams that can materially impact how the network is designed, paid for and managed. Here are some thoughts:1. Public cloud is driving a lightweight edge security model
Most people agree that SD-WAN can facilitate service chaining, and a selective backhaul model is interesting to many enterprises that want to concentrate next-generation firewall services in larger locations. But with the rapid growth of distributed content in public cloud applications (even from Microsoft and Salesforce, who long resisted this trend that Google pioneered) it’s increasingly counterproductive to backhaul browsing traffic long distances from the end users. It reduces performance, and adds significant load at hubs on the network — not ideal when this can represent 80 percent or more of the traffic.To read this article in full or to leave a comment, please click here