IoT Security: Data Insights

Summary:

This document outlines the implications of the Internet of Things (IoT) for data security, emphasizing the importance of various components such as visualization tools, an open ecosystem, IoT cloud/platforms, ubiquitous communication technology, edge computing units, and advanced analytics like big-data and machine learning. Key risks in IoT security include rogue endpoints, compromised devices, man-in-the-middle attacks, denial-of-service (DoS) attacks, vulnerabilities in web applications and APIs, and targeted attacks. To address these risks, HPE Security offers a suite of solutions including ArcSight for Security Intelligence and Visualization, Fortify for Application Security, Voltage Secure Data for data security, and Aruba for Communication Security. These tools aim to provide secure IoT application lifecycle management and protect data across various environments.

Details:

The presentation discusses the Internet of Things (IoT), focusing on its implications for data security. IoT involves connected devices, systems, and "things" that can collect and transmit data, potentially generating new insights in various fields such as business, engineering, and scientific research. Gartner estimates that by 2020, there will be 26 billion connected devices globally, while IDC predicts that IoT data will make up 10% of the world's total data by the same year. The main components of IoT security include: applications for visualization and performance indicator display; an open ecosystem for partners and suppliers; IoT cloud/platform for operations and control of infrastructure, central data storage, and advanced analytics including big-data and machine learning; ubiquitous, reliable, and secure communication technology across all endpoints and edge devices; and edge computing units that translate OT protocols to IT ones, process data locally, and connect directly or via an intermediary device. Key risks in IoT security include rogue endpoints/edge devices, compromised endpoints/edge devices, man-in-the-middle attacks, denial-of-service attacks (DoS), vulnerabilities in web applications and APIs, and targeted attacks. Security measures must be implemented to protect against these threats, including using HPE's ArcSight for security intelligence, Fortify for application security, Voltage or Atalla for data security, and Aruba for communication security solutions. The summarized text provides an overview of the various security solutions provided by Hewlett Packard Enterprise (HPE) under its brand HPE Security, including ArcSight for Security Intelligence and Visualization, Fortify for Application Security which covers Static Application Secuirty Testing, Dynamic Application Security Testing, Real-time Application Self Protection (RASP), Voltage Secure Data for End-to-End data protection through de-identification methods like Stateless Tokenization and Format Preserving Encryption, Atalla Enterprise Secure Key Management System (ESKM) for Public Key Infrastructure, Aruba for Communication Security including Authentication, Authorization, Firewalling, VPN among others, HPE ADM (Application Delivery Management), HPE ITOM (IT Operations Management). These solutions aim to provide a secure IoT Application Lifecycle and protect data on-premise, cloud, big data environments as well as in creation, transition, rest, or access.