Despite a growing media concern, many organisations continue to underestimate the potential security issues lurking in IP enabled ‘dumb devices’ such as printers, CCTV cameras, smart meters or even TVs. In this blog we would like to explain how the ability to ‘fingerprint’ devices as part of a Network Access Control (NAC) security solution – is vital for identifying and monitoring these new devices on our networks.
The current state of enterprise networks
Moderns network have grown tremendously in size and as they do, they have become more complex and increasingly difficult to manage. This led many organisations to turn to NAC as a solution to keep an eye on the many devices and users connecting to their networks. NAC platforms were developed to provide organisations with the ability to authenticate users, and their devices, as they attempted to connect to the network while ensuring they were compliant and trusted.
As the technology landscape has evolved, we seen a rise of non-traditional devices now connecting to the network, referred to as ‘dumb devices’. The traditional NAC solutions were (and most still are) unable to handle this new area of the network, which has opened the door for new threats to gain a foothold. This has been reflected in consistent downwards trend in Google for the search term ‘Network Access Control’ since 2010, yet new terms like ‘IoT security’, ‘BYOD’ and ‘Ransomware’ have been on steep climb during the same period.
The rise of uncontrolled devices
Referred to as ‘dumb devices’, these non-traditional endpoints have been notoriously difficult to identify and monitor adequately as they can’t be controlled. This creates a lack of true visibility of everything within the network, as these devices can float around the network without being detected, bypassing security controls and gaining unauthorized access to critical assets. A network in this situation is now not compliant with security regulations such as the industry valued ISO27001 certification.
How fingerprinting is vital for true security
Endpoint ‘fingerprinting’ is an innovative way around this modern problem. With ‘fingerprinting’ technology, organisations have a greater ability to discover, identify and monitor every device connecting to the network, including the ‘dumb devices’. With a platform, such as Rebasoft, each device connected to the network will be ‘fingerprinted’, by collecting their IP and MAC addresses and compares this information with authentication systems such as LDAP to determine the device identity and location.
Once the device has been ‘fingerprinted’ – we can monitor their behaviour throughout the network to constantly decrease the risk of unauthorized access and to highlight changes to the device. If, for example, a device is removed and another one is connected to the same port instead – this type of change will create an alert and if required – a shutdown of the port can be automatically initiated.
Endpoint ‘fingerprinting’ has become an absolute requirement for any enterprise security platform, yet too few have adopted it. With Rebasoft, ‘fingerprinting’ technology is just one of many new innovations used within our unified security solution. For more information on how our security platform could protect your organisation, please get in touch with us.