New tech startup looks to finally solve the IoT security problem

Although enterprises around the world have been implementing internet of things technologies at a rapid pace, the issue of endpoint security remains a significant pain point for future deployments. A survey of over 500 IoT developers found that modern connected devices possess a variety of vulnerabilities that concern experts, with 31% of respondents pointing to software or firmware as the greatest trouble spot for their organizations, according to Evans Data Corporation. The survey also discovered that developers are increasingly anxious about exposing data to mobile clients, transmitting sensitive information through networks and clouds, and maintaining the physical security of their IoT devices.

Network and system administrators have had to employ a number of disparate security mechanisms to keep up with the evolving threat landscape, including context-aware access controls, real-time analytics, endpoint vulnerability detection and more. While these cybersecurity measures have helped organizations shore up their defenses, there is still a lot of room for improvement. According to a Spiceworks survey of 440 IT professionals, 53% of respondents feel wearable devices represent the most likely source of security breaches among the IoT technologies connected to their networks. This poses a real challenge for organizations using traditional endpoint administration platforms that were not designed to manage this type of connected device. But a new tech startup is hoping to solve the IoT security problem by offering an intelligent, unified solution.

Vdoo raises $32 million to accelerate IoT security development
Vdoo, an Israel-based IoT security startup, closed out its series B financing campaign in late April, having raised $32 million toward its ongoing endpoint development efforts, VentureBeat reported. The company offers an integrated suite of automated security tools for connected devices, which were built using proprietary data from over 70 million embedded systems. This has allowed Vdoo to resolve close to 150 zero-day exploits and more than 100,000 security vulnerabilities over the past 18 months, many of which were present in edge devices, such as:

• Office printers
• Smart TVs
• NAS servers
• VoIP gateways
• Conference extensions
• Fire alarms

While the company largely analyzes devices that lack basic security protocols (boot process integrity, traffic encryption, etc.), its extensive suite of offerings also contains advanced protection systems for desktop computers, laptops and mobile phones. Four of the startup's most dynamic products include:

• Vision: Analyzes the firmware on every IoT device connected to a target network, identifying threats and calculating their possible impact. Vision also creates detailed security outlines that offer step-by-step recommendations for resolving zero-day exploits and backdoors.

• Quicksand: Creates and manages convincing honeypots designed to coax would-be hackers away from an organization's core system and network infrastructure. Quicksand can be deployed as a single bot that mitigates low-level attacks or a series of bots to offset more sophisticated access attempts.

• Whistler: Provides real-time alerts when new exploits and vulnerabilities are detected, improving IT personnel response times through predictive analytics. Whistler also sends out comprehensive instructions to ensure security threats are quickly patched.

• CertIoT: Distributes third-party device certification to protect against runtime exploits and malware executions. CertIoT utilizes a digital security stamp and an embedded runtime agent to quickly respond to breaches and unauthorized access before harmful code can be injected.

Endpoint security solutions must be able to assess threats on the micro and macro levels.

Vdoo's products are designed to work in tandem within enterprise security systems, but customers are able to integrate specific offerings into existing network infrastructures. While this does allow for greater customization, an organization's overall endpoint security plan is best served by deploying the entire suite across all systems and access points.

"Big businesses, standardization bodies, regulators and cyber insurers all understand that it's time for a change and that security for the connected environment is essential," said Netanel Davidi, co-CEO and co-founder of Vdoo, in an interview with VentureBeat. "The funding will enable us to accelerate market education by working closely with these bodies to make a significant change in approach to embedded-devices security."

IoT security starts with reliable networking tools
Security software plays an essential role in IoT-centric environments, but data center infrastructure is often the last line of defense. For example, companies that connect their business-critical devices to Ethernet LANs using an RS232, RS422 or RS485 serial interface rely on robust terminal servers to manage the flow of data across their IP networks. Using a low-end terminal server can leave IT administrators unable to consistently authenticate serial communications and unaware of potential network flaws.

Perle offers high-performance connectivity equipment that keeps enterprise and industrial environments running at maximum efficiency. Our industrial-grade hardware ensures your device data flows unimpeded, which makes it easier for IoT security software to identify irregularities and potential threats.  Read some of our customer stories to find out how we've helped other organizations streamline their endpoint capabilities.