Story image

Cradlepoint debunks common connectivity and security myths

12 Mar 2019

Article by Cradlepoint chief security officer Todd Kelly

Data breaches continue to grow in size and frequency.

Most days there is a breach, hack or leak in the news, compromising sensitive data. Because of this escalation, cybersecurity has become a serious concern for businesses and consumers as they fight to keep their information safe.

After all, not only does a cyber attack have the potential to leak customer credentials, it could also cost businesses millions of dollars and valuable time.

Experts now predict cybercrime damages will reach $6 trillion by 2021 and a single breach can cost a business as much as $4 million.

Many misconceptions have arisen, causing businesses to fear adopting new technologies.

However, by not opening up to innovative technologies, businesses’ growth can be stifled.

When it comes to security and connectivity, here are some pervasive myths that need to be debunked.

Myth 1: Businesses cannot run on 4G wireless technology

LTE, commonly known as 4G, is helping businesses achieve ‘always on’ network connectivity. 

The technologies built into the LTE networking standard allow mobile network operators to get more capacity out of the same resource, which means the network can handle more traffic and achieve faster speeds and provide quality of service capabilities.

Since the launch of 4G, the reliability of faster networking has been transformative. 

With the latest innovations, businesses are no longer limited to fixed-line services.

The scale and speed offered by 4G mean that businesses can get on-site or temporary networks up and running incredibly quickly.

The reliability offered by these networks means companies can be assured of 24/7 connectivity from day one.

Aside from the security concerns of others compromising wireless technology, many businesses are worried that running all wireless for their business will cost too much. A lot of companies adopt voice over IP technology when voice over LTE could work faster and better.

In all actuality, there is more security around LTE than physical wires and cables.

In addition, there is a lot of security such as mutual authentication, encryption and private APNs built into the LTE networks to prevent customers data from being compromised.

Myth 2: The cloud means higher risk

There are certain industries such as public safety and energy that hold an anti-cloud sentiment.

Since there is information such as health and criminal records, personal addresses, names and more on their networks, there is a tremendous fear of being compromised and a much lower tolerance of risk.

A lack of knowledge about the cloud also inhibits executives from making the switch.

In reality, for these industries to remain competitive and adapt quickly, they have to embrace the cloud.

Even with sensitive information within their applications and networks, enterprises can use the cloud without a great deal of added risk.

By utilising a cloud manager for their network, businesses can monitor, configure and patch the entire network so that one person can manage the SD-WAN, IoT and 4G connectivity and keep the network secure.  

Myth 3: IoT results in increased vulnerabilities

The most common misconception surrounding security and connectivity for IoT devices is that the more IoT devices that you have, the less secure you are.

Some believe that if one device is compromised, there is nothing stopping the rest of the network from being in jeopardy.  

One of the best ways to prevent even one device from being breached on your network is through a combination of software-defined networking (SDN) and software-defined perimeter (SDP) technologies.

When combined with SDN, SDP makes it easy to connect people and things to applications and resources quickly and securely.

Multiple device types can be connected with SDPs, including Windows, Mac, Linux, iOS, Android and even Docker containers.

For unsupported devices, such as IoT sensors or security cameras, admins can connect the device to the perimeter network behind a router acting as an SDP Gateway.

This technique adds a layer of security to an IoT deployment, reducing the attack surface by integrating IoT devices into an enterprise network.  

Combining the above techniques and using LTE air-gapped connectivity prevents a compromised IoT device from infiltrating your core business information systems.

Businesses and consumers should adopt a zero-trust policy and assume that devices, users, networks and workloads can be compromised at any time, but trust the security measures deployed to produce those devices.

At the end of the day, the number one way that hackers can get in is through human error.

By practicing online safety habits such as never opening links from unknown sources, not plugging devices into networks you don’t know and keeping your passwords private, you greatly decrease your risk for attack.  

As organisations continue to fight hackers and data breaches on a more regular basis, all while seeking greater connectivity, the need for secure networks has become greater than ever before.

In an age of change, organisations need to be wary of the myths and misconceptions to ensure they utilise technologies to the best of their ability

ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.