Cyber Physical Systems (CPS) And BYOD Security

Cyber Physical Systems (CPS) 

Technology has changed the world radically. But, to date, the world hasn’t changed as fast as technology to. There are a couple of concepts that are concerning as we head into the reality of CPS-deployed systems. The first is that standards don’t exist.

Many companies are considering the Bring Your Own Device (BYOD) conundrum, evaluating the value and cost (as well as the risk) of allowing employees to bring their own devices to work. The value for the company is that a single device now connects each employee to the company. It also connects them to their life, which means they will always have their work phone with them.

A Peak Inside

It opens a door, and once that door opens, not even Pandora will be able to close it.

My phone is a component of the personal operating space called my personal cloud. When you, as my employer, enable a BYOD program, you are inviting my personal cloud into the Workplace. By default, you are also allowing me to connect my personal cloud to your network. The image that comes to mind here is of Charles Schulz’s character Pig Pen. My personal cloud extends all around me like Pig Pen’s dirt cloud.

Cyber Physical Systems

CPS_for_Manufacturing

(Image Source: Wikipedia)

And there’s another problem to consider. CloudTweaks is full of articles on the ever- expanding reality of the Internet of Things (IoT), more properly called Cyber Physical Systems (CPS). Why CPS and personal clouds? Because your corporate network is connected to every single CPS device my phone is connected to. I am the Trojan horse. I bring the Greek warriors inside your corporate security and, without knowing it, I am also the one that opens the trap door.

Some of the devices I connect to are harmless. But, given that they are simple harmless devices, someone can modify them. Do I care if there is suddenly a red dot in the upper right corner of my home weather station? Nope, I just need to know how much rain is falling on my house. But that dot isn’t a nice dot. It is sort of the modern equivalent of a laser targeting dot. We see them on TV all the time, when the bad guy suddenly realizes there aren’t two guns pointed at him but 200. I can mandate that all BYOD devices have Bluetooth disabled and are not directly connected to the corporate Wi-Fi network, but I am just putting lipstick on a pig, as the old saying goes. Once that phone connects to and moves corporate data, I am at risk as a company.

Homebase

Beyond the personal cloud, there is also the issue of the home cloud. I call it the home-private cloud because it is a stationary-managed solution that provides computation and storage for the people who live in my home. It, along with my personal cloud, are now happily connected to your network. My Trojan horse that I carry in my pocket is connected to an even bigger Trojan horse.

Now, I am not advocating that enterprises send their IT security professionals to every house that connects to their network. There need to be easily managed personal and home-private cloud security standards, and by easy I mean automatically deployed. If you connect to a corporate network, that network can connect to the security control center of your network and verify that it hasn’t been modified or hacked. If it has, quarantine the phone so that the Trojan horse can’t be deployed. The same is true of my personal cloud. Having standards that include easily deployed and managed security settings will at least keep the horse in the barn. It won’t roll the Trojan horse into the middle of your corporate network and then hand it the keys and say, “Have at our corporate secrets.”

We need simple security standards for home-private and personal clouds.  They don’t have to include complex security rules. Rather, they could consist of a single chip in the phone and a single device in your home that will tell you if, in fact, that cloud has been compromised.

Dismantled Trojan horses make great firewood for the winter.

By Scott Andersen

Deepak Jayagopal

Leveraging DevOps Infrastructure as Code to Improve Cloud Provisioning Time by 65%

Improving Cloud Provisioning Time Infrastructure provisioning used to be a highly manual process for Digital Service Providers (DSPs). Infrastructure engineers would rack and stack the servers and will manually configure them. Then they will install ...
Cloudways

Episode 1: Why Small and Medium Sized Businesses Need an MSP

Small and Medium Sized Businesses Need an MSP Small and medium-sized businesses don’t enjoy the benefits of a large IT department. What should they consider when it comes to handing over their data to a ...
Simplifying and Streamlining Cloud Management with AI

Simplifying and Streamlining Cloud Management with AI

AI Cloud Management Software with artificial intelligence capabilities layered with cloud computing can allow businesses to improve their data management, visualize insights that represent patterns in information, deliver a better customer experience, and optimize their ...
Isc2

Episode 2: Coronavirus Phishing Emails and Work-from-Home Meetings

Coronavirus Phishing Emails What to watch out for as scammers exploit pandemic panic, and tips on how to attend meetings while working from home. Working from home this week? There are a few challenges and ...
Internet Security

Firefox introduces Enhanced Tracking Protection for Desktop Users

Firefox introduces Enhanced Tracking Protection for Desktop Users Great news for Mozilla Firefox users as the internet browser rolled out its latest tracking protection features that make web surfing a lot safer. The new Enhanced ...
Trust Report

Profit-Driving Strategies for 2020, Backed by Data

Profit-Driving Strategies Since 2019 is coming to a close, the time has come for businesses to evaluate what they can do to propel profits in 2020. The vast array of possibilities can make an enterprise's ...