accountability to secure the device Jul 5th, 2021   [viewed 4 times]
The network perimeter is blurring, and the cloud is being regularly leveraged to facilitate operators’ operations. The cloud is where network, storage, and compute resources often reside these days. And yes, an external supplier manages all these applications. The loss of direct control of such critical operations may diminish the operator’s level of control over the network performance, optimization, data, and quality of services. The operator also loses the capability to assess and alleviate security threats directly. They are forced to depend solely on contractual or service level agreements with the cloud provider. Seen in that light, cloud services pose a potential combination of risks concerning network availability, supply chain, and privacy. This year has seen a major IoT thrust. And obviously, security threats are emerging. The industry has identified that several customer device manufacturers have little consideration for, or competency in, security. It’s not uncommon for them to hand over the accountability to secure the device to the uneducated customer without security instructions. These devices, when deployed, are also attached to the operator’s network. Attacking the network by leveraging these devices could potentially harm operators. Most IoT threats come from attackers exploiting factory default settings or poorly configured devices. IoT devices are a desirable target. The significant volume of devices means many potential access points. The attacker can employ the same technique to attack different devices regardless of their primary function, leading to a large surface subject to attack with minimal effort. For eg., in 2016 the Mirai botnet, the mother of many modern IoT botnets, hijacked over 600,000 devices. The initial attack took down OVH hosting and DynDNS services. More info: What Is Managed Desktop Service