Viakoo, a provider of solutions for managing and securing distributed IoT devices, has been awarded a patent for their innovative method of remotely updating and managing a multitude of IP connected devices regardless of whether they reside on isolated networks, local networks, or wide area networks.
Unmanaged and IoT devices increase the risk of cyber vulnerabilities and other operational challenges when they are using outdated firmware or lack certificate management.
Cyber-physical system security
This innovative Viakoo solution specifically addresses a critical growing cyber-physical system security challenge for organisations that have large numbers of both managed and unmanaged IoT devices across their enterprise infrastructure. “Modern IP networks have enabled valuable improvements in the capabilities, management and operational controls across almost every industry, and every size of organisation,” said Bud Broomhead, Viakoo CEO.
Viakoo offers solutions that allow every organisation to dramatically mitigate risks"
“Viakoo offers solutions that allow every organisation to dramatically mitigate risks while maintaining complex enterprise installations employing myriad managed and unmanaged IoT devices.” Many organisations have installed a broad range of IP devices over time, including security cameras, access controllers, sensors, printers, and scores of unmanaged IoT devices.
Cyber hygiene functions
As a result, these organisations employ numerous devices from different manufacturers, many of which are undetected on the network. Keeping track of exactly what devices are installed and where they reside on the network presents a considerable challenge. Even more challenging is managing critical cyber hygiene functions, such as firmware updates, managing certificates, and ensuring operational integrity.
Until now, it has been quite common for technicians to manually check each device to confirm their status, make firmware updates, or log into unique consoles for each manufacturer. Because of the onerous nature of these tasks, many firms do them rarely, delegate them to contractors, or even neglect to do them at all. In particular, the lack of timely firmware updates leaves organisations vulnerable to multiple known threats.
Defeating corporate governance
This patent provides a mechanism to update several functions at the device level
Those that do maintain their IoT devices often resort to default or common shared passwords to simplify the update effort, defeating corporate governance. Despite widespread use of certificates (TLS or 802.1x) to secure traditional IT systems, they have not been widely used for IoT devices due to lacking an effective way to remotely connect to the device. The result of not being able to address comprehensive cyber hygiene is a growing attack surface from unmanaged and IoT devices.
This patent provides a mechanism to update several functions at the device level regardless of where the devices reside on the network. Using Viakoo’s remote management capability it is now possible to implement an improved and more scalable solution that maintains software updates, manages certificates, and enforces password policies for large numbers of IoT devices across multiple distributed networks, thereby improving both operational outcomes and organisational security. Most important, the new Viakoo solution does not rely on any shortcuts – maintaining maximum security in protocols, passwords, and verifications.
