Portnox, a provider of cloud-native zero trust control and security, announced the general availability of its IoT Fingerprinting solution for discovering and identifying IoT devices within a network.
That could prove to be a valuable capability at a time when IoT is expanding throughout enterprise networks. Developers of IoT products and the companies deploying them have not always prioritized security, which may be less of an issue when deployments are small and tightly controlled than when they begin to grow and enterprises start to see more use cases and applications for IoT throughout their organizations.
The IoXt Alliance has been working on getting the IoT ecosystem to find some common ground and adhere to come minimum requirements where security is concerned, but IoT adopters also need some creative technology solutions to invest in as they move to implement better security around their IoT deployments.
Portnox, based in Austin, Texas, with an office in Israel, claims to provide the first cloud-native solution for helping mid-market and enterprise businesses address IoT security threats, and it does so as part of a zero trust approach to security. In broader security terms, zero trust, amin component of secure access service edge (SASE) architectures means that no user or device is viewed as trustworthy, and that any device using network resources must first provide proof of identity to access the network on a least-privilege basis defined by contextual policies.
Available via the Portnox Cloud and being automatically included in the firm’s NAC-as-a-service subscription for organizations with more than 500 devices, Portnox’s new IoT fingerprinting and profiling capabilities allow organizations to easily and accurately identify, authenticate, authorize, and segment IoT devices across their network to ensure an effective zero trust security posture.
“IoT fingerprinting is now absolutely critical to establishing and enforcing zero trust when it comes to IoT,” said Portnox CEO Denny LeCompte, via email. “IoT devices have proliferated because they solve a lot of problems for users. Unfortunately, the companies that make IoT devices have been traditionally unconcerned with security. They often ship with known vulnerabilities, they are difficult to patch when vulnerabilities are found; and difficult to monitor, especially since they don’t self-identify on the network.”
LeCompte said that without some kind of fingerprinting and profiling capabilities, all IoT devices effectively look the same, which is to say they are unidentifiable elements on the network. “This makes IoT devices an attractive target for threat actors,” he said. “And rightly so, as most IT teams have found “shadow IoT” on the network – IoT devices connected to the network that organizations have no clear visibility into or control over. The ability to accurately profile IoT devices is the first step in applying zero trust security – you inherently can't not trust a device you can't see, so visibility itself is the first part of the zero trust equation.”
Unlike competitive vendors who require IT to deploy heavy on-premises appliances that need constant care and attention, and that often conduct aggressive scans consuming substantial bandwidth, with Portnox’s cloud-native, AI-powered IoT fingerprinting and profiling capabilities, organizations can identify, authenticate, authorize, and segment IoT devices with unparalleled power, ease, and precision, ensuring an effective zero trust security posture 24/7/365. The release of this functionality makes Portnox the first and only vendor to offer cloud-native IoT fingerprinting, profiling and access control, purpose-built to enhance zero trust security models with zero on-premises footprint.
With the latest solution expansion, the Portnox Cloud now provides organizations with:
-
Complete device visibility and access policy enforcement across the network for all major device groups – IoT, bring your own device (BYOD) and managed devices
-
Enhanced IoT fingerprinting and profiling accuracy powered by artificial intelligence and machine learning
-
Strengthened organizational zero trust security postures, accounting for all devices and access layers – on-site and remote
Organizations also will be able to unlock additional capabilities, such as automatic policy mapping based on fingerprints and leveraging fingerprinting data to thwart potential MAC Address spoofing risks. Portnox customers can also use fingerprinting information to provide end-of-life/end of service dates, as well as list potential security vulnerabilities on the endpoint to augment network access and remediation policies. The company is currently exploring new ways to add agentless risk assessment policy enforcement, as well as data capture options to increase IoT fingerprinting access and automate micro-segmentation and quarantining for IoT devices in future iterations of the solution.