Open-Xchange: Network-based security - changing the game for telcos and ISPs

Consumer awareness of cybersecurity is at an all-time high.

In fact, one in five respondents to a recent survey explained that they had become personal victims of a data breach, affecting their trust of certain companies that handle their data.

Yet despite the rise in cybersecurity concerns amongst consumers, only a small fraction actually take action and attempt to secure their systems and data. Unfortunately, the vast majority of consumers remain “unaware” of what they can do to protect themselves.

Despite this, smart homes continue to accumulate new smart devices and IoT. Without effective malware protection, each of these devices represents a potential opening through which cybercriminals could mount an attack - and for communications service providers (CSPs), this means that their customers are becoming increasingly vulnerable. Malware-infected smart and IoT devices cause problems not only for consumers, but also to the CSP networks that they use.

The trouble with IoT security

You might be forgiven for assuming that the solution is to build endpoint protection into each IoT device as a standard. However, not only would this increase the manufacturing costs for each device significantly, but more often than not there simply isn’t enough CPU or RAM available to support basic on-device malware protection, let alone to download regular security updates, or provide a generic mechanism to allow AV vendor software to be installed.

SEE ALSO:

• In2IT Technologies: Make sure you have a business case before you jump on the IoT bandwagon

• Siemens and SAS team up to create AI-enabled IoT analytics solutions

• Thales acquires Gemalto for €4.8bn to become leader in digital identity and security

• Arm to support EDMI with secure IoT deployment

• Read the latest issue of Gigabit here

The only practical solution is to protect IoT devices in the network. This way, an administrator has the capability to detect threats to any device on their network, while simultaneously preventing such devices from connecting to malicious websites or malware command and control servers.

A number of companies have begun selling this type of vulnerability protection in the form of a physical device. Generally, these systems offer more robust security than software, and are useful for applying an additional layer of security to important networks - but they are far from flawless. Such devices usually come with expensive initial costs and subscription fees, as well as limits on the number of devices that can be protected. Not to mention that the network can be compromised if the box is broken or unplugged.

The Network is the Solution

The network provided by the CSP is the ideal location to apply a layer of security, ensuring that all devices in the smart home are protected without having to install software on each and every one of them, or install any boxes in the home. Not only does network-based security offer thorough and easy-to-enable protection, but it also requires no intervention from customers to upgrade to the latest features or protection.

For families, administrator-controlled features like parental controls, homework-time and bedtime, help to ensure that children are using the internet appropriately and within designated time windows. And with 75% of UK parents actively seeking out information on how to protect their children online, this is going to be a very appealing feature of any smart home security system.

Consequently, CSPs have been presented with a golden opportunity to add value to their network pipe by offering a consolidated security package, guaranteeing the latest protection directly from the broadband provider. In other words, this is “security-as-a-service” with minimal implementation procedures required from the consumer.

Changing the game

Network-based security has the potential to reinvent the game for telcos and ISPs. Not only is it a perfect opportunity to confront safety and security online, but it unlocks new revenue streams and diversifies offerings.

For some providers, the cost for this service could simply be added to the user’s existing monthly bill; whereas others may offer it through bolt-ons or package deals. Regardless of the nitty gritty, we have already seen some of the biggest providers in the UK provide this to customers included in service bundles, while mobile operators like Vodafone are now offering such services across Europe for a small monthly fee.

With estimates that there will be 20 billion IoT devices worldwide by 2020, existing tools are simply not well equipped to deal with the impending exponential increase in cybersecurity risk. No other approach can offer such thorough protection of our smart homes - and CSPs now need to step up to the mark or run the risk of being left behind.