Protecting your connected business
As IoT technologies become essential for keeping up with fast-evolving markets, business and technology leaders must be vigilant in security practices to help keep their companies safe. The scale of interconnected IoT devices within and outside of the corporate firewall — along with the voluminous data they generate — dramatically increases the complexity of information security.
To adequately protect from security breaches, a multi-layered approach is recommended
We have a legacy of strong security:
- Network visibility and control with threat intelligence and response capabilities.
- Expertise of global security experts and researchers combined with best in-breed strategic alliances.
- Experience managing customers' networks. We have more flexibility, scale, and control over how data is protected — and we're teaching our customers how to do the same.
"Security is the #1 barrier to IoT adoption."
—Business Insider survey, January 2015
"The cost of cybercrime is $445 billion to the global economy."
—Reuters, June 9, 2014
AT&T Security Center
"We have seen a dramatic 458% increase in IoT vulnerability scans against devices."
Implement security measures for in-depth defense
Because every device is different, each must be secured with a multi-layered approach. We recommend seven established security measures to help safeguard IoT solutions and devices. These are:
- Embed security across four layers: endpoint, network, data and application, and threat management.
- Protect at the physical and media layer of the network.
- Determine the extent of required security in edge devices and the impact over time.
- Protect the network to overcome challenges in protecting applications.
- Incorporate a cloud strategy and security posture.
- Maintain security integrity over the entire product life cycle.
- Apply the right security technology to each potential threat and the evolution of that threat.
Layered approach to IoT security
Traditional security strategies have focused on prevention. They use one general line of defense (called a perimeter) to prevent attackers from accessing privately stored information. Due to emerging technology trends and the surge of connected devices, hackers are always finding new ways to attack.
Our security professionals are experts in security design and incident response. They can help businesses before, during, and after a breach. We believe a four-layered approach to enterprise security is essential to dealing with today’s threats and business environments:
Protecting the hardware (the “thing” that is connected) through measures with the device manufacturer and AT&T’s Global Subscriber Identification Module (SIM) which provides a flexible and scalable level of security at the device level.
AT&T already excels in the network layer today. We help protect connections and secure data in transit to and from the connected device through solutions like AT&T Virtual Private Network, AT&T NetBond, Commercial Connectivity Service (CCS), and custom, private Access Point Names (APNs).
To protect the IoT data and applications, AT&T has a strong portfolio of security functions including cloud-based and on-premises firewalls, encryption, DDoS, and Cloud Web Security.
Threat analysis layer
At the IoT threat analysis layer, behavioral analytics is used to understand how devices are being used, where they are being used, and who is using them. We can do this at the connectivity, device, or data/application level by analyzing the traffic coming in and out of that device, connection, or application; and identifying abnormalities (such as an unauthorized user in a different location), to help prevent, detect, and respond to potential threats.