IoT devices have a security problem

Chin introduces global manufacturer Jabil, which has a presence in Singapore, as one of Splunk's users. 

Wilson Chin, Head of marketing APAC, Splunk, has called devices in the Internet of Things (IoT) "less secure" than data centres and servers.

Speaking at HP's Secure the Workplace event Chin noted that two recent high-profile attacks have involved the IoT - Weeping Angel, which hacked TVs, as well as the distributed denial of service (DDoS) attack from Mirai malware loaded onto Internet-enabled cameras. Printers are another often-overlooked doorway for malicious players to enter into an organisation, he said.

While no news may appear to be good news, Chin asked, "How do you know you're not compromised today, do you really know?"

More security breaches are occurring today as a result of targeted attacks that begin with compromised credentials and phished employee logins, Chin shared. The hackers then create back doors that they can use at their leisure.

"Hackers are smart. I have the key to access to your organisation but I'm not going to attack you from that. Once I get in there i'm going to open a back door, I'm going to open a window and start stealing data. Even if you shut the window, I have access to the front door and two weeks later, two months later, I open another window. You have to investigate to get that first entry point," Chin said. 

"It's not really about just printers or just IoT... You want to look at what your users are doing."

Splunk addresses this challenge as the "Google" of machine data. The Splunk platform generates insight from machine data, correlating it with other data sets, and then presenting it in a dashboard format that is easy for non-technical people to understand. "When you have access to more data than traditional security sources, then you start to look for interesting scenarios," Chin said, citing the example of an employee being on vacation and yet found to be logging in to the system.

"In a large organisation having true visibility into your cybersecurity posture is really really difficult," Chin said. "Data doesn't (only) sit in one place."

Splunk, in conjunction with HP and Nanyang Polytechnic in Singapore, have addressed this threat with a new mobile app that provides an increased security posture for HP printer customers. It indexes printer logs, looks at security events that are happening in the printer environment, and creates real-time dashboards that give visibility into when an attack is occurring.

Many security vendors are using Splunk technology, Chin said. There are currently 1,200 apps on the Splunk platform, and 500+ are security-related. Splunk is also popular for providing insights into IT operations and application delivery. "Different people can ask different questions of the same data," he explained.

Signage for the Splunk booth at the HP Secure the Workplace event.

Interested?

Check out the Google Maps visualisation add-on for Splunk

Read the TechTrade Asia blog post about HP Inc.'s new multifunction enterprise printers, which were launched at the Secure the Workplace event

Hashtag: #securetheworkplace