Background Image
Previous Page  38 / 88 Next Page
Information
Show Menu
Previous Page 38 / 88 Next Page
Page Background

38

7X24 MAGAZINE FALL 2015

If we’ve learned anything from, OPM, Target, Sony, JP

Morgan Chase, eBay or any of the countless other high-

profile, high-cost cyberattacks of the past two years, it’s

this: there are vulnerabilities everywhere. Hackers can

pillage companies or agencies through anything

connected to the network … and today, everything is

connected to the network.

We live in the era of the Internet of Things. Hyper-

connectivity isn’t just possible, it’s swinging the

pendulum between success and failure for multi-billion

dollar businesses. Device-to-device communication

streamlines everything we do, and visibility and

management of these connected systems enables

increased productivity and efficiency. But there’s a

catch; every one of those connections creates a

potential vulnerability, and there are plenty of smart

people with bad intentions trying to exploit them.

Simply put, everything from the heart of the data center

to any desktop, laptop, keyboard or mouse connected

to the network is a potential risk.

Do I have your attention?

The evoluTion of neTwork

securiTy

Even some of today’s best Intrusion Detection Systems

aren’t enough to stop all of today’s advanced persistent

threats, which are designed to burrow into the network

from virtually anywhere and siphon data over time

undetected. It’s critical to identify and secure access

points to avoid, mitigate or manage data breaches.

That task includes often-overlooked computing

peripherals. These are devices that by their nature are

difficult to secure, because so many people have

access to them. Keyboards, video monitors, even the

mouse—anything that could be connected to a KM or

KVM switch—falls under this umbrella. These are the

devices the National Information Assurance Partnership

(NIAP) sought to secure with the release earlier this

year of the Protection Profile for Peripheral Sharing

Switch version 3.0 (PP 3.0).

The previous protection profile dealt with the pre-2000

security landscape, but cybersecurity must evolve as

threats become more advanced. PP 3.0 includes

security enhancements for modern peripheral switching

technologies and standards designed to (1) defend

against these evolving threats, and (2) provide

assurance that the switch will not propagate attacks if

they occur. These standards require the following:

u

Higher isolation between computer ports from digital

and analog leakages.

u

Optical data diodes to enforce unidirectional data

flows.

u

Much stronger protection for USB ports.

u

Complete isolation of power domains to prevent

signaling attacks.

u

Analog audio diodes to prevent audio eavesdropping

(TEMPEST levels).

u

Emulation of display EDID, keyboard and mouse to

avoid direct contact between computers and shared

peripherals.

by

Michael Parvin