Kudelski Security chief technology officer Andrew Howard was recently featured in CSO, a security and risk management news website.
Speaking with CSO’s David Greer, Howard delved into the proper response to device and software backdoors inserted or left by vendors.
Backdoors provide a large concern when the vendors who create them purposely leave them in their products. There are a number of solutions to these concerns as Howard explains in the article.
“When an enterprise does discover a product in their production environment that has a backdoor, they should take it offline where possible until they or the vendor resolve the vulnerability or they should isolate the hardware to contain the risk while deploying additional monitoring and controls around it,” Howard said in the article.
“Isolate the device (or software), according to Howard, in its network segment with no access or very little access to the corporate network to reduce any associated risks. “While it may be possible to compromise the device, this mitigation strategy makes it more difficult for an attacker to move throughout the enterprise network,” he continued.
“To deal with the potential for backdoors in IoT, an enterprise must first assign a stakeholder who is responsible for these devices. Then when the enterprise discovers a backdoor, they can ensure that the business and security owners remediate it together. These risk mitigations often require trade-offs such as downtime and a potential loss of capabilities, which requires buy-in from both the business and security stakeholders,” according to Howard.
To read the whole article, click here to go to CSO Online.
Story credit: David Greer, CSO