Eight Steps to Securing IP in the IoT Era

 
 
By Karen A. Frenkel  |  Posted 06-15-2015 Email
 
 
 
 
 
 
 
 
 
  • Previous
    Eight Steps to Securing IP in the IoT Era
    Next

    Eight Steps to Securing IP in the IoT Era

    By Karen A. Frenkel
  • Previous
    Identify Your Most important IP
    Next

    Identify Your Most important IP

    For most companies, hardware designs or source code are their most valuable assets. Ensure that you understand what is most valuable to your organization and where it resides.
  • Previous
    Choose Who Should Have Access to This IP
    Next

    Choose Who Should Have Access to This IP

    Don't grant broad access rights to these key assets. Research shows that most internal staff can pose a significant security threat. Corporate processes must be in place to continuously monitor who accesses what IP.
  • Previous
    Encrypt Data at Rest and in Transit
    Next

    Encrypt Data at Rest and in Transit

    Ensure that data is transmitted securely (i.e., encrypted) between designer or developer desktops and your SCM repository. Encrypt the files once stored in the repository.
  • Previous
    Use Multifactor, Continuous Authentication and Fine-Grained Access Control
    Next

    Use Multifactor, Continuous Authentication and Fine-Grained Access Control

    Multiple layers of authentication make it more difficult for attackers to compromise user credentials. Selectively grant access permissions for specific users and assets down to the file level.
  • Previous
    Enforce Strong Passwords and Different Levels of Security Controls
    Next

    Enforce Strong Passwords and Different Levels of Security Controls

    Enforce strong passwords and different levels of security controls based on asset type. Provide password hardening options and strong password policies, time-limited authentication tickets and ensure secure storage of passwords.
  • Previous
    Continuously Monitor Data Access
    Next

    Continuously Monitor Data Access

    Continuously monitor data access and make sure that detailed audit logs are implemented in a secure SCM repository. Besides tracking access that indicates risk, certain industries' standards and compliance regulations require detailed audit logs of access to data, as well as development records.
  • Previous
    Implement a Security Platform
    Next

    Implement a Security Platform

    Install a security platform that applies behavioral analytics models to audit logs and quickly identify high-risk, anomalous data access. Threshold- or trigger-based alerts are weak and expensive to maintain. Tools should be automated and self-learning.
  • Previous
    Integrate SIEM and Other Log Data
    Next

    Integrate SIEM and Other Log Data

    Integrate SIEM (security information and event management) and other log data with a flexible security platform that can identify high-risk threats throughout your organization. If existing SIEM tools monitor access and activity, ensure that your SCM monitoring tools are integrated with your SIEM dashboards.
 

Product development practices require collaborators to share files across hardware and software teams, projects and geographies. These files, which include source code, hardware design specs, media and project plans, are a company's most valuable intellectual property (IP). They are increasingly exposed to external threats (from contractors or business partners, as well as cyber-criminals) and internal threats (from compromised accounts, malicious or careless employees). To quickly and accurately identify anomalous behavior that can lead to data theft, organizations must shift from a pure perimeter-based security model to a data-centric approach that monitors who accesses sensitive code and how. Organizations must systematically implement security processes and policies specific to their and environments to safeguard important assets from threats. Anna S. Chiang, technical marketing manager at Perforce Software, presents eight steps enterprises can take to secure their IP.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register