Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore
1 like309 views
This document discusses the increasing challenges of MAC spoofing and data breaches. It outlines three main challenges: lack of visibility into devices on the network, the growing number of non-traditional Internet of Things devices, and the risk of trusting devices based only on MAC address. A network monitoring solution called Beacon is presented as able to provide comprehensive visibility of all devices, important contextual information, and scalability to address these challenges posed by MAC spoofing and the evolving network landscape.
Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore
- 1. ! Top 3 MAC Spoofing Challenges ! You Cannot Afford to Ignore
- 2. Data breaches are increasing Identity Theft Resource ! Center reports in 2014 • 18.3% increase in data breaches • 783 data breaches in the U.S. • 85+ million records were affected Verizon’s 2014 Data ! Breach Investigations Report • Internationally 1,367 confirmed data breaches in 2013 • Over 10,000 data breaches in the last 10 years Source: Informa.on is Beau.ful World’s Biggest Data Breaches
- 3. Data breaches are costly Ponemon’s 2014 report ! Cost of Data Breach: Global Analysis • Average data breach costs $3.5 million U.S. dollars • 15% increase in cost over previous year The research reveals that reputation and the loss of customer loyalty does the most damage to the bottom line.
- 4. Data breaches are increasing Figure from Verizon’s 2014 Data Breach Investigation Report
- 5. MAC spoofing Definition: Connecting to the network with a falsified media access! control (MAC) address
- 6. History of MAC spoofing • Whitelisting as a form of security • Falsifying MAC address was too easy for hackers • Use MAC address as first line of defense, and combine it with a more contextual understanding of the device
- 7. Top 3 MAC spoofing challenges Lack of visibility Unable to keep a complete, real-time inventory of what is on the network and where each endpoint is located Internet of Things trend Increase in headless and non-traditional devices on the network Trusting the device Security that relies on the device being the sole source of information
- 8. Challenge 1: Lack of visibility The problem • Don’t know where unauthorized access or entry points into the system might be • Don’t know if there is an unauthorized device touching the network (whether it is misconfigured, etc.) • Don’t know if security measures are protecting entire network
- 9. The solution • Complete visibility of all endpoints on the network – Deeper historical and contextual understanding of all devices on the network Challenge 1: Lack of visibility
- 10. This is not as simple as it sounds • Time intensive task • Constantly changing landscape – Increased mobility – Guest access • BYOD initiatives • Need for user convenience Challenge 1: Lack of visibility
- 11. To really solve the problem you need: • Automated technology to create an inventory • Access to contextual data • Continuous, real-time monitoring for an ever-changing network Challenge 1: Lack of visibility
- 12. Challenge 2: Internet of Things The trend • Increase in devices that use your network data to do amazing things! Fire extinguishers that tell you when they are in use Sprinklers that use weather information to determine how often to run Trash cans that alert you when they are full
- 13. The trend VOIP Phones HVAC Systems Security Cameras Challenge 2: Internet of Things
- 14. The problem • These devices are outside of the norm, meaning that current solutions may have limited contextual information about them – If the MAC address is spoofed the lack of context can make it difficult to identify that a rogue device has been added to the network Challenge 2: Internet of Things
- 15. The solution • Visibility of all devices, including headless devices • Agentless or clientless security solution (since these often have specific operating systems dependencies) Challenge 2: Internet of Things
- 16. The problem • Trusting the device by MAC address or MAC OUI ! alone is risky – The MAC address is not enough information MAC spoofing is based on a device being dishonest Challenge 3: Trusting the device “Communicating externally” “Running Windows apps” 176.16.232.134
- 17. The solution Warehouse of context Challenge 3: Trusting the device What is the device? How is the device! behaving? Where is the device?
- 18. HOW WE CAN HELP?
- 19. The Beacon suite of solutions Identify. Ensure every endpoint accessing the network is accounted for to eliminate vulnerable blind spots. Monitor. Know how endpoints are behaving at all times to easily identify and address potential threats quickly. Enforce. Control access to the network to allow what should be on the network on, and keep what shouldn’t off. “As far as seeing what’s " on the network, it’s " all about visibility and troubleshooting. When you’re trying to figure out, ‘what’s plugged into this port?’ and you can go and see that in Beacon, it saves you time.” " " –Patrick Printz, " current Beacon user
- 20. • Comprehensive. ! Our software provides you with complete visibility. We detect and profile all device types touching your network, including headless devices. • Contextual. ! Our technology provides you with historical and real-time detailed context. – What is the endpoint – Where is it located – Is it behaving uncharacteristically • Scalable. ! Great Bay Software’s technology! has been proven to scale to satisfy ! the largest of enterprise customers. • Simple. ! Our technology is a sophisticated application that is actually easy to deploy and manage. ! Why Beacon?
- 21. Contact Us 1.800.503.1715 info@greatbaysoftware.com Find more resources and information at www.greatbaysoftware.com QUESTIONS?