“Some Devices Allowed” – Secure Facilities Face New RF Threats

When protected devices say “devices are not allowed”, this is not necessarily the case.

Exceptions are provided for personal medical devices, health monitors and other operation-related devices, especially in the areas of defense, where human performance monitoring devices may be at the heart of the mission.

The problem: most of these devices have radio frequency (RF) communication interfaces such as Bluetooth, Bluetooth Low Energy (BLE), Wi-Fi, Cellular, IoT or proprietary protocols that can make them vulnerable to RF attacks, which are essentially ” Remote attacks “beyond the physical perimeters of the building.

Questions are currently being asked about the possibility of authorizing certain devices in some areas, which in some cases leads to the need for a stratified policy and advanced technology that can accurately distinguish between approved and unapproved electronic devices in protected areas.

The invisible dangers of radio frequency devices

RF devices are widespread in the enterprise. Ericsson estimates that there are 22 billion connected devices and 15 billion of these devices have radios. In addition, as the avalanche of IoT devices grows, cyber threats will become more common.

Today, the company’s wireless devices include light bulbs, headphones, building control systems and HVAC systems. Wearable are becoming more and more vulnerable and risky. Wearable data retrieval capabilities include Fitbits, smartwatches, and other personal devices with built-in radios and a variety of audio / video capture, pairing, and transmission capabilities.

Understanding the current landscape of rule devices

The RF environment has become increasingly complex over the past five years as more devices have RF interfaces that cannot be disabled. Secure devices with very strict rules for RF devices make exceptions to the “No Device Policy” in a more stratified approach: “Some Device Policy”. Examples of stratified policy are RF whitelisted devices with RF interfaces such as medical wearables, Fitbits and vending machines. Some companies perform geo-zoning of certain areas in the facilities, such as sensitive information mechanism (SCIFs) in defense facilities.

Current policies are outdated

While some government and commercial buildings have protected areas where mobile phones or other RF transmitting devices are not allowed, the detection and locating of radio devices is largely based on the honor or one-time device scanning system. Bad actors don’t follow the honor system, and one-time scans are just that: one-time and can’t watch 24 × 7.

Advantages of applying the security policy of the RF device

In a world where security teams need to detect and locate unauthorized cellular, Bluetooth, BLE, Wi-Fi, and IoT devices, there are solutions available and the following benefits for enforcing device security policies:

  • New solutions for a new era: Better tools are now available on the market to provide enterprise visibility in RF devices. Raising awareness and visibility of communication between devices in airspace is crucial for the protection of sensitive data in secure facilities.
  • Adopt enterprise-level device policy management for threat detection: Today’s new solutions allow security teams to distinguish between approved and disapproved devices and send alerts when a device is found where it shouldn’t be, or doing what it shouldn’t be doing.
  • The introduction of RF technology protects the equipment from attacks: Standard security technology is unable to detect devices operating in the radio frequency spectrum. The implementation of RF technology is crucial for real-time device detection facilities and will provide security teams with full visibility to find known and unknown devices.

The proliferation of devices with authorized RF equipment, such as light bulbs and #wearables in the enterprise, increases the complexity of implementing device protection policies # in secure facilities. #respectdata

Click to tweet

It is essential to evaluate RF technology, which will have existing integrations for threat warnings, incident response and forensics. The deployment of RF technology and the use of existing best-in-class security tools, such as network systems, SIEMS, MDM and incident response systems, provides security teams with full visibility and 24/7 radio spectrum monitoring to thwart the attacks.

Implementing and enforcing more nuanced electronic device policies allows CISO and security teams to accurately distinguish between approved and unapproved electronic devices in protected areas and to detect and locate unauthorized cellular, Bluetooth, BLE, Wi-Fi, and IoT devices.