Actu
ICSA Labs Unveils Program to Address Security Threat From Printers, Fax Machines, Other Devices
September 2009 by Emmanuelle Lamandé
ICSA Labs, an independent division of Verizon Business, introduced a new program to help enterprises safeguard against intrusions through network-connected devices such as printers, faxes and point-of-sale systems, as well as help device manufacturers ensure that their products are secure.
The new capabilities offered by ICSA Labs are designed to protect these typically stand-alone, unattended devices, which connect directly to a network but are not part of the network infrastructure itself. Also included in this product class of network-attached devices are copiers, ATM machines, digital signs, proximity readers, security cameras, and facility management systems for power, lighting and HVAC systems.
ICSA Labs has found that unprotected devices such as these can allow hackers easy access to corporate networks. According to the Verizon Business 2009 Data Breach Investigations Report, many breaches occur through what is called “unknown, unknowns,” which can involve systems such as printers and faxes. The report also points out that attackers choose the path of least resistance, targeting vulnerable systems.
ICSA Labs’ first new offering, Network Attached Peripheral Security (NAPS) certification, provides manufacturers an opportunity to work with ICSA Labs to help identify and remediate existing and potential vulnerabilities in the devices the manufacturers sell. The NAPS certification program service also applies to manufacturers whose products are still under development and are seeking recommendations to make their products safer.
The NAPS certification program includes rigorous testing that examines several different aspects of a device and how each impacts its overall security, including its core functionality, administrative interface and logging capabilities. The ICSA Labs’ certification enables manufacturers to verify that their devices are secure and assures enterprises that the certified products have passed rigorous testing and validation for security protection.
Under the second new offering, NAPS assessment, the network devices are tested and evaluated to help ensure that they are installed securely and protected from exploitation. ICSA Labs can tailor the assessment to evaluate either installed devices or ones that the enterprise plans to deploy. After the devices have been thoroughly reviewed, ICSA Labs delivers a comprehensive report that details how an enterprise can safely and effectively install these products.
Availability:
Both offerings are immediately available to companies around the world.
