Window of the multi-story building showing how secure facilities face RF security threats

“Some Devices Allowed” – Secure Facilities Face New RF Threats

When secure facilities say “no devices allowed,” that’s not necessarily the case.

Exceptions are being granted for personal medical devices, health monitors and other operation-associated devices, especially in defense areas where human performance monitoring devices can be core to the mission.

The problem: most of these devices have radio frequency (RF) communication interfaces such as Bluetooth, Bluetooth Low Energy (BLE), Wi-Fi, Cellular, IoT or proprietary protocols that can make them vulnerable to RF attacks, which by their nature are “remote attacks” from beyond the building’s physical perimeters.

Questions are now being asked about the ability to allow some devices in some areas, some of the time, resulting in the need for stratified policy and sophisticated technology which can accurately distinguish between approved and unapproved electronic devices in secure areas.

The invisible dangers of RF devices

RF-enabled devices are prevalent in the enterprise. According to Ericsson’s Internet of Things Forecast, there are 22 billion connected devices and 15 billions of these devices have radios. Furthermore, as the avalanche of IoT devices grows, cyber threats will become increasingly common.

Wireless devices in the enterprise today include light bulbs, headsets, building control systems, and HVAC systems. Increasingly vulnerable and risky are wearables. Wearables with data exfiltrating capabilities include Fitbits, smartwatches and other personal devices with embedded radios and variety of audio/video capture, pairing and transmission capabilities.

Understanding the current policy device landscape

The RF environment has become increasingly complicated over the past five years because more and more devices have RF interfaces that can’t be disabled. Secure facilities with very strict RF device policies are making exceptions to the “No Device Policy” into a more stratified approach: “Some Device Policy.” Examples of a stratified policy are whitelisting devices with RF interfaces such as medical wearables, Fitbits and vending machines. Some companies are geofencing certain areas in facilities, such as Sensitive Compartmented Information Facility (SCIFs) in defense facilities.

Current policies are outdated

While some government and commercial buildings have secure areas where no cell phones or other RF-emitting devices are allowed, detecting and locating radio-enabled devices is largely based on the honor system or one-time scans for devices. Bad actors do not follow the honor system and one-time scans are just that: one time and cannot monitor 24×7.

Benefits of implementing RF device security policy

In a world where security teams need to detect and locate unauthorized cellular, Bluetooth, BLE, Wi-Fi and IoT devices, there are solutions available and subsequent benefits to enforcing device security policies:

  • New solutions for a new age: There are better tools now available on the market providing enterprise visibility into RF devices. Gaining awareness and having visibility into the communication taking place between devices in airspaces are critical in protecting sensitive data in secure facilities.
  • Adopting enterprise-grade device policy management to detect threats: Today’s new solutions enable security teams to differentiate between approved and unapproved devices and sends alerts when a device is found where it should not be or doing what it should not do.
  • Deploying RF technology safeguards facilities from attacks: Standard security technology is incapable of detecting devices operating within the RF spectrum. Deploying RF technology is crucial for facilities to detect devices in real-time and will equip security teams with complete visibility to locate known and unknown devices.
Prevalence of RF-enabled devices like light bulbs and #wearables in the enterprise is increasing the complexity of enforcing device #security policies in secure facilities. #respectdataClick to Tweet

It’s essential to evaluate RF technology that will have existing integrations for threat alerts, incident response and forensics. Deploying RF technology and leveraging existing best of breed security tools such as network systems, SIEMS, MDMs and incident response systems equips security teams with complete visibility and 24/7 monitoring in the RF spectrum to thwart attacks.

Implementing and enforcing more nuanced electronic device policies allows CISOs and security teams to accurately distinguish between approved and unapproved electronic devices in secure areas, and detect and locate unauthorized cellular, Bluetooth, BLE, Wi-Fi, and IoT devices.