UPDATED 12:00 EDT / MARCH 07 2019

SECURITY

IP on the blinds? How one company secures exploding endpoints landscape

The need for visibility in cybersecurity is expanding — literally. Distributed information technology systems and internet of things connected devices are multiplying possible entry points for cyberattackers. Being able to view and monitor all of them can majorly strain a single pair of eyes.

Haworth Inc. is a provider of commercial office interiors with a growing number of endpoints on its network. Simple things like product demonstrations bring another device and another entry point into the picture.

“We can’t sell a product if we can’t demo it,” said Joe Cardamone (pictured), senior information security analyst and North America privacy officer at Haworth. “I want you to use your laptop, your content, on my screens and my space. How can we do that while protecting my digital network?”

Haworth solved this and other visibility issues with Forescout Technologies Inc.’s security visibility and control platform. When the company deployed the ISO in a virtual instance, it expected it to turn up about 8,000 Internet Protocol addresses. It actually discovered about 13,000, according to Cardamone.

Cardamone spoke with Jeff Frick (@JeffFrick), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed how critical full visibility and security control is for companies with exploding IP. (* Disclosure below.)

Visibility and control for IP coming in the window

In addition to customer devices, the 13,000 endpoints on Haworth’s network include IPs in distant global outposts. Even the shades on its windows have IoT devices with IP addresses to control the amount of incoming sunlight to comply with its LEED certification.

Forescout gives the company visibility across all of these IPs. It also allows high-level control through microsegmentation. For example, it allows it to punch through its firewall so that customers can enter its network for demos.

“We’re using the Forescout to be able to look into their network and looking at a couple of key variables on their machines [to ask], ‘Do you meet this criteria? If you do, then we’ll allow you to egress though our [Palo Alto Networks] firewall using the Palo Alto module on Forescout. If you don’t, then you’re not getting in,'” Cardamone explained.

Haworth also appreciates the ease of use and single pane of glass Forescout provides. The short-staffed security team can actually hand off some tasks to the help desk, he added.

“I can enable my level-one staff to be able to make level-three decisions without giving them keys to the kingdom, which I think is a big value with the Forescout,” Cardamone concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference. (* Disclosure: Forescout Technologies Inc. sponsors theCUBE’s coverage of the RSA Conference. Neither Forescout nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU