WIDS01_banner.png

INdustry, manufacturing, healthcare, commercial

Wireless Intrusion Detection

 
 
 

Endpoint Security Inc provides an early warning of intrusion into your air-gapped network.

Endpoint secures your wired Operations Technology (OT) network, which you may have air-gapped, from wireless intruders. Engineers from Penetration Testing services often say that many of their customers think their system is air-gapped, but is found to have a wireless adapter plugged in some device on the OT network, leaving it vulnerable to one of the most difficult to detect attacks, a man-in-the-middle attack. Endpoint has the solution. Place an Endpoint WIDS on the wall and it will passively watch over your plant. If a wireless device is installed, the WIDS will spot it and notify a network administrator. Workers may bring their own devices into the plant, but the WIDS will see devices which stay in the facility after shift changes, giving you an early warning that your system could be compromised.

 

Endpoint Security Inc is securing wireless communication.

Endpoint is offering a Wireless Intrusion Detection System (WIDS) unlike any other for the security of fixed wireless devices in industrial, commercial and home environments. It uses a device’s natural RF signal as a fingerprint, uniquely identifying and authenticating each device. The product uses the physical polarization characteristics of the electromagnetic signal to identify each endpoint with a stable “fingerprint.” Once authenticated, its activity is monitored and the Endpoint WIDS will alert Operational Technology network authorities of the presence of any other devices attempting to communicate in the area. It allows for secure wireless without modification to legacy devices. It is protocol agnostic and does not require demodulation of the signal, so requires no bandwidth. Since it doesn’t use encryption, there is nothing to break. Since it doesn’t use keys, there is nothing to steal. Endpoint Security is making a monumental step in secure wireless…eliminating the complexity of dealing with broken encryption, stolen keys, and zero-day malware, while providing network administrators with the ability to step-in and prevent wireless attacks.

 

Contact

➤ LOCATION

PO Box 11426
College Station, TX 77842

☎ CONTACT

heller@endpointsecurityinc.com
(979) 599-2597

 

You’ve heard it said many times; “You can’t protect what you can’t see.” Old security technology requires that you know the technical details of every device on the network before you being installation. Now, however, you don’t need to even know where each device is, much less how to access it. Learn more with the button below.

 

Attributes

ZERO TRUST


Zero Trust has gained popularity as a framework for securing complex networking environments, like those found in energy, manufacturing and defense industries. According to the DoD Zero Trust Reference Architecture, zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical location or based on asset ownership. By relying on identification in the form of a naturally-occurring fingerprint, not once, but every single time an edge device communicates with the network, Endpoint Security systems take zero trust to a new level. By using the analog signal rather than data contained in the signal, it is like having the identity defined using a second form factor, increasing security to the utmost performance.

cmmc


The Cybersecurity Maturity Model Certification (CMMC) was designed to enforce protection of sensitive unclassified information that is shared by the Department with its contractors and subcontractors. The tiered model provides for progressive levels of security recognized by many industries as a guide for securing sensitive communications. Endpoint Security addresses Access Control within the CMMC. The highest level of security (Level 5) is accomplished by satisfying one criterion: AC.5.024 "Identify and mitigate risk associated with unidentified wireless access points connected to the network.” Endpoint Security systems can do just that by using the physical-layer fingerprint of a rogue access point.

IEC 62443-4-2


The ISA/IEC 62443 standards define requirements for implementing and maintaining secure industrial automation and control systems (IACS). They establish best practices for security and provide a way to assess the level of security performance. 62443-4-2 addresses industrial automation and control systems. There are defined four levels of security with Security Level 4 (SL4) as the most secure. To reach SL4, requires one to provide multifactor authentication (MFA) for all interfaces and password lifetime restrictions. Endpoint addresses machine-to-machine communications, which makes each of these requirements a bit tricky. By using a fingerprint as a sort of “biometric” for a device that is not reliant on data, it is related to multifactor authentication. We refer to it as M3FA, machine-to-machine multifactor authentication.

 

patching schedule


Patching software in Industrial Automation and Control Systems is a hot topic. No industrial control engineer wants to continually patch or update the software in the edge devices involved in operating a process. Every change in software adds risk to the possibility of disrupting production. Good news. There is no patching schedule for updating security with an Endpoint Security device. Since we do not rely on data, but instead use a naturally-occurring fingerprint in the analog signal, there is no need to program the system for new attack vectors based on data-driven methods. Regardless of changes in security protocols, encryption methods or any other software modifications, the fingerprint for a stationary edge device remains the same.

legacy devices


Security systems for industrial, healthcare, and commercial use can be very sophisticated. Artificial Intelligence employed to learn from and monitor a plethora of network edge devices, along with every increasing complexity in encryption methods, can make engineering the best security system quite complicated. When wireless devices are introduced, a whole new level of attack vectors can open up. Endpoint Security wants to close off that concern and make security easier. By requiring a naturally-occurring fingerprint from every edge device each time it transmits, security can reach even the old, legacy devices that may not even have security software in them, like temperature sensors or valve controllers. Now, every device can be protected.

 

Artificial Intelligence


Artificial Intelligence is being used in wired systems to secure industrial networks, where constant monitoring of the data can identify cyber threats by using behavioral analysis. This is a very useful tool; one that is needed in wired systems. Wireless sensor networks, with the help of Endpoint Security systems, can do one better. In wireless networks, the medium for communications provides a second form factor for authentication, an analog fingerprint. Endpoint adds a layer of protection for machine-to-machine communications that plays well with AI. We extract a fingerprint from every signal and can use it to authenticate the sending device AND provide additional analytical information to a third party AI platform.

M3FA


Multifactor Authentication (MFA) requires multiple credentials using different methods before access is allowed. That can come in the form of a person using a fingerprint or retinal eye scan or face recognition in addition to a typed password. It is a very strong means of security, although a little annoying to the person providing a biometric. This form of security is tricky for machine-to-machine communications, however. By using a naturally-occurring fingerprint obtained from an analog signal, Endpoint Security systems provide a second means of identification to the data-based identification typically sent by an edge device on a network. We refer to this as Machine-to-Machine Multifactor Authentication (M3FA). M3FA provides a very secure wireless connection to the network.

 

Technology Applications


Oil & gas

As network availability closes in on 100%, downstream operations are embracing wireless monitoring systems and non-essential wireless control applications, like control valve actuators, for productivity improvement. Each wireless device is a potential entry point into the operations network, however, creating a need for higher levels of security; one that adds a layer rather than replacing existing security. Endpoint technology would be ideal.


chemical industry

The chemical industry finds itself a target of many cyber attacks. One of the most elusive is a man-in-the-middle attack. In this attack, a perpetrator comes near the perimeter of a plant and listens to wireless traffic, picking up MAC addresses, passwords and authentication keys from industrial devices. With the information obtained, the perpetrator gains access to the operations network; that is, unless it is protected by Endpoint technology.


manufacturing

Industry 4.0 is driving adoption of wireless technology throughout the plant floor. Operations use limit switches, equipment monitoring, product location and many other sensors and controls which impact many aspects of manufacturing. But, the security seems daunting for such diverse devices. There should be an easy way to secure all of the sensors in the network. Endpoint offers a means of protecting the process from wireless attacks. 


Commercial

In a demonstration of how easy it is to instigate cyber attacks on a commercial building, hackers have been known fly drones near commercial high-rises and take over the control of office lighting systems. While this is playful, it indicates the dangers present in hackers that may gain access to networks which contain confidential information and personal identities. Endpoint can close off the access to unauthorized persons.


healthcare

In some hospitals, bedside patient monitoring equipment is already 85% wireless. But, what can be done to protect such devices? It doesn’t make sense to update or change the software in a medical device periodically, as it can affect the FDA approval for the device. Thus, securing these devices needs a solution that is external to the equipment. Endpoint technology provides a means to secure medical devices without modifying them at all.


consumer

Consumers have adopted wireless technology in almost every aspect of their lives, from making coffee to locking doors. We adjust our home’s temperature wirelessly as well as monitoring our front door, washing machine, baby monitor, refrigerator and many other appliances and sensors. All of these devices could allow hackers into our network. But the good news is that Endpoint technology can stop hackers from gaining access.

 
 

 
 
What this world consists of, we cannot say or conjecture; we can only conjecture what it seems, or might seem to be, to minds not too different from ours.
— Henri Poincaré