Canadian network security firm launches Industrial Gateway
Canadian network security firm launches Industrial Gateway
A fledgling Canadian network security company has launched its second product, a plug and play device that aims to protect IoT devices.
Halifax-based Bios Inc. said its Industrial Secure Gateway Edge is a small box that plugs into a local network to isolate industrial controllers, security cameras, medical devices, POS devices and other network equipment.
The company calls the approach micro-segmentation. By taking advantage of endpoint micro-segmentation through hardware-enforced isolation, the company argues, devices can be protected against network threats by reducing the attack surface and protecting against remote code execution exploits.
If an alternate attack compromises a device, the gateway contains what prevents lateral network infections from spreading. The company says this approach prevents ransomware and denial-of-service attacks from disabling devices.
Connected to Wi-Fi or Ethernet, gateways allow administrators to centrally manage a fleet of remote endpoints for simple policy provisioning, threat reporting, and security.
images of bios secure gateway edge devices
bios gateway edge
The Industrial Gateway Edge was launched last October by the company's Secure Endpoint Edge, a USB device for laptops and other mobile devices.
Images of Bios Secure Endpoint Edge Device
bios usb secure endpoint edge device
"With our solution we can have devices isolated from the outside world, have security inside and out, and have control and visibility," the company's founder and CEO Matias Katz said in an interview. "At the same time you don't need to disassemble the device. You can still do remote patching, maintenance."
The solution is sold on a subscription basis, along with a cloud-based management console. Katz said the cost of a solution could range from US$150 to $350 per year, "depending on the volume and architecture and duration of deployment."
He added that since the company's launch, it has eight to 10 customers across different verticals.
Katz is originally from Argentina, where he ran a managed services provider and was a security specialist for IBM. After speaking at the Black Hat Security Conference in 2012, he was invited to speak at the annual Atlantic Security Conference (AtlSecCon) in Halifax the following year. He liked the city and took it into account when planning his new company.
The idea to create Bios came when Katz was at a conference in Paris and realized that even when his laptop was on a privileged Wi-Fi network, he thought the device was not secure. He wanted to create a solution to protect people on the go.
The first product, the Endpoint Edge, is powered by its USB 3.0/USB C connection. It works on any device, regardless of its operating system. It has a secure boot, signed binaries and a crypto co-processor to prevent tampering.
Gateway Edge is plug and play, so no agent or software installation is required on the host device - it enrolls automatically when plugged in. It has the same security as Endpoint Edge. Ideally, Katz said, one industrial gateway should be used per endpoint. However, he acknowledged that this may not be possible, so the units may be shared.
Ultimately, he said, Bios plans to exit the equipment manufacturing business and enter into agreements with network equipment manufacturers to embed its technology in their products. Those products will have a "Powered by Bios" badge. It could be many years away.
Bios has a two-pronged sales strategy, operating in Canada and the U.S. Both have few customers as well as sell directly through a distributor - Insight Enterprises - whose partners resell Bios products in North America.
No comments