In today’s enterprise, more and more devices are becoming network enabled. Seemingly harmless devices such as printers, security cameras, and UPS systems now frequently come with an Ethernet interface for network connectivity. Most of these devices are designed to work “out of the box” with minimal configuration necessary in order to ensure ease of use. Unfortunately, with this ease of use oftentimes comes increased risk to your network.
ICSA Labs has developed the Network Attached Peripheral Security (NAPS) program to assist vendors and enterprises in improving the security of their network peripherals. The first part of the program is to provide certification testing to vendors. ICSA Labs has developed a comprehensive set of test criteria to evaluate the security of NAPS-qualified devices. Vendors and product developers may submit their network-attached peripherals to be tested, and if the product is able to meet the criteria in its entirety, certification will be granted and a public report will be written to demonstrate to their customers that they have achieved third-party verification. For vendors whose products are still under development, ICSA Labs can perform a private evaluation with recommendations for improving the security posture of the product.
The second part of the program is designed to assist enterprises in evaluating network attached peripherals that they would like to deploy or have already deployed in their networks. ICSA Labs will work with the customer to determine how they intend to deploy the peripherals, and then develop a custom evaluation methodology based on the certification program criteria that is relevant to their individual needs. Once the products have been tested, ICSA Labs will provide the customer with a private report documenting the findings and suggesting configuration options to enable a secure and reliable installation. You can never eliminate risk, but ICSA Labs is committed to improving the security of the products and devices you use on your network.