IT Home Network Security Management
12/08/2016 03:38:00 PM-
/ cybersecurity / home network / information technology / ISO/IEC 27001 / ISO/IEC 30100 / standards package / IT Home Network Security ManagementEdit
In the Digital Age, a multitude of products and services function from network connections. In fact, it is estimated that there were close to 7 billion devices connected to the Internet in 2016. It only makes sense that these devices have found their way into the place where people spend a great deal of their time and keep their possessions: the home. Home networks, as conglomerates of these many devices, need to support a multi-protocol environment. An example of a home network, with variation and abundance in network-connected products, is visualized below:
Home networks like this one, comprised of low power and high computing processors, reliable networking technology, high quality content services, e-health care, sensing technology, smart grid, and robotics technology, have become a necessity for many people’s lives. To secure this need, the systems must be interoperable and secure.
Almost every network protocol can be difficult for many people to understand, and their complexities only further nuance from the diversity of standards and/or industry-developed specifications that overlook their use. In such a difficult-to-comprehend state, home networks can be rendered practically useless, failing to meet their intended need.
With interoperability among the different protocols, this changes. A home resource management model grants an overarching understanding of all protocols, surpassing the limitations that arise in the attempt to discover, monitor, detect, diagnose, recover, and configure all functions across a variety of protocols without the help of such a model. This management model allows for the safe and effective delivery of applications in the home, simplifying the processes for users.
Home network resource management is covered in ISO/IEC 30100. This standard collects and studies the relationships between all available home network protocols and elements, demonstrating how a home resource management model defines, organizes, diagnoses, manages, and combines these resources. The standard is broken up into three parts:
ISO/IEC 30100-1:2016 - Information technology - Home network resource management - Part 1: Requirements
ISO/IEC 30100-2:2016 - Information technology - Home network resource management - Part 2: Architecture
ISO/IEC 30100-3:2016 - Information technology - Home network resource management - Part 3: Management application
Another important piece of guidance addressed in ISO/IEC 30100 is security. Specifically, the standards specify privacy methods for network management data that prevent the user from unintentionally releasing personal data to external networks.
And, with an estimated 1.5 million annual cyber-attacks, network security should not be ignored. Currently, the groups that are doing the best job of protecting computer data are big and small businesses and federal and local government, not home Internet users. Of course, these larger and more substantial organizations are more prone to data theft, but private networks are still susceptible.
As with managing one protocol in a home network resource management model, embedding just one device with suitable cyber security technology may not be enough. Instead, a risk management model, overseeing a variety of security objectives and the means to meet them, can be more successful in the current home comprised of collective network devices.
This type of model is addressed in ISO/IEC 27001:2013 - Information technology - Security techniques - Information security management systems - Requirements.
All four of the aforementioned standards, along with a corrigendum to ISO/IEC 27001:2013, are available together as the ISO/IEC 30100 / ISO/IEC 27001 - IT Home Network Security Management Package. This package allows a user to efficiently and safely make use of a home network, and it is available only on the ANSI Webstore.
1. International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC), ISO/IEC 30100-1:2016: Information technology - Home network resource management - Part 1: Requirements (Geneva: ISO/IEC, 2016), 5.