“Cybercriminals are taking advantage of the rapidly expanding attack surface found in today’s ‘any-to-any’ world, where individuals are using any device to access business applications in a network environment that utilizes decentralized cloud services.” – Cisco 2013 Annual Security Report

Malware creators, who are increasingly linked to cybercrime, have trained their sights on networks and network devices. In response, security capabilities must continue to evolve. The benefits of rock-solid security go beyond protecting the network and data. Security is directly tied to uptime: a secure system is an available system. At MontaVista we provide tools and services that enable the embedded devices to withstand today’s threats and remain continuously available.

Security and Embedded Devices

The focus of computer security is shifting to the network as network devices (and networks themselves) continue to proliferate. MontaVista Carrier Grade Edition 7 enables manufacturers of embedded devices to comply with widely accepted security standards.

Because we understand the critical role an operating system plays in fulfilling security requirements for network systems, MontaVista continues to enhance the security of Carrier Grade Edition. CGE includes Security-Enhanced Linux (SELinux), which supports United States Department of Defense-style mandatory access controls (MAC). MontaVista also uses the following specifications as guides to determine the best technology and practices to include in our CGE platform:

  • Security Technology Implementation Guide (STIG) UNIX version 5.0 r1

  • Common Criteria Operation System Protection Profile (OSPP) version 2.0

Including these specifications makes it significantly easier for MontaVista's customers to certify a full hardware/software product for these profiles and comply with widely accepted security standards.

Better Security Means More Uptime

At the end of the day, improved security means secure customer data and improved uptime. Security failures can of course have serious repercussions for a network – loss of sensitive data, loss of customer trust, fines and other penalties. But despite high-profile stories in the news, the vast majority of security issues are of the time-consuming variety: companies spend significant unproductive time preventing breeches and repairing those that occur. So the true impact of security is both less visible and larger than expected due to the quantity of hours (and years) that a team dedicates to it. That’s time not spent on productivity or innovation.

Our goal at MontaVista is to increase network uptime, while minimizing the effort companies spend on security and the disruption to end users of the network. MontaVista receives early notification of thousands of security issues, and the MontaVista security team proactively provides rapid updates of any new security fixes to the CGE7 platform. To improve uptime, CGE7 also includes live kernel patching, which allows field engineers to fix and upgrade live systems. With live kernel-patching technology in CGE7, security patches can be applied to the kernel of a live system to secure a network until scheduled maintenance.

Our investment in time and technology becomes our customers’ competitive advantage. The peace of mind for telecom carriers and other companies that use embedded devices is like an insurance policy they never think about.

To view a list of Common Vulnerabilities and Exposures (CVE), click here.