Fujitsu Securing HPC Cloud with IoT final 12Mar19 · Recommendations to secure HPC on Cloud nDon’t open to public n Use 2-factor based VPN if public n Limit outgoing access nSimplicity

1 Copyright 2019 FUJITSU

Agenda

n Security Challengen Comparing IoT and HPCn Lessons Learnt

2 Copyright 2019 FUJITSU

Security Challenge

n Security Architecture: Defence in Depthn End-point, Network, System architecture

n Stakeholder’s Viewn Risk Management Frameworkn Security Policy

3 Copyright 2019 FUJITSU

Intelligence Led Security Lifecycle

Clear awareness of cyber security posture

External intelligence to develop perspective on external threat context

Routine assessment for vulnerabilities

Comprehensive event visibility & analysis

Robust management of the cyber security platforms

4 Copyright 2019 FUJITSU

Internet of Things

Millions and Billions of DevicesGenerating Data every second, every year

5 Copyright 2019 FUJITSU

Devices & Sensors, Sensor Network

Core and Edge Networks

IoT Platform (Cloud)

Analytics and Applications

Key Elements in IoT System

6 Copyright 2019 FUJITSU

Potential IoT Application Scenarios

Potential Themes

n Operational Optimizationn Workers Safetyn Worker Productivityn Inventory Managementn Equipment Preventive Maintenancen Physical Securityn Energy Managementn Many More...

7 Copyright 2019 FUJITSU

Security Threats in IoT

n Famous attacksn Mirai Botnet – DDOS attack

• Initiate DDOS

n Hackable Cardiac Devices from St Jude• Change pacing

n Owlet Wifi Baby Heart Monitor • Unsecured Wifi Router

n TRENDnet Webcam Hackn The Jeep Hack

Source: https://www.iotforall.com/5-worst-iot-hacking-vulnerabilities/

8 Copyright 2019 FUJITSU

Threat Analysis

n Public access to IoT Device, Gatewayn Potential rootkit attack

n Simple but many Devicen Sensor Data Privacyn Authentication and Confidentiality

n Password Management and Data Encryption

n Firmware Update/Configuration Management

9 Copyright 2019 FUJITSU

Lessons Learnt

n Security often come lastn Password Management

n Cost Benefit Analysis (against potential threats)n Trade-off between User Experience vs Ideal State

10 Copyright 2019 FUJITSU

Devices & Sensors, Sensor Network

Core and Edge Networks

IoT Platform

Analytics and Applications

Comparing Key Elements HPC:IoT

Servers and Interconnect

Core and Edge Networks

HPC Cluster, Scheduler, File System

Simulation and Modelling Workloads

11 Copyright 2019 FUJITSU

Why HPC on Cloud?

n Quick Scalingn Focus on Software to increase productivityn Flexible Architecturen Utility Costing Modeln Easy integration with other Cloud services

12 Copyright 2019 FUJITSU

Recommendations to secure HPC on Cloud

n Don’t open to publicn Use 2-factor based VPN if publicn Limit outgoing access

n Simplicity is Safetyn Don’t overly complicate your stack

n Automate your stack (build whole stack everytime)n Don’t rely on configuration management

n Make data not valuable (eg. use Data Masking)

13 Copyright 2019 FUJITSU