Ordr Announces a Milestone Release of Ordr Systems Control Engine

SANTA CLARA, Calif., January 21, 2021Ordr, the leader in visibility and security of all connected devices, today announced a significant release of the Ordr Systems Control Engine (SCE), a platform that discovers every connected device, profiles device behavior and risks, and automates response. Ordr SCE 7.4.2 is the largest product launch for the company to date and includes more than 160 new features, integrations, and enhancements to provide unparalleled visibility and protection to companies and their connected devices. 

As the number of connected devices — including unmanaged IoT, IoMT, and OT devices — continues to rise exponentially, so do the number of vulnerabilities and attack vectors. Organizations are struggling to maintain a real-time accurate inventory of all connected devices, not to mention the device intelligence to quickly make informed decisions. 

“Ordr provides the most robust, time-to-value security solution for organizations that want to reap the benefits of network-connected devices, yet curtail increased global incidents of ransomware, phishing, credit card, and personal data breaches,” said Gnanaprakasam Pandian, co-founder and Chief Product Officer of Ordr. “We are so excited to offer extensive new integrations from dozens of security and network vendors, as well as enhanced features to our customers in healthcare, manufacturing, financial services, life sciences, retail and beyond.”  

Ordr not only identifies devices with vulnerabilities, weak ciphers and certificates, and active threats, but also those that exhibit malicious or suspicious behaviors. Ordr automates responses for security and networking teams by dynamically generating policies and enforcing them on existing infrastructure, or by alerting and triggering a specific security or operational workflow.

Highlighted features and benefits of Ordr SCE 7.4.2 include:

  • Reduced infrastructure footprint with “sensor-less” visibility via telemetry data from supported switches, routers, firewalls, and wireless LAN controllers. Overnight, customers can leverage key technologies that are already in place and begin the Ordr journey.  
  • Increased efficiency with workflow-based dashboards to help customers quickly lookup devices that match specific conditions, including manufacturer, category, and profile as well as devices with sensitive data, devices with custom tags, devices communicating with administrative protocols, devices running outdated operating systems, and more. 
  • Security enhancements to enable our customers in the wake of high-profile ransomware as well as espionage-like activity seen in the SolarWinds attack with access to enhanced security components, focusing on optimized detection and tracking within the platform. Customers will have the ability to visually track antivirus software activity, URLs associated with phishing, malicious communications, user-defined prohibited country communications, and quickly see devices with admin protocols and a snapshot of criticality level for devices with known vulnerabilities.
  • Empowered Healthcare Technology Management (HTM) teams with actionable clinical data like medical device data from the FDA, clinical and patient risk associated with a device(s), and security risk from Manufacturer Disclosure Statement for Medical Device Security (MDS2) forms to help make informed decisions and initiate the appropriate workflows within a matter of minutes. 
  • New security integrations for efficient incorporation into a customer’s existing security workflows. This includes the ability to detect and track ransomware with signature improvements for expedited incident response (IR) processes. In addition, Anomali, Exabeam, Fortinet, IBM QRadar, and Ping Identity join existing partners such as Check Point, Splunk, ServiceNow, and many others, in Ordr’s integration portfolio — the most comprehensive ecosystem of integration partners in the market.
  • Enhanced analytics and use case-based policy generation so customers can quickly address scenarios such as controlling access for all physical security cameras used in a retail location, segment patient care devices by hospital and healthcare division, or tag all manufacturing devices that are still running Windows XP or Windows 7. 
  • Acceleration of Cisco TrustSec and Cisco Software-Defined Access (SD-Access) as Cisco’s leading IoT solution partner for Cisco Identity Services Engine (ISE). Ordr is the only product on the market to provide total IoT and OT visibility to Cisco ISE and the rich device context required to dynamically define Scalable Group Tags (SGTs), automate the provisioning of group-based segmentation policies and provide SGT visualization and traffic analysis that greatly accelerates the time to value and increases strategic adoption of Cisco TrustSec and SDA. 

For more information on Ordr SCE 7.4.2, visit our What’s New page: https://ordr.net/whats-new/ 


About Ordr

Ordr makes it easy to secure every connected device, from traditional IT devices to newer and more vulnerable IoT, IoMT, and OT. Ordr Systems Control Engine uses deep packet inspection and advanced machine learning to discover every device, profile its risk and behavior, map all communications and protect it with automated policies. Organizations worldwide trust Ordr to provide real-time asset inventory, address risk and compliance and accelerate IT initiatives. Ordr is backed by top investors including Battery Ventures, Wing, and TenEleven Ventures. For more information, visit www.ordr.net and follow Ordr on Twitter and LinkedIn.



Monica Wallace for Ordr 



Westcon expands IoT security offering through global distribution agreement with Ordr

LONDON, UK – 14th January 2021 Westcon, the global technology distributor, has today announced that it has signed an international distribution agreement with Ordr, the technology innovator specialised in securing connected devices, including IoT (Internet of Things), IoMT (Internet of Medical Things) and OT (Operational Technology) as well as traditional IT devices.

With this latest partnership, Westcon has further strengthened the IoT security pillar within its NGS (Next Generation Solutions) go to market strategy, building on Westcon’s ability to unlock recurring revenues in a cloud first world.

Ordr delivers a purpose-built platform for visibility and security of all connected devices, including unmanaged IoT, OT and IoMT devices. Within a few hours of deployment, Ordr automatically discovers and classifies every device, complete with high-fidelity information such as make, model, software version, location, and application/port usage.  Every device is continuously analyzed to baseline appropriate behaviors, map communication patterns, and identify any malicious or anomalous traffic.

Ordr also takes action to mitigate risks. By learning the unique communication patterns of each device, Ordr can generate security policies to allow devices access they need while limiting unnecessary exposure. Ordr offers the most comprehensive integrations in the market, enriching existing asset databases while generating and enforcing policies in next-generation firewalls, network access control solutions and wireless LAN controllers to proactively fortify enterprise infrastructure against attacks.

Eric Berkman, Sr. Director of Worldwide Channel at Ordr, says: “We’re focused on making IoT and connected device security simple. Our platform allows customers to address the security risks posed by IoT hardware and software, providing a giant leap forward to protect customers’ devices, their networks, and their data. We’re excited to work with Westcon to give organizations peace of mind in knowing that they are able to effectively secure every device in their environment.”

Daniel Hurel, VP Westcon EMEA – Cyber Security & Next Gen Solutions, Westcon, concludes: “With the global IoT security market predicted to grow from US $12.5 billion in 2020 to US $36.6 billion by 2025 and the number of IoT devices globally soaring towards 75 billion, this new distribution agreement with Ordr is set to play a crucial part in bringing our IOT security offering to market. Using Ordr to isolate mission-critical IOT devices that share sensitive organisationally unique data or run vulnerable operating systems should be part of every network security strategy. We look forward to introducing Ordr to our globe-spanning network of partners.”


Ordr Announces Partnership with Healthcare Managed Security Services Provider HSS

SANTA CLARA, Calif.Dec. 17, 2020 /PRNewswire/ — Ordr, the leader in security for Internet of Things (IoT) and unmanaged devices, today announced a new partnership with HSS Technology Services, a managed security services provider that specializes in high-risk environments like healthcare, where safety and security are essential. As part of the partnership, HSS will immediately give customers the option of incorporating Ordr into their Spotlight™services offering. Spotlight is a medical device security services program that aims to address challenges facing healthcare organizations, such as cyberattacks resulting in compromised devices that impact patient safety, protected patient information and network security. New HSS customers will have full access to Ordr’s powerful capabilities as a component of the Spotlight service offering.

The Spotlight program has already been embraced by numerous healthcare leaders. “The Spotlight program takes the stress and effort off of managing the cyber risks of medical devices by combining Ordr’s unmatched visibility into medical devices and risks, with a managed services team that can help us address them,” said Mark Heston, Director of Clinical Engineering, Children’s Hospital Colorado.

The HSS Spotlight program using Ordr technology is ideal for small and mid-sized healthcare providers. Using Ordr as a premier asset discovery tool, customers will be able to discover and classify connected devices and identify vulnerabilities across thousands of medical device models. HSS will correlate device and risk insights from Ordr with its proprietary vulnerability database, and provide real-time support to its customers, including a full-time technician who will be on-site to remediate vulnerabilities. HSS technicians will be armed with a prioritized plan for addressing risks over time with consistent and thorough maintenance and security efforts. HSS will provide vulnerability remediation via patches and updates and work with security and network teams on protection best practices. HSS can rapidly respond to customer issues and collaborate with them to maintain high levels of security preparedness.

“Healthcare organizations are facing a number of challenges, including increasing regulations,  increasing threat of cyber attacks, and financial insecurity due to the COVID-19 pandemic,” said Kirsten Benefiel, CEO of HSS. “The HSS Spotlight program using Ordr technology is one way healthcare systems can retake control, allowing them to reduce the risk in their organizations, improve patient safety and create efficiencies that will create a return on their financial investment.”

Healthcare organizations have on average 10-15 connected devices per bed. The dramatic rise in the number of cyberattacks on hospitals and the expanded attack surface from these devices create real risk for these organizations, particularly those with medical devices using older or proprietary operating systems. HSS using Ordr technology protects these healthcare organizations, allowing them to identify all medical devices, prioritize their risks, and ensure they are maintained with the latest security patches to ensure they do not become a threat vector for a potential attack.

“We are excited to partner with HSS and combine our technology with their on-the-ground expertise to address the needs of small and mid-sized healthcare providers,” said Greg Murphy, CEO of Ordr.

For more information on HSS Spotlight, call (800) 846-0096 or visit hsstechservices.com.

For more information about Ordr, visit www.ordr.net.

Ordr Recognized as 2020 Market Leader in Healthcare IoT Security by KLAS Research for Second Straight Year

Santa Clara, CA, November 9, 2020 — Ordr, the leader in security for enterprise IoT and unmanaged devices, has been named a leading vendor in the Healthcare IoT Security market, according to a new report, “Decision Insights: Healthcare IoT Security,” from KLAS Research, a premier healthcare IT data and insights firm. Ordr was highlighted for its fast pace of growth, strong technology offering, high customer satisfaction, and the highest market share among selected vendors. Fifty-one healthcare organizations were interviewed for the report.

Within the healthcare industry, IT and security teams realize that it’s no longer enough to only secure medical devices. Every IoT device found in healthcare settings, from HVAC systems to smart home devices, is a potential vulnerability. Ordr delivers the only solution to address the visibility and security of every connected device so that healthcare organizations know their entire facility is protected.

According to the KLAS report, “Ordr has continued to be one of the market leaders in terms of wins and considerations for the second straight year, resulting in their current leading market share.” Ordr was also praised by customers interviewed by KLAS for:

  • The breadth and number of devices Ordr can detect;
  • The highly granular visibility the solution provides;
  • Ordr’s culture of “flexibility and willingness to partner;”
  • Strong technology integrations that help drive value with the solution; and,
  • High customer satisfaction.

“Healthcare organizations have been hit with a wave of malicious cyber-attacks, compounding the pressure they feel to respond to the pandemic. Ordr is helping to ensure that healthcare providers can reliably deliver care when it’s needed most by keeping their devices and networks secure and available,” said Greg Murphy, CEO of Ordr. “KLAS’s recognition of our capabilities, customer focus, and market leadership is validation of the success we’ve achieved, together with our customers, at closing critical healthcare IoT security gaps.”

KLAS Report Continues Year of Growth, Achievement

Ordr’s top ranking in the KLAS Healthcare IoT Security Report is the latest in a string of milestones achieved over the past year, including:

  • $33 million Series B funding led by Battery Ventures, including investments from Kaiser Permanente Ventures and Mayo Clinic;
  • Launch of the Ordr IoT Discovery Program, designed to bring visibility and accurate asset inventory of connected devices to organizations within minutes of deployment;
  • Partnerships with bellwether technology innovators, including VMware and Check Point Software;
  • Launch of the Ordr global Enterprise IoT Security Channel Partner Program; and.
  • Ongoing product enhancements, an expanded leadership roster, and continued company growth.

The company also recently convened a Healthcare Customer Advisory Board and Healthcare User Groups to share security best practices and provide vital, experiential feedback to inform future product development. Inaugural members of the Ordr Customer Advisory Board such as Jeffrey Vinson, CISO, Harris Health System (Harris County, TX) and Skip Freeman, CIO of Freeman Health System (Joplin, MO) are addressing unique use cases with Ordr Systems Control Engine (SCE).

“Most healthcare organizations don’t realize that a vending machine may be connected to the same network as a critical life-saving device like a ventilator,” said Jeffrey Vinson, CISO, Harris Health. “We have partnered with Ordr because the company provides the most comprehensive IoT security solution that goes beyond simple device inventory. Ordr discovers all connected devices, helps us identify risks and malicious behaviors in devices, and can automatically generate segmentation policies to secure high-risk devices.”

“COVID-19 has forced healthcare organizations to double-down on prioritizing security while balancing other organizational priorities and needs. CIOs need to find ways to support the business,” said Skip Rollins, CIO, Freeman Health. “Ordr is a tool we lean on not only for visibility and security of unmanaged and IoT devices, but for device utilization insights. Details about how often a device is being used helps us to optimize device allocation and support procurement decisions.”

For more information on how Ordr helps industries such as Healthcare, please visit https://ordr.net/solutions/healthcare/. A summary of the KLAS Healthcare IoT Security Report can be found here.

Ordr Announces Interoperability with VMware Virtual Cloud Network Solutions for Campus and Data Center Device Visibility Made Simple

Healthcare provider CHRISTUS Health Takes a New Approach to Enable End-to-End Campus and Data Center Networking and Security


Santa Clara, CA, September 29, 2020 Ordr, a leader in security for enterprise IoT and unmanaged devices, today announced the integration of Ordr Systems Control Engine (SCE) with VMware NSX-T and VMware NSX Intelligence to provide organizations with comprehensive IoT visibility, accelerated data center microsegmentation, and enhanced day-two operations capabilities.

Ordr SCE and NSX-T provide ongoing programmatic synchronization from Ordr to VMware NSX for profile objects and the respective device IP addresses they contain. With the ability to share detailed campus-related device type data points with NSX, organizations now see which types of campus devices are communicating with the data center. Coupled with NSX Intelligence, organizations gain powerful visualization of how these Ordr-defined campus group objects are communicating to various virtual machines (VMs) within the data center.

“The combination of Ordr with VMware NSX and NSX Intelligence gives organizations the ability to understand how campus and branch devices communicate with data center workloads, quickly identify unmanaged campus devices, and use those insights to streamline NSX policy generation for VMs,” said Iain Leiter, Senior Technical Solutions Architect, Ordr. “Organizations will also be able to minimize the business impact of firewall changes by visualizing allowed or blocked campus traffic.”

Where organizations once had only the singular view of an unknown IP for visibility, Ordr now provides device context as an object with a grouping construct to programmatically populate that group in NSX. Using NSX Intelligence, organizations can now see the network traffic flow plus the Ordr context of the device type.

“VMware and Ordr are working together to provide our mutual customers with visibility into how and which unmanaged campus and branch devices are communicating with workloads in the data center,” said Dhruv Jain, senior director, product marketing for networking and security at VMware. “These organizations will be able to more quickly view and address these traffic flows and accelerate data center micro-segmentation initiatives to help enable vulnerabilities or threats are isolated before they can interfere with these mission-critical workloads.”

The combined solution of Ordr Systems Control Engine (SCE), VMware NSX-T and VMware NSX Intelligence will be demonstrated at VMworld 2020 online, September 30-October 1. VMware NSX users will be able to:

    • Achieve cutting edge visibility by understanding how each type of unmanaged campus and branch connected device is communicating with mission critical virtual workloads in the data center.
    • Accelerate NSX-T microsegmentation initiatives by integrating data from Ordr and using NSX Intelligence to visualize and automate optimal policy design while quickly determining exactly which campus devices, including IoT/OT, are communicating to virtualized workloads in the data center.
    • Minimize the potential business impact associated with firewall changes by using Ordr integrated with NSX Intelligence to quickly visualize and troubleshoot allowed and blocked traffic from campus devices.

To learn more, join the VMworld breakout session NSX Intelligence: Visibility and Security for the Modern Data Center – Pt2 [ISNS2496] with Ray Budavari, Sr. Staff Technical Product Manager at VMware, along with Brandon Rivera, Enterprise Infrastructure Architect at CHRISTUS Health, and Iain Leiter, Sr. Technical Solutions Architect at Ordr as they deep dive into the integration, and provide a live demo of the Ordr and NSX Intelligence capabilities.


About Ordr

Ordr secures the millions of enterprise IoT and unmanaged devices such as manufacturing machines, building systems, medical equipment, printers and more that run within global networks. The Ordr Systems Control Engine uses machine learning to automatically discover and classify every IoT and unmanaged device, map all communications, detect and prioritize vulnerabilities, and then proactively secure each device through dynamic policy generation and segmentation. Organizations use Ordr to discover their devices, track usage, achieve proactive protection and compliance. For more information about Ordr, go to www.ordr.net.


VMware, NSX, and NSX-T are registered trademarks or trademarks of VMware, Inc. in the United States and other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.

Ordr Announces IoT Discovery Program To Uncover Shadow IoT

Santa Clara, CA, September 22, 2020 — Ordr, the leader in security for enterprise IoT and unmanaged devices, announced the availability of the Ordr IoT Discovery Program to uncover shadow IoT devices and their corresponding risks with a turnkey solution that takes minutes to deploy. Qualified users are provided a complete kit including a cloud-managed, zero touch provisioning sensor, and a limited-duration license to the new Ordr Core software. For enterprises that need to maintain continuous, high-fidelity visibility across the entire network, the Ordr Core software subscription delivers foundational device discovery, classification, and behavior analysis as well as risk profiling functionality.

Enterprise IoT security continues to be a major concern across all industries and, with more than 25 billion internet-connected devices operating today, ZK Research predicts that number will skyrocket to 80 billion by 2025. The rapid proliferation of these connected IoT devices has simultaneously created more attack surfaces and vulnerabilities for every enterprise. Zeus Kerravala, Principal Analyst at ZK Research, said, “Every connected device is a potential attack vector, especially when deployed outside the purview of security and IT. In order to secure their devices, organizations must start with visibility into what is actually connected but most organizations don’t have the time or resources to do this manually and have had to live with the risk of not knowing what’s lurking in the shadows.”

The Ordr IoT Discovery Program is a complete kit—cloud-managed IoT sensor and Ordr Core software — to get organizations up and running within minutes, not weeks. Following zero touch provisioning and installation of the IoT sensor, device data is sent to the Ordr Cloud dashboard, making it easy for enterprises to analyze and act upon the granular, connected device insights to drive security decisions and improve operational performance. This functionality comes at no cost to enterprises for a 30-day trial period, that can then be upgraded to a paid deployment. The Ordr IoT Discovery Program is available through Ordr channel partners, including Cadre, Carousel Industries, CDW, GuidePoint Security, Logicalis, Novacoast, and The Teneo Group.

“Shadow IoT is a growing challenge for enterprises in every industry. Organizations have no idea what devices are lurking on their networks, and as IoT adoption accelerates, the problem is only going to get worse. You can’t secure what you can’t see, but Ordr’s IoT Discovery Program gives you visibility into your devices and risks so you can make informed decisions about device security and management,” said Jason Viera, CTO at Carousel Industries.

“For healthcare organizations, the ability to obtain comprehensive visibility into what’s on their network is critical not only for asset inventory, but overall patient safety as well. They need an accurate inventory of devices in the network, to track those that have been recalled, have vulnerabilities or are running aging or outdated operating systems. Ordr’s IoT Discovery Program streamlines this process,” said Tom Stafford, Healthcare Chief Technology Officer at CDW Healthcare.

Ordr Core with new zero touch provisioning capabilities enables organizations to immediately discover devices, revealing everything that is connected to the network as well as the security and management risks associated with those devices. Based on an understanding of device behaviors and risks, organizations can then enable automated actions and advanced integrations with the Ordr Premium software subscription to proactively address these risks.

“IoT management and security has traditionally been difficult without a comprehensive approach to finding, classifying, and securing those devices,” said Greg Murphy, CEO, Ordr. “With our IoT Discovery Program, new software packaging, and zero touch capabilities, every enterprise can inventory all of the devices on their network to understand granular details such as make, model, operating system, and vulnerabilities, as well as profile exactly how devices are behaving.”

To learn more about the Ordr IoT Discovery Program, get complete visibility into your IoT deployment, and uncover critical insights into the health and security of your network, visit https://ordr.net/sensor.


Ordr is a 2020 SINET 16 Award Winner for Cybersecurity Innovation

Santa Clara, CA, Sept 15, 2020 — Ordr, the leader in security for enterprise IoT and unmanaged devices, is a SINET 16 Innovator Award winner for 2020. Chosen from among hundreds of aspirant companies representing all emerging disciplines in network and data protection, Ordr is one of just 16 to be recognized for its IoT security platform.

SINET 16 Innovators are selected annually by a committee of more than 100 cybersecurity industry experts who evaluate applicants based on the following criteria:

  • The urgency in the marketplace for their products and solutions
  • How innovative and unique their solutions are
  • How well their products and technologies solve real and significant cybersecurity problems
  • What advantages exist over other solutions
  • The companies’ ability to succeed based on the state of their product, capital, and leadership

When announcing this year’s award winners, SINET Chairman and Founder Robert Rodriguez said, “123 companies applied from over a dozen countries, I would say that this year’s class may be the tightest in terms of competition, amazing technology and solutions.”

Rapid adoption of enterprise IoT continues apace across all industries, with more than 25 billion internet-connected devices operating today, and 80 billion in service by 2025, according to Zeus Research. Each unknown, unmanaged, and unsecure device increases an organization’s vulnerability to attack. The Ordr Systems Control Engine platform discovers all connected devices, profiles device behavior, assesses associated risks, and automates response and creation of security policies to ensure maximal protection against attack and compromise.

“Automated response and enhanced visibility is what the CISO community is prioritizing in today’s environment and is why Ordr differentiated themselves from other solution providers. It is with great pleasure to recognize Greg Murphy and his entire team for their hard work and ability to deliver strong value add to protect our nations top critical infrastructure companies,” said Robert Rodriguez, Chairman and Founder, SINET.

“You can’t protect what you can’t see, and there are a lot of connected devices hiding in the shadows of today’s enterprises,” said Greg Murphy, CEO, Ordr. “Using Ordr, our customers have found medical devices they thought lost, discovered unathorized smart assistants connected to their networks, and profiled devices calling home to places like Iran and North Korea. More to the point, using Ordr, they’ve been able to take automated action to mitigate the risks associated with such devices. We are grateful for the support of our customers and partners, and are thrilled that our groundbreaking IoT security platform has been recognized by SINET.”

Ordr will be presenting on its technology and platform at the SINET Virtual Showcase, scheduled for October 20th this year. The SINET Showcase attracts senior information security personnel and members of the public and private sector buyers, builders, investors and researchers to learn how technical innovations are addressing the most pressing needs in information security.



Ordr Releases 2020 Enterprise IoT Report Highlighting Security and Shadow IoT Threats

Santa Clara, CA, July 22, 2020 — Ordr, the leader in security for enterprise IoT and unmanaged devices, released new research into connected device adoption and risks entitled Rise of the Machines: 2020 Enterprise IoT Adoption & Risk Report. The study incorporates analysis of anonymized data from more than 5 million unmanaged, IoT, and IoMT devices in Ordr customer deployments across a variety of verticals including healthcare, life sciences, retail and manufacturing, between June 2019 and June 2020.

Ordr’s Rise of the Machines: 2020 Enterprise IoT Adoption & Risk Report identifies real-world risks across a diverse set of connected devices, reaffirming the need for a comprehensive approach to securing all devices, including discovery, classification, profiling of risks and automated segmentation.

“In some of my recent research around enterprise IoT security I’ve found that more than 51% of IT teams are unaware of what types of devices are touching their network,” said Zeus Kerravala, ZK Research. “But perhaps what is more disconcerting is that the other 49% often times find themselves guessing or using a ‘Frankenstein’d’ solution to provide visibility into their network security, which will almost always create security issues. Shadow IoT is becoming a real security challenge, as It’s not enough to have the visibility into what is touching your network, but you need a solution like Ordr’s that allows for you to resolve the issues in a scalable automated fashion.”

Among the report’s most interesting findings were the frequent discovery of consumer-grade shadow IoT devices on the network such as Amazon Alexa and Echo devices. The most notable devices discovered on the network included a Tesla and Peloton. Similar to the early days of cloud adoption, where SaaS applications were deployed without IT’s knowledge, unknown and unauthorized IoT devices are now being deployed in the enterprise, introducing a new attack surface.

Ordr also discovered Facebook and YouTube applications running on MRI and CT machines, both of which often use legacy and unsupported operating systems like Windows XP. Using medical devices to surf the web puts the organization at a higher risk of falling victim to a ransomware and other malware attacks.

“We found a staggering number of vulnerabilities and risks concerning connected devices,” said Ordr CEO Greg Murphy. “To truly realize the potential of IoT, security is paramount. As more IoT devices are deployed, security and risk decision makers need to not only gain visibility into what is connecting to their network, but also understand how it is behaving.”

Additional Ordr findings from these deployments include:

  • 15-19 percent had IoT devices running on legacy operating systems Windows 7 (or older). Since it is often not economical to take these critical systems out of service, these devices need to be properly segmented.
  • 20 percent had PCI-DSS violations where IoT devices with credit card information were on the same subnet or VLAN as a tablet, printer, copier, or video surveillance camera.
  • 86 percent of healthcare deployments had more than 10 FDA recalls against their medical IoT devices, meaning the medical device is defective, poses a health risk, or both.
  • 95 percent of healthcare deployments had Amazon Alexa and Echo devices active in their environment alongside other hospital surveillance equipment. Voice assistants can unknowingly eavesdrop and record conversations and may put the organization at risk of a HIPAA violation.
  • 75 percent of healthcare deployments had VLAN violations where medical devices were connected to the same VLAN and subnet as other non-medical devices.

There are real risks and threats posed by IoT, IoMT, and other connected devices if not accounted for and properly managed. As many analysts  , there is no sign of the slowing of adoption of IoT devices in the workplace, so security needs to be prioritized. Ordr enables organizations to discover and safeguard the universe of connected devices in their environment today.

For additional findings and details, Rise of the Machines: 2020 Enterprise IoT Adoption & Risk Report can be downloaded in its entirety here.

Ordr Brings its Leading Device Visibility and Security Platform to Check Point Software Technologies’ Customers through the IoT Protect Discovery Program

Santa Clara, CA, July 17, 2020 – Ordr, the leader in security for unmanaged devices and enterprise Internet of Things (IoT), today announced an expanded partnership with Check Point Software Technologies Ltd. and availability of its products on the Check Point Global Price List.

Ordr Systems Control Engine (SCE) automatically discovers, classifies, and behaviorally profiles IoT, IoMT, operational technology (OT), and unmanaged devices connected to enterprise networks, addressing one of today’s largest visibility and security gaps. At CPX 2020, Ordr launched its advanced integration with the Check Point IoT Protect Security solution. Uniquely, Ordr dynamically provides IoT device details and segmentation policies. That information is sent to Check Point’s advanced IoT Protect Manager for finalization and enforcement through Check Point’s Quantum Security Gateways™. The resulting security policies ensure IoT devices communicate only with approved destinations and services, eliminating the tedious work to manually define, tune and maintain segmentation policies.

Today’s announcement by Check Point expands that relationship, making Ordr’s advanced capabilities available to its customer and partner community through a listing on Check Point’s price list.

“We are excited to bring Ordr SCE to our customers as part of Check Point’s IoT Protect Discovery program,” said Russ Schafer, Head of Product Marketing at Check Point. “The combination of Ordr’s Systems Control Engine and Check Point’s IoT Protect threat prevention solution provides our healthcare customers the visibility, security, and automation to protect networks from emerging IoT threats.”

As a channel-first, channel-focused company since inception, Ordr is particularly excited to engage Check Point partners, enabling them to expand the breadth, depth, and strategic importance of Check Point solutions to their customers. “Gartner Research predicts IoT security to be a $3.1B market in 2021,” said Eric Berkman, Senior Director of Worldwide Channels for Ordr. “Ordr SCE’s ability to not just alert on potential issues, but proactively segment and enforce policies for IoT devices using Check Point Security Gateways and Next Generation Firewalls means channel partners can open a meaningful new strategic dialog with their existing customers in a rapidly growing, critically-important market.”

Benefits of combining the Check Point and Ordr solutions include:

  • Automatic discovery and classification of IoT, IoMT and OT devices
  • Direct integration of device context into the Check Point IoT Protect Manager, including asset type, make and model, OS version and risk information
  • Use of Check Point’s advanced APIs to automatically send Ordr Zero Trust segmentation policies to the Check Point IoT Protect Manager for distribution to Check Point’s Quantum Security Gateways™
  • Automatic updates of Check Point’s Quantum Security Gateways™ with current device IP information, regardless of network location or dynamic addressing
  • Dynamic generation of firewall zoning policies directly into Check Point IoT Protect Manager , allowing for protection and control of the IoT and OT environment within minutes

The Ordr SCE solution for Check Point is available today. For more information, visit https://ordr.net/checkpoint, or contact your Check Point representative or channel partner.

Ordr Redefines IoMT and Enterprise IoT Security with Broader, Deeper Classification and Insights

Santa Clara, CA, July 1, 2020 — Ordr, the leader in security for enterprise IoT and unmanaged devices, today announced new capabilities in the company’s Systems Control Engine (SCE) 7.2 software. This release further extends IoT and unmanaged device visibility and classification, enabling organizations to monitor for risks and proactively strengthen infrastructure via automated segmentation policy generation and enforcement. Enhanced analytics also provide organizations with insights into device utilization to inform budgetary and maintenance decisions, allowing for better management of capital resources. The 7.2 release also addresses and mitigates risks from Ripple20 vulnerabilities.

IDC predicts that there will be 41.5 billion connected IoT devices by 2025. The diversity of IP-enabled devices includes everything from vending machines and printers, to mission-critical MRI machines and security cameras. However, these devices can be difficult to secure as they often run old or obsolete operating systems, cannot support corporate endpoint security agents, or cannot be taken offline to be patched. Device ownership and utility is split among diverse groups, which exacerbates this problem as most organizations are not aware of all of the devices connected to the network. These challenges underscore the need for a platform that brings together IT, Security, and IoT Operational owners.

“With this latest version of the Ordr Systems Control Engine, we are further delivering on our promise of providing the most comprehensive enterprise IoT security platform in the market,” said Gnanaprakasam Pandian, co-founder and Chief Product Officer, Ordr. “We’ve expanded our device classification capabilities, enriched our device insights, and extended our integrations. Networking teams, security teams, lines of business owners, facilities teams, and IoT device owners can standardize on the Ordr platform while addressing specific IoT device security needs.”

Ordr SCE discovers every connected device, maps communications patterns, and assesses risks. Based on sanctioned device communications patterns, segmentation policies can be created and enforced across networking and security infrastructure to isolate mission-critical devices – those that share protected confidential information or run vulnerable operating systems. Ordr SCE allows for an agentless deployment, which can be delivered at scale via the cloud or as an on-premise solution.

“Vulnerabilities such as the recently discovered Ripple20 reinforce the challenges organizations face with connected IoT and OT devices. In response, we’ve incorporated a Ripple20 active scanner into the Ordr SCE to help organizations accurately identify, or verify, if a device is at risk. We can also detect exploits of Ripple20 and isolate impacted devices,” said Jeff Horne, CSO, Ordr. “These continuing threats validate the need for proactive protection based on rich visibility into the behavior of connected devices to combat current and future vulnerabilities.”

Key highlights of Ordr SCE 7.2 include:

Broader and Deeper Visibility and Classification for Internet of Medical Things (IoMT)

Ordr further extends its understanding of millions of IoMT devices. SCE 7.2 adds visibility and context for critical medical devices – such as        blood analyzers, patient monitors, protocol analyzers – as well as unmanaged endpoints and workstations, including those that may be deployed  behind existing network gateways.

New Visibility and Classification for Building Automation and Control Systems

Facilities managers in enterprises including healthcare, manufacturing, and retail organizations have adopted IoT for physical security of critical infrastructure, energy efficiency, and employees’ comfort and convenience. These controllers manage access, energy, and environmental air quality, which are critical to business operations. SCE 7.2 adds support for smart building systems including Honeywell, Johnson, Tridium, and Lutron BACnet controllers to ensure facilities teams can operate state of the art systems without compromising security.

Enhanced Device Insights

IT and OT teams need access to rich device insights to identify underutilized high-capital equipment, to ensure the longevity of certain devices, or to address compliance. SCE 7.2 enhances the solution’s already strong device and utilization insights:

  • Device utilization – During the COVID-19 surge, customers used Ordr to identify and quickly repurpose underutilized devices and track high demand devices such as ventilators. In this release, Ordr enables enhanced utilization insights for additional devices such as Hospira, Braun, and Smiths Medical infusion pumps.
  • Device user mapping – Ordr can extract the latest authentication information via Active Directory/LDAP, WinRM/WMI, and Kerberos to identify device users. Such information is critical to locate devices associated with a specific owner or to identify the most recent authenticated login during a security incident.

Extended list of integrations

Ordr has one of the most comprehensive sets of product integrations in the market. Ordr provides value to networking, security and device owners via built-in integrations that can mitigate organizational risks and increase efficiency. Integrations in this release include:

    • Discovery: Computer maintenance management systems (CMMS) including enhanced integration with Nuvolo.
    • Risk: Vulnerability management solutions such as Rapid7 and Tenable to inform an overall risk posture but also enable vulnerability identification in networks with sensitive devices that cannot withstand active scans.
    • IT and SecOps: Security operations center (SOC) and IT service management (ITSM) tools such as Splunk, ServiceNow and LogRhythm.
    • Networking and Infrastructure: Check Point, Palo Alto Networks, Cisco ISE, Aruba ClearPass, and Infoblox.
    • Additional information can be found in the latest Integrations Overview.

Ripple20 solution1

JSOF recently published information on 19 vulnerabilities they found in the Treck TCP/IP software used by many device manufacturers. Ordr SCE can detect devices impacted using a built-in Ripple20 scanner, and active exploitation using the Ordr intrusion detection engine. Ordr then proactively isolates impacted devices by dynamically generating policies and enforcing them on network devices or next-generation firewalls. For more information on how Ordr can help detect and mitigate these vulnerabilities, see the latest Ordr Security Bulletin.

[1]Available in 7.2.R5, 7.2.R6 and 7.2.R7 releases.