Ordr Arms Partners With Sensor To Uncover ‘Shadow’ IoT Devices

‘This was exactly what we wanted to do, and nobody could do it. And we talked to a lot of different IoT players and nobody could do it, but Ordr did it,’ an Ordr partner says of the new IoT Discovery Program that gives partners plug-and-play sensors and 30-day software trials for uncovering hidden IoT devices on the network.

Ordr wants to help channel partners “fast-track” IoT security deals with customers using a new plug-and-play sensor that can quickly uncover “shadow” devices hiding on the network that can potentially leave organizations vulnerable to cyber attacks and data breaches.

The Santa Clara, Calif.-based IoT security startup, whose top executives came from Aruba Networks, recently launched the IoT Discovery Program with the goal of making it easier for partners to start conversations with customers about IoT security issues and move into paid proof-of-concepts, which can open the possibility for additional services revenue.

[Related: 'Channel-First' IoT Security Startup Ordr Launches Partner Program]

Among the partners participating in the program are The Teneo Group, Carousel Industries, CDW, GuidePoint Security, Cadre, Novacoast and Logicalis.

At the center of the program is a small sensor device that plugs into the SPAN port of a network switch or a network tap that captures network traffic details quickly create an inventory of IoT devices communicating with the network that organizations may have not necessarily known about.

Ordr provides the sensor as part of a kit that comes with a 30-day trial of the Ordr Core software, which provides users cloud-based interface that lists, classifies and rates the security risk of all the IoT devices found on the network in addition to analyzing their behavior and what they’re communicating with.

“We literally plug the sensor in, and it calls home and auto-configures in a touchless manner to our analytics engine in the cloud,” Eric Berkman, Ordr’s senior director of worldwide channel, told CRN. “We really think it‘s a great way to start having large enterprises take a snapshot of a lab or a subnet and experience how quickly IoT discovery can exist and then drive larger enterprise conversations.”

Once the 30-day trial is over, customers can upgrade to a paid one-year subscription for Ordr or a one-, three- or five-year subscription to Ordr Premium, which comes with advanced capabilities like AI-based segmentation and policy creation as well as integrations with things like firewalls, network access controls and network management systems.

“The great thing is, we can take the organization down a progressive, evolutionary path, where through behavior learning, we start establishing baselines of what each device should or should not be doing,” Berkman said. “That then allows us to author and model appropriate enforcement policy at the switch, firewall or network access control level.”

On top of 20 percent margin for partners in Ordr’s deal registration program, the software can also lead to managed services and consulting opportunities for partners.

“If we‘re just starting to begin the process of IoT discovery, maybe they want to look to the partner, someone that’s qualified with the security expertise [who can] provide a risk analysis of what they’ve seen or a deeper dive of what an IoT assessment looks like across the environment,” Berkman said.

Paul Warnagiris, CEO of The Teneo Group, a Washington, D.C.-based managed security services provider and Ordr partner, said the plug-and-play sensor is exactly the kind of solution he was looking for to jump-start conversations with customers about IoT security.

“This was exactly what we wanted to do, and nobody could do it,” Warnagiris said. “And we talked to a lot of different IoT players and nobody could do it, but Ordr did it.”

With research firm ZK Research predicting that the number of IoT devices will reach 80 billion by 2025, the issue of identifying and securing such devices on enterprise networks has become critical, impacting a variety of industries, from manufacturing to health care.

For example, Teneo Group found that a health care customer, using Ordr’s software, had connected medical pumps that were sending encrypted data to servers in China, according to Warnagiris.

“There‘s absolutely no reason that should happen,” he said. “So they go to find these devices. Obviously, we want to take them off the network. And here they weren’t even theirs. They were a vendor’s that that left them there.”

To Warnagiris’ surprise in a joint interview with CRN, Berkman said Warnagiris’ suggestion of the sensor idea to Ordr several months ago played a key role in the development of the product.

“It was a really candid, forthright conversation. He told me what he needed. He told me why he needed it,” Berkman said. “And it was absolutely a conversation that stuck with me that we took back up and came back down with, so, Paul, you definitely were a key part of it.”

“I didn‘t really know that. I didn’t know if you guys were working on or not, but that’s awesome,” Warnagiris responded.