Wednesday, February 7, 2018

Microsoft IoT Security

An Internet of Things (IoT) solution offers a multitude of business benefits from decreased operational costs to new revenue streams. But it also comes with a host of security considerations, including an ever-changing array of regulatory compliance requirements, demanding expert navigation and acute attention to detail.

Below I’ve listed some of the critical questions to ask when deploying a secure IoT solution. To learn more about IoT security, be sure to register for the IoT in Action event in San Francisco on February 13.

How secure are your things?

For starters, the actual devices must be secure. In the next few years, a new wave of innovation will drive down costs and inundate the market with internet-connected devices in every price range, from electronic toys to manufacturing sensors. In anticipation of this, my Microsoft colleagues have identified The seven properties of highly secure devices. I have listed out each of these properties below, along with the fundamental questions you must ask:

  1. The hardware-based root of trust: Does each device have a unique identity that is inseparable from the hardware?
  2. Small trusted computing base: Is most of the device’s software outside its trusted computing base?
  3. Defense in depth: Does your device software have multiple layers of protection built-in?
  4. Compartmentalization: Are you using hardware-enforced barriers to stop failures from propagating to other components?
  5. Certificates-based authentication: Do your devices use certificates (vs. passwords)?
  6. Renewable security: Can the device’s software be updated automatically to a more secure state?
  7. Failure reporting: Do you have a solution in place to report software failures to the manufacturer?

How secure are your connections? 

More to the point, when you’ve got a bunch of devices talking to each other over the internet, how will you safeguard data confidentiality and integrity? When choosing an IoT monitoring and connection solution, make sure that it is using industry-proven data encryption. Solutions like the Azure IoT Suite secure the internet connection between the IoT device and IoT hub using the Transport Layer Security (TLS) standard.

Another question to ask is how you will prevent unsolicited inbound connections from wreaking havoc on your devices? Make sure that only devices are allowed to initiate connections and not the IoT hub. And speaking of the IoT hub: make sure that the one you’re using has the capability of maintaining a per-device queue – meaning that it can store messages for devices and wait for the devices to connect. For more on this topic, be sure to read IoT security from the ground up.

How secure is your cloud solution?

Is your cloud provider following rigorous security best practices? When choosing a cloud provider, make sure you pay careful attention to how they are handling the following areas.

  1. Network traffic segregation: Is IoT traffic segregated from other network traffic using an IoT gateway or other means?
  2. Monitoring: How is network traffic being monitored? How will you know if any credentials are compromised or if unmanaged devices are accessing your cloud services?
  3. Security controls: How well do you know your cloud provider’s SLA (service-level agreement)? Which security controls are being maintained by your provider and which will you need to address internally?
  4. Encryption and security key management: Does your IoT solution allow you to define access control policies for each security key? Is data in the cloud encrypted?

Have you registered for IoT in Action in San Francisco, CA on February 13, 2018?

These questions only scratch the broad surface of IoT security. To learn more about securing your IoT solution, register for this free, one-day event. You’ll hear from the researchers behind The seven properties of highly secured devices and see an IoT solution come to life before your eyes. You’ll also get insights into how Microsoft addresses IoT security through its Azure solutions. Plus, connect with partners who can help you bring your IoT solution from concept to reality. View the full agenda.

The post The Key IoT Security Questions You Need To Ask appeared first on ReadWrite.



from ReadWrite http://ift.tt/2nsmT1H

Related Posts:

  • LATEST TECHNOLOGY NEWS Russian hackers targeted the campaign of Sen. Claire McCaskill in the Kremlin's first identified attempt at interference this midterm election season, The Daily Beast reports. "While this attack was not successful, it is out… Read More
  • LATEST TECHNOLOGY NEWS When you read the news that they put a baby on the blockchain, your reaction makes you one of two types of people. Either you think, Mon dieu, is there anything the magical fairy dust known as blockchain can't solve? Or you … Read More
  • LATEST TECHNOLOGY NEWS New York City's bid to regulate the ridesharing industry may include some hard limits on the size of those businesses -- at least, for now. The City Council is looking at proposed legislation that would largely freeze the is… Read More
  • LATEST TECHNOLOGY NEWS Discovery could launch its own streaming service. CEO David Zaslav (above) said that he's considering bundling the 17 channels his company picked up in last year's Scrips Networks Interactive acquisition into a service that'… Read More
  • LATEST TECHNOLOGY NEWS Charter cable company acquired Time Warner Cable in a 2016 merger, becoming one of the largest TV providers in the country. Re-branded as Spectrum, the company introduced a streaming option last year. New York, however, hasn… Read More

0 comments:

Post a Comment

Followers

Contact Form

Name

Email *

Message *

Popular Posts

FOLLOW BY EMAIL

Enter your email address:

Delivered by FeedBurner