A recent study conducted by Microsoft in partnership with Ponemon Institute included a survey of companies that have adopted IoT solutions and 65 percent of them mentioned that security is a top priority when implementing IoT. Attacks targeting IoT devices put businesses at risk. Impacted devices can be bricked, held for ransom, employed as launch points for further network attacks, or used for malicious purposes. Among many consequences, we often see intellectual property (IP) and data theft and compromised regulatory status, all of which can have brand and financial implications on the business.
Subsequently, we did a survey to understand the top concerns around the security of IoT devices, and we shared the findings in a previous blog about best practices for managing IoT security concerns. The following list summarizes the top security concerns from companies that have adopted IoT solutions:
- Ensuring data privacy (46 percent).
- Ensuring network-level security (40 percent).
- Security endpoints for each IoT device (39 percent).
- Tracking and managing each IoT device (36 percent).
- Making sure all existing software is updated (35 percent).
- Updating firmware and other software on devices (34 percent).
- Performing hardware/software tests and device evaluation (34 percent).
- Updating encryption protocols (34 percent).
- Conducting comprehensive training programs for employees involved in IoT environment (33 percent).
- Securely provisioning devices (33 percent).
- Shifting from device-level to identity-level control (29 percent).
- Changing default passwords and credentials (29 percent).
To help address these concerns, Microsoft is thrilled to announce today the general availability of the extension of our Secured-core platform to IoT devices along with new Edge Secured-core certified devices from our partners Aaeon, Asus, Lenovo and Intel in the Azure certified device catalog. We have added this new device certification for our Edge Secured-core platform so customers can more easily select IoT devices that meet this advanced security designation.
As outlined in Microsoft’s Zero Trust paper, a key investment, especially around new devices, is to choose devices with built-in security. Devices built with Azure Sphere benefit from industry-leading built-in security, with servicing by Microsoft.
Announcements for Edge Secured-core
Edge Secured-core is a certification in the Azure Certified Device program for IoT devices. Devices that have achieved this certification provide enterprises the confidence that the devices they’re purchasing deliver the following security benefits:
- Hardware-based device identity: In addition to the various security properties that a hardware-based device identity provides, this also enables the use of the hardware-backed identity when connecting to Azure IoT Hub and using the IoT Hub device provisioning service.
- Capable of enforcing system integrity: Using a combination of processor, firmware, and OS support to facilitate measurement of system integrity to help ensure the device works well with Microsoft Azure Attestation.
- Stays up-to-date and is remotely manageable: Receives the necessary device updates for a period of at least 60 months from the date of submission.
- Provides data-at-rest encryption: The device provides built-in support for encrypting the data at rest using up-to-date protocols and algorithms.
- Provides data-in-transit encryption: IoT devices such as gateways, which are often used to connect downstream devices to the cloud, need inherent support for protecting data in transit. Edge Secured-core devices help support up-to-date protocols and algorithms that are used for data-in-transit encryption.
- Built-in security agent and hardening: Edge Secured-core devices are hardened to help reduce the attack surface and include a built-in security agent to help secure from threats.
In addition to addressing many of the top concerns that we’ve heard from customers around the security of their IoT devices, our data shows that Secured-core PCs are 60 percent more resilient to malware than PCs that don’t meet the Secured-core specifications. We’ve brought the learnings from Secured-core PCs to define the requirements for Edge secured-core devices.
Today, we’re excited to announce the availability of Windows IoT Edge Secured-core devices available in the Azure Certified Device catalog.