SlideShare una empresa de Scribd logo

Securing_your_Internet_of_Things_from_the_ground_up_white_paper_EN_US

I
Ingrid Fernandez, PhD
1 de 14
Descargar para leer sin conexión
Securing your Internet of Things from the ground up Comprehensive built-in security features of the Microsoft Azure IoT Suite
Securing your Internet of Things from the ground up Executive Summary The Internet of Things (IoT) poses unique security, privacy, and compliance challenges to businesses worldwide. Unlike traditional cyber technology where these issues revolve around software and how it is implemented, IoT concerns what happens when the cyber and the physical worlds converge. Protecting IoT solutions requires ensuring secure provisioning of devices, secure connectivity between these devices and the cloud, and secure data protection in the cloud during processing and storage. Working against such functionality, however, are resource-constrained devices, geographic distribution of deployments, and a large number of devices within a solution. This paper explores how the Microsoft Azure IoT Suite provides a secure and private Internet of Things cloud solution. The Azure IoT Suite delivers a complete end-to-end solution, with security built into every stage from the ground up. At Microsoft, developing secure software is part of the software engineering practice, rooted in our decades long experience of developing secure software. To ensure this, Security Development Lifecycle (SDL) is the foundational development methodology, coupled with a host of infrastructure-level security services such as Operational Security Assurance (OSA) and the Microsoft Digital Crimes Unit, Microsoft Security Response Center, and Microsoft Malware Protection Center. The Azure IoT Suite offers unique features which make provisioning, connecting to, and storing data from IoT devices easy and transparent and, most of all, secure. In this paper we examine the Azure IoT Suite security features and deployment strategies to ensure security, privacy, and compliance challenges are addressed. We’ve organized the paper to touch on the following subjects:  Introduction. An understanding of the major security issues inherent to any IoT solution and recommendations for what to consider when looking for an IoT solution provider.  The value of the Microsoft Trusted Cloud. A discussion detailing Microsoft’s established history as a trusted cloud provider and the cloud features that support security in the design of all of Microsoft’s software and cloud services.  The comprehensive components that make the Azure IoT Suite unique within the marketplace. We explore Azure as a trusted platform with built-in security, compliance, privacy, transparency, and control features. We then look at how individual components within this platform together form the foundation for the Azure IoT Suite. We then take a deeper dive into how these pieces deliver secure device provisioning, connectivity, processing and storage.  Securing your infrastructure. Using the Azure IoT Suite and Microsoft technology, we offer prescriptive advice and best practices to follow to ensure IoT deployments keep businesses safe and sound.
Securing your Internet of Things from the ground up Introduction ..........................................................................................................................................................1 Microsoft – a secure infrastructure from the ground up..................................................................2 Microsoft Azure – a secure IoT infrastructure for your business....................................................2 Secure device provisioning and authentication................................................................................ 3 Secure connectivity....................................................................................................................................... 4 Secure processing and storage in the cloud...................................................................................... 5 Securing an IoT Infrastructure.......................................................................................................................5 IoT hardware manufacturer/integrator................................................................................................. 6 IoT solution developer................................................................................................................................. 7 IoT solution deployer ................................................................................................................................... 7 IoT solution operator ................................................................................................................................... 7 Conclusion.............................................................................................................................................................8 Appendix.............................................................................................................................................................10
1 Securing your Internet of Things from the ground up Introduction The Internet of Things (IoT) is the wave of the future, offering businesses immediate and real-world opportunities to reduce costs, increase revenue, and transform their business. Many businesses, however, are hesitant to deploy IoT in their organizations due to concerns about security, privacy, and compliance. A major point of concern comes from the uniqueness of the IoT infrastructure, which merges the cyber and physical worlds together, compounding individual risks inherent in these two worlds. Security of IoT pertains to ensuring the integrity of code running on devices, providing device and user authentication, defining clear ownership of devices (as well as data generated by those devices), and being resilient to cyber and physical attacks. Then, there’s the issue of privacy. Companies want transparency concerning data collection, as in what’s being collected and why, who can see it, who controls access, and so on. Finally, there are general safety issues of the equipment along with the people operating them, and issues of maintaining industry standards of compliance. Given the security, privacy, transparency, and compliance concerns, choosing the right IoT solution provider remains a challenge. Stitching together individual pieces of IoT software and services provided by a variety of vendors introduces gaps in security, privacy, transparency, and compliance which may be hard to detect, let alone fix. The choice of the right IoT software and service provider is based on finding providers which have extensive experience running services which span across verticals and geographies, but are also able to scale in a secure and transparent fashion. Similarly, it helps for the selected provider to have decades of experience with developing secure software running on billions of machines worldwide, and have the ability to appreciate the threat landscape posed by this new world of the Internet of Things.
2 Securing your Internet of Things from the ground up Microsoft – a secure infrastructure from the ground up The Microsoft Cloud infrastructure supports more than one billion customers in 127 countries. Drawing on our decades-long experience building enterprise software and running some of the largest online services in the world, we provide higher levels of enhanced security, privacy, compliance, and threat mitigation practices than most customers could achieve on their own. Our Security Development Lifecycle (SDL) provides a mandatory company-wide development process that embeds security requirements into the entire software lifecycle. To help ensure that operational activities follow the same level of security practices, we use rigorous security guidelines laid out in our Operational Security Assurance (OSA) process. We also work with third-party audit firms for ongoing verification that we meet our compliance obligations, and we engage in broad security efforts through the creation of centers of excellence, including the Microsoft Digital Crimes Unit, Microsoft Security Response Center, and Microsoft Malware Protection Center. Microsoft Azure – a secure IoT infrastructure for your business Microsoft Azure offers a complete cloud solution, one that combines a constantly growing collection of integrated cloud services—analytics, machine learning, storage, security, networking, and web—with an industry-leading commitment to the protection and privacy of your data. Our assume breach strategy uses a dedicated “red team” of software security experts who simulate attacks, testing the ability of Azure to detect, protect against emerging threats, and recover from breaches. Our global incident response team works around the clock to mitigate the effects of attacks and malicious activity. The team follows established procedures for incident management, communication, and recovery, and uses discoverable and predictable interfaces with internal and external partners.
3 Securing your Internet of Things from the ground up Our systems provide continuous intrusion detection and prevention, service attack prevention, regular penetration testing, and forensic tools that help identify and mitigate threats. Multi-factor authentication provides an extra layer of security for end users to access the network. And for the application and the host provider, we offer access control, monitoring, anti-malware, vulnerability scanning, patches, and configuration management. The Microsoft Azure IoT Suite takes advantage of the security and privacy built into the Azure platform along with our SDL and OSA processes for secure development and operation of all Microsoft software. These procedures provide infrastructure protection, network protection, and identity and management features fundamental to the security of any solution. The Azure IoT Hub within the IoT Suite offers a fully-managed service that enables reliable and secure bi-directional communication between IoT devices and Azure services such as Azure Machine Learning and Azure Stream Analytics by using per-device security credentials and access control. To best communicate security and privacy features built into the Azure IoT Suite, we’ve broken down the suite into the three primary security areas. Secure device provisioning and authentication The Azure IoT Suite secures devices while they are out in the field by providing a unique identity key for each device, which can be used by the IoT infrastructure to communicate with the device while it is in operation. The process is quick and easy to setup. The generated key with a user-selected device ID forms the basis of a token used in all communication between the device and the Azure IoT Hub. Device IDs can be associated with a device during manufacturing (i.e. flashed in a hardware trust module) or can use an existing fixed identity as a proxy (e.g. CPU serial numbers). Since changing this identifying information in the device is not simple, it is important to introduce logical device IDs in case the underlying device hardware changes but the logical device remains the same. In some cases,
4 Securing your Internet of Things from the ground up the association of a device identity can happen at device deployment time (i.e. an authenticated field engineer physically configures a new device while communicating with the IoT solution backend). The Azure IoT Hub identity registry provides secure storage of device identities and security keys for a solution. Individual or groups of device identities can be added to an allow list, or a block list, enabling complete control over device access. Azure IoT Hub access control policies in the cloud enable activation and disabling any device identity, providing a way to disassociate a device from an IoT deployment when required. This association and disassociation of devices is based on each device identity. Additional device security features include the following:  Devices do not accept unsolicited network connections. They establish all connections and routes in an outbound-only fashion. For a device to receive a command from the backend, the device must initiate a connection to check for any pending commands to process. Once a connection between the device and IoT Hub is securely established, messaging from the cloud to the device and device to the cloud can be sent transparently.  Devices only connect to or establish routes to well-known services with which they are peered, such as an Azure IoT Hub.  System-level authorization and authentication use per-device identities, making access credentials and permissions near-instantly revocable. Secure connectivity Durability of messaging is an important feature of any IoT solution. The need to durably deliver commands and/or receive data from devices is underlined by the fact that IoT devices are connected over the Internet, or other similar networks which can be unreliable. Azure IoT Hub offers durability of messaging between cloud and devices through a system of acknowledgments in response to messages. Additional durability for messaging is achieved by caching messages in the IoT Hub for up to seven days for telemetry and two days for commands. Efficiency is important to ensure conservation of resources and operation in a resource- constrained environment. HTTPS (HTTP Secure), the industry-standard secure version of the popular http protocol, is supported by Azure IoT Hub, enabling efficient communication. Advanced Message Queuing Protocol (AMQP) and Message Queuing Telemetry Transport (MQTT), supported by Azure IoT Hub, are designed not only for efficiency in terms of resource use but also reliable message delivery. Scalability requires the ability to securely interoperate with a wide range of devices. Azure IoT hub enables secure connection to both IP-enabled and non-IP-enabled devices. IP-enabled devices are able to directly connect and communicate with the IoT Hub over a secure connection. Non-IP-enabled devices are resource-constrained and connect only over short distance communication protocols, such as Zwave, ZigBee, and Bluetooth. A field gateway is used to aggregate these devices and performs protocol translation to enable secure bi-directional communication with the cloud.
5 Securing your Internet of Things from the ground up Additional connection security features include the following:  The communication path between devices and Azure IoT Hub, or between gateways and Azure IoT Hub, is secured using industry-standard Transport Layer Security (TLS) with Azure IoT Hub authenticated using X.509 protocol.  In order to protect devices from unsolicited inbound connections, Azure IoT Hub does not open any connection to the device. The device initiates all connections.  Azure IoT Hub durably stores messages for devices and waits for the device to connect. These commands are stored for two days, enabling devices connecting sporadically, due to power or connectivity concerns, to receive these commands. Azure IoT Hub maintains a per-device queue for each device. Secure processing and storage in the cloud From encrypted communications to processing data in the cloud, the Azure IoT Suite helps keep data secure. It provides flexibility to implement additional encryption and management of security keys. Using Azure Active Directory (AAD) for user authentication and authorization, Azure IoT Suite can provide a policy-based authorization model for data in the cloud, enabling easy access management that can be audited and reviewed. This model also enables near-instant revocation of access to data in the cloud, and of devices connected to the Azure IoT Suite. Once data is in the cloud, it can be processed and stored in any user-defined workflow. Access to each part of the data is controlled with Azure Active Directory, depending on the storage service used. All keys used by the IoT infrastructure are stored in the cloud in secure storage, with the ability to roll over in case keys need to be re-provisioned. Data can be stored in DocumentDB or in SQL databases, enabling definition of the level of security desired. Additionally, Azure provides a way to monitor and audit all access to your data to alert you of any intrusion or unauthorized access. Securing an IoT Infrastructure Securing an IoT infrastructure requires a rigorous security-in-depth strategy. Starting from securing data in the cloud, to protecting data integrity while in transit over the public internet, and providing the ability to securely provision devices, each layer builds greater security assurance in the overall infrastructure. This security-in-depth strategy can be developed and executed with active participation of various players involved with
6 Securing your Internet of Things from the ground up the manufacturing, development, and deployment of IoT devices and infrastructure. Following is a high level description of these players.  IoT hardware manufacturer/integrator – Typically these are the manufacturers of IoT hardware being deployed, hardware integrator assembling hardware from various manufacturers, or hardware supplier providing hardware for an IoT deployment manufactured or integrated by other suppliers.  IoT solution developer – The development of an IoT solution is typically done by a solution developer, which may part of an in-house team, or a System Integrator (SI) specializing in this activity. The IoT solution developer can develop various components of the IoT solution from scratch, integrate various off the shelf or open source components, or adopt pre-configured solutions with minor adaptation.  IoT solution deployer – Once an IoT solution is developed, it needs to be deployed in the field. This involves deployment of hardware, interconnection of devices, and deployment of solutions in hardware devices, or in the cloud.  IoT solution operator – Once the IoT solution is deployed, it requires long term operations, monitoring, upgrades, and maintenance. This may be done by an in-house team comprising information technology specialists, hardware operations and maintenance teams, and domain specialists who monitor the correct behavior of overall IoT infrastructure. The following provides best practices for each of these players so as to develop, deploy and operate a secure IoT infrastructure. IoT hardware manufacturer/integrator  Scope hardware to minimum requirements – The hardware design should include minimum features required for operation of the hardware, and nothing more. An example is to include USB ports only if required for the operation of the device. These additional features open the device for unwanted attack vectors, which should be avoided.  Make hardware tamper proof – Build in mechanism to detect physical tampering of hardware, such as opening of device cover, removing a part of the device, etc. These tamper signals may be part of the data stream uploaded to the cloud enabling alerting of these events to the operators.  Build around secure hardware – If COGS permit, build security features such as secure and encrypted storage and Trusted Platform Module (TPM) based boot functionality. These features make devices more secure protecting the overall IoT infrastructure.  Make upgrades secure – Upgrading firmware during lifetime of the device is inevitable. Building devices with secure paths for upgrades and cryptographic assurance of firmware version will allow the device to be secure during and after upgrades.
7 Securing your Internet of Things from the ground up IoT solution developer  Follow secure software development methodology – Developing secure software requires a ground-up thinking about security from the inception of the project all the way to its implementation, testing, and deployment. The choice of platforms, languages, and tools are all influenced with this methodology. The Microsoft Security Development Lifecycle provides a step- by-step approach to building secure software.  Choose open source software with care – Open source software provides an opportunity to quickly develop solutions. When choosing open source software, consider the activity level of the community for each open source component. An active community ensures software will be supported; issues will be discovered and addressed. Alternatively, an obscure and inactive open source software will not be supported and issues will most probably not be discovered.  Integrate with care – Many of the software security flaws exist at the boundary of libraries and APIs. Functionality which may not be required for the current deployment may still be available via an API layer. Making sure that all interfaces of components being integrated are secure ensures overall security. IoT solution deployer  Deploy hardware securely – IoT deployments may require hardware to be deployed in unsecure locations, such as in public spaces or unsupervised locales. In such situations, ensure that hardware deployment is tamper proof to the maximum extent. If USB or other ports are available on the hardware, ensure that these are covered securely. Many attack vectors can use these as entry point for attacks.  Keep authentication keys safe – During deployment, each device requires device IDs and associated authentication keys generated by the cloud service. Keep these keys physically safe even after the deployment. Any compromised key can be used by a malicious device to masquerade as an existing device. IoT solution operator  Keep system up to date. Ensure device operating systems and all device drivers are updated to the latest versions. Windows 10 (IoT or other SKUs), with automatic updates turned on, is kept up to date by Microsoft, providing a secure operating system for IoT devices. For other operating systems, such as Linux, keeping them up to date ensures they are also protected against malicious attacks.  Protect against malicious activity. If the operating system permits, place the latest anti-virus and anti-malware capabilities on each device operating system. This can help mitigate most external threats. Most modern operating systems, such as Windows 10 IoT and Linux, can be protected against this threat by taking appropriate steps.  Audit frequently. Auditing IoT infrastructure for security related issues is key when responding to security incidents. Most operating systems, such as
8 Securing your Internet of Things from the ground up Windows 10 (IoT and other SKUs), provide built-in event logging that should be reviewed frequently to make sure no security breach has occurred. Audit information can be sent as a separate telemetry stream to the cloud service and analyzed.  Physically protect the IoT infrastructure. The worst security attacks against IoT infrastructure are launched using physical access to devices. Protecting against malicious use of USB ports and other physical access is an important safety and security practice. Logging of physical access, such as USB port usage, is key to uncovering any breach that may have occurred. Again, Windows 10 (IoT and other SKUs) enables detailed logging of these events.  Protect cloud credentials – Cloud authentication credentials used for configuring and operating an IoT deployment are possibly the easiest way to gain access and compromise an IoT system. Protect the credentials by changing the password frequently, and not using these credentials on public machines. Note that capabilities of different IoT devices vary. On one hand, some devices may be full blown computers running common desktop operating systems, while on the other hand, some devices may be running very light-weight operating systems. Security best practices described above may be applicable to these devices in varying degree. If provided, additional security and deployment best practices provided by manufacturer of these devices should be followed. Some legacy and constrained devices may not have been designed specifically for IoT deployment. These devices may lack the capability to encrypt data, connect with the Internet, provide advanced auditing, etc. In these cases, using a modern and secure field gateway to aggregate data from legacy devices may provide the security required for connecting these devices over the Internet. Field gateways in this case provides secure authentication, negotiation of encrypted sessions, receipt of commands from the cloud, and many other security features. Conclusion The Internet of Things starts with your things—the things that matter most to businesses. IoT can deliver amazing value to a business by reducing costs, increasing revenue, and transforming business. Success of this transformation largely depends on choosing the right IoT software and service provider. That means finding a provider that not only catalyzes this transformation by understanding business needs and requirements, but also provides services and software built with security, privacy, transparency, and compliance as major design considerations. Microsoft has extensive experience with developing and deploying secure software and services and continues to be a leader in this new age of Internet of Things.
9 Securing your Internet of Things from the ground up The Microsoft Azure IoT Suite builds in security measures by design, enabling secure monitoring of assets to improve efficiencies, drive operational performance to enable innovation, and employ advanced data analytics to transform businesses. With its layered approach towards security, multiple security features, and design patterns, Azure IoT Suite helps deploy an infrastructure which can be trusted to transform any business.
10 Securing your Internet of Things from the ground up Appendix Each Azure IoT Suite pre-configured solution creates instances of Azure services, such as the following:  Azure IoT Hub: Your gateway that connects the cloud to “things”. You can scale to millions of connections per hub and process massive volumes of data with per-device authentication support helping you secure your solution.  Azure DocumentDB: A scalable, fully-indexed database service for semi- structured data that manages metadata for the devices you provision, such as attributes, configuration, and security properties. DocumentDB offers high- performance and high-throughput processing, schema-agnostic indexing of data, and a rich SQL query interface.  Azure Stream Analytics: Real-time stream processing in the cloud that enables you to rapidly develop and deploy a low-cost analytics solution to uncover real- time insights from devices, sensors, infrastructure, and applications. The data from this fully-managed service can scale to any volume while still achieving high throughput, low latency, and resiliency.  Azure App Services: A cloud platform to build powerful web and mobile apps that connect to data anywhere; in the cloud or on-premises. Build engaging mobile apps for iOS, Android, and Windows. Integrate with your Software as a Service (SaaS) and enterprise applications with out-of-the-box connectivity to dozens of cloud-based services and enterprise applications. Code in your favorite language and IDE—.NET, NodeJS, PHP, Python, or Java—to build web apps and APIs faster than ever.  Logic Apps: The Logic Apps feature of Azure App Service helps integrate your IoT solution to your existing line of business systems and automate workflow processes. Logic Apps enables developers to design workflows that start from a trigger and then execute a series of steps—rules and actions that use powerful connectors to integrate with your business processes. Logic Apps offers out-of-the-box connectivity to a vast ecosystem of SaaS, cloud- based, and on-premises applications.  Blob storage: Reliable, economical cloud storage for the data that your devices send to the cloud.
11 Securing your Internet of Things from the ground up © 2016 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it. Some examples are for illustration only and are fictitious. No real association is intended or inferred. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes.

Recomendados

Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsCisco Security
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
CLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMS
CLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMSCLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMS
CLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMSIJNSA Journal
 
Silicon Valley top 20
Silicon Valley top 20Silicon Valley top 20
Silicon Valley top 20802 Secure, Inc
 
Presentation cisco cloud security
Presentation cisco cloud securityPresentation cisco cloud security
Presentation cisco cloud securityxKinAnx
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessCisco Security
 
DG_Corp_Brochure
DG_Corp_BrochureDG_Corp_Brochure
DG_Corp_BrochureJason Wallace
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data SecurityInternational Communications Corporation
 

Recomendados

Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsCisco Security
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
CLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMS
CLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMSCLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMS
CLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMSIJNSA Journal
 
Silicon Valley top 20
Silicon Valley top 20Silicon Valley top 20
Silicon Valley top 20802 Secure, Inc
 
Presentation cisco cloud security
Presentation cisco cloud securityPresentation cisco cloud security
Presentation cisco cloud securityxKinAnx
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessCisco Security
 
DG_Corp_Brochure
DG_Corp_BrochureDG_Corp_Brochure
DG_Corp_BrochureJason Wallace
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data SecurityInternational Communications Corporation
 
BlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyBlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyHappiest Minds Technologies
 
UniCredit Business Integrated Solutions
UniCredit Business Integrated SolutionsUniCredit Business Integrated Solutions
UniCredit Business Integrated SolutionsCisco Case Studies
 
Trend Micro - is your cloud secure
Trend Micro - is your cloud secureTrend Micro - is your cloud secure
Trend Micro - is your cloud secureKappa Data
 
Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Mukesh Chinta
 
Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome KitLuca Simonelli
 
Cisco cybersecurity essentials chapter -5
Cisco cybersecurity essentials chapter -5Cisco cybersecurity essentials chapter -5
Cisco cybersecurity essentials chapter -5Mukesh Chinta
 
Cloud security with Sage Construction Anywhere
Cloud security with Sage Construction AnywhereCloud security with Sage Construction Anywhere
Cloud security with Sage Construction AnywhereSage Construction and Real Estate
 
AWS IoT vs Azure IoT
AWS IoT vs Azure IoTAWS IoT vs Azure IoT
AWS IoT vs Azure IoTahmed badr
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PiecePaul Richards
 
Ethical Hacking Course
Ethical Hacking CourseEthical Hacking Course
Ethical Hacking CourseSecurium Solutions
 
VMware pulse IoT center, an IoT management suite
VMware pulse IoT center, an IoT management suiteVMware pulse IoT center, an IoT management suite
VMware pulse IoT center, an IoT management suiteIJCSIS Research Publications
 
85320337 networking-case-study
85320337 networking-case-study85320337 networking-case-study
85320337 networking-case-studyhomeworkping3
 
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Ingram Micro Cloud
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardCisco Security
 
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudCloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudTom Janetscheck
 
Introduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls MatrixIntroduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls MatrixJohn Yeoh
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud SecuritySusanne Tedrick
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
CertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewCertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewSteven Russo
 
Case Study: Modernisierung der IT Infrastruktur bei Transa
Case Study: Modernisierung der IT Infrastruktur bei TransaCase Study: Modernisierung der IT Infrastruktur bei Transa
Case Study: Modernisierung der IT Infrastruktur bei TransaMicrosoft Schweiz
 
Understanding Internet of Things - White Paper on Device Choices
Understanding Internet of Things - White Paper on Device ChoicesUnderstanding Internet of Things - White Paper on Device Choices
Understanding Internet of Things - White Paper on Device ChoicesDavid J Rosenthal
 
Yerevan Cloud Camp & Hackathon - Internet of Things & Microsoft
Yerevan Cloud Camp & Hackathon - Internet of Things & MicrosoftYerevan Cloud Camp & Hackathon - Internet of Things & Microsoft
Yerevan Cloud Camp & Hackathon - Internet of Things & MicrosoftMicrosoft
 

Más contenido relacionado

La actualidad más candente

BlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyBlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyHappiest Minds Technologies
 
UniCredit Business Integrated Solutions
UniCredit Business Integrated SolutionsUniCredit Business Integrated Solutions
UniCredit Business Integrated SolutionsCisco Case Studies
 
Trend Micro - is your cloud secure
Trend Micro - is your cloud secureTrend Micro - is your cloud secure
Trend Micro - is your cloud secureKappa Data
 
Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Mukesh Chinta
 
Cisco cybersecurity essentials chapter -5
Cisco cybersecurity essentials chapter -5Cisco cybersecurity essentials chapter -5
Cisco cybersecurity essentials chapter -5Mukesh Chinta
 
AWS IoT vs Azure IoT
AWS IoT vs Azure IoTAWS IoT vs Azure IoT
AWS IoT vs Azure IoTahmed badr
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PiecePaul Richards
 
85320337 networking-case-study
85320337 networking-case-study85320337 networking-case-study
85320337 networking-case-studyhomeworkping3
 
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Ingram Micro Cloud
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardCisco Security
 
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudCloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudTom Janetscheck
 
Introduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls MatrixIntroduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls MatrixJohn Yeoh
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud SecuritySusanne Tedrick
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
CertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewCertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewSteven Russo
 

La actualidad más candente (19)

BlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyBlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network Secuirty
 
UniCredit Business Integrated Solutions
UniCredit Business Integrated SolutionsUniCredit Business Integrated Solutions
UniCredit Business Integrated Solutions
 
Trend Micro - is your cloud secure
Trend Micro - is your cloud secureTrend Micro - is your cloud secure
Trend Micro - is your cloud secure
 
Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4
 
Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome Kit
 
Cisco cybersecurity essentials chapter -5
Cisco cybersecurity essentials chapter -5Cisco cybersecurity essentials chapter -5
Cisco cybersecurity essentials chapter -5
 
Cloud security with Sage Construction Anywhere
Cloud security with Sage Construction AnywhereCloud security with Sage Construction Anywhere
Cloud security with Sage Construction Anywhere
 
AWS IoT vs Azure IoT
AWS IoT vs Azure IoTAWS IoT vs Azure IoT
AWS IoT vs Azure IoT
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_Piece
 
Ethical Hacking Course
Ethical Hacking CourseEthical Hacking Course
Ethical Hacking Course
 
VMware pulse IoT center, an IoT management suite
VMware pulse IoT center, an IoT management suiteVMware pulse IoT center, an IoT management suite
VMware pulse IoT center, an IoT management suite
 
85320337 networking-case-study
85320337 networking-case-study85320337 networking-case-study
85320337 networking-case-study
 
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor Scorecard
 
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudCloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
 
Introduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls MatrixIntroduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls Matrix
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
 
CertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewCertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed Overview
 

Destacado

Case Study: Modernisierung der IT Infrastruktur bei Transa
Case Study: Modernisierung der IT Infrastruktur bei TransaCase Study: Modernisierung der IT Infrastruktur bei Transa
Case Study: Modernisierung der IT Infrastruktur bei TransaMicrosoft Schweiz
 
Understanding Internet of Things - White Paper on Device Choices
Understanding Internet of Things - White Paper on Device ChoicesUnderstanding Internet of Things - White Paper on Device Choices
Understanding Internet of Things - White Paper on Device ChoicesDavid J Rosenthal
 
Yerevan Cloud Camp & Hackathon - Internet of Things & Microsoft
Yerevan Cloud Camp & Hackathon - Internet of Things & MicrosoftYerevan Cloud Camp & Hackathon - Internet of Things & Microsoft
Yerevan Cloud Camp & Hackathon - Internet of Things & MicrosoftMicrosoft
 
Microsoft Summit 2014 Bucharest - Internet of Things - Device Side
Microsoft Summit 2014 Bucharest - Internet of Things - Device SideMicrosoft Summit 2014 Bucharest - Internet of Things - Device Side
Microsoft Summit 2014 Bucharest - Internet of Things - Device SideCatalin Gheorghiu
 
Sascha Corti presentation; Microsoft
Sascha Corti presentation; Microsoft Sascha Corti presentation; Microsoft
Sascha Corti presentation; Microsoft Andrew V
 
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)FFRI, Inc.
 
Internet of Things in 2025
Internet of Things in 2025Internet of Things in 2025
Internet of Things in 2025Alex Danvy
 
Transformation through the API
Transformation through the APITransformation through the API
Transformation through the APIAlex Danvy
 
Industrial Internet of Things -- Microsoft DC Azure Meetup
Industrial Internet of Things -- Microsoft DC Azure MeetupIndustrial Internet of Things -- Microsoft DC Azure Meetup
Industrial Internet of Things -- Microsoft DC Azure MeetupStephen Bates
 
The Internet of Things - Industry Trends and Key Players
The Internet of Things - Industry Trends and Key PlayersThe Internet of Things - Industry Trends and Key Players
The Internet of Things - Industry Trends and Key PlayersCM Research
 
Unlocking Operational Intelligence from the Data Lake
Unlocking Operational Intelligence from the Data LakeUnlocking Operational Intelligence from the Data Lake
Unlocking Operational Intelligence from the Data LakeMongoDB
 
Internet of Things Landscape (Version 3.0)
Internet of Things Landscape (Version 3.0)Internet of Things Landscape (Version 3.0)
Internet of Things Landscape (Version 3.0)Matt Turck
 
Microsoft & Internet of Things
Microsoft & Internet of ThingsMicrosoft & Internet of Things
Microsoft & Internet of ThingsMarlon Luz
 
Internet of things (IoT) with Azure
Internet of things (IoT) with AzureInternet of things (IoT) with Azure
Internet of things (IoT) with AzureVinoth Rajagopalan
 
The competitive landscape of the Internet of Things
The competitive landscape of the Internet of ThingsThe competitive landscape of the Internet of Things
The competitive landscape of the Internet of ThingsIoTAnalytics
 

Destacado (20)

Case Study: Modernisierung der IT Infrastruktur bei Transa
Case Study: Modernisierung der IT Infrastruktur bei TransaCase Study: Modernisierung der IT Infrastruktur bei Transa
Case Study: Modernisierung der IT Infrastruktur bei Transa
 
Understanding Internet of Things - White Paper on Device Choices
Understanding Internet of Things - White Paper on Device ChoicesUnderstanding Internet of Things - White Paper on Device Choices
Understanding Internet of Things - White Paper on Device Choices
 
Yerevan Cloud Camp & Hackathon - Internet of Things & Microsoft
Yerevan Cloud Camp & Hackathon - Internet of Things & MicrosoftYerevan Cloud Camp & Hackathon - Internet of Things & Microsoft
Yerevan Cloud Camp & Hackathon - Internet of Things & Microsoft
 
SoCal code camp Fullerton - Mar 2015
SoCal code camp Fullerton - Mar 2015SoCal code camp Fullerton - Mar 2015
SoCal code camp Fullerton - Mar 2015
 
Microsoft Summit 2014 Bucharest - Internet of Things - Device Side
Microsoft Summit 2014 Bucharest - Internet of Things - Device SideMicrosoft Summit 2014 Bucharest - Internet of Things - Device Side
Microsoft Summit 2014 Bucharest - Internet of Things - Device Side
 
Sascha Corti presentation; Microsoft
Sascha Corti presentation; Microsoft Sascha Corti presentation; Microsoft
Sascha Corti presentation; Microsoft
 
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
 
Internet of Things in 2025
Internet of Things in 2025Internet of Things in 2025
Internet of Things in 2025
 
Internet of Things - Industry Influence Study
Internet of Things - Industry Influence StudyInternet of Things - Industry Influence Study
Internet of Things - Industry Influence Study
 
The Industrial Internet of Things and RTI
The Industrial Internet of Things and RTIThe Industrial Internet of Things and RTI
The Industrial Internet of Things and RTI
 
Transformation through the API
Transformation through the APITransformation through the API
Transformation through the API
 
Industrial Internet of Things -- Microsoft DC Azure Meetup
Industrial Internet of Things -- Microsoft DC Azure MeetupIndustrial Internet of Things -- Microsoft DC Azure Meetup
Industrial Internet of Things -- Microsoft DC Azure Meetup
 
The Internet of Things - Industry Trends and Key Players
The Internet of Things - Industry Trends and Key PlayersThe Internet of Things - Industry Trends and Key Players
The Internet of Things - Industry Trends and Key Players
 
Creating the Internet of Your Things
Creating the Internet of Your ThingsCreating the Internet of Your Things
Creating the Internet of Your Things
 
The Internet of Things
The Internet of ThingsThe Internet of Things
The Internet of Things
 
Unlocking Operational Intelligence from the Data Lake
Unlocking Operational Intelligence from the Data LakeUnlocking Operational Intelligence from the Data Lake
Unlocking Operational Intelligence from the Data Lake
 
Internet of Things Landscape (Version 3.0)
Internet of Things Landscape (Version 3.0)Internet of Things Landscape (Version 3.0)
Internet of Things Landscape (Version 3.0)
 
Microsoft & Internet of Things
Microsoft & Internet of ThingsMicrosoft & Internet of Things
Microsoft & Internet of Things
 
Internet of things (IoT) with Azure
Internet of things (IoT) with AzureInternet of things (IoT) with Azure
Internet of things (IoT) with Azure
 
The competitive landscape of the Internet of Things
The competitive landscape of the Internet of ThingsThe competitive landscape of the Internet of Things
The competitive landscape of the Internet of Things
 

Similar a Securing_your_Internet_of_Things_from_the_ground_up_white_paper_EN_US

Azure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 complianceAzure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 complianceErlinkencana
 
Frost Entrust Datacard-award-write-up-final
Frost Entrust Datacard-award-write-up-finalFrost Entrust Datacard-award-write-up-final
Frost Entrust Datacard-award-write-up-finalWendy Murphy
 
Managed Iot services in pune
Managed Iot services in puneManaged Iot services in pune
Managed Iot services in puneAnshita Dixit
 
Microsoft Cyber Defense Operation Center Strategy
Microsoft Cyber Defense Operation Center Strategy Microsoft Cyber Defense Operation Center Strategy
Microsoft Cyber Defense Operation Center Strategy Ioannis Aligizakis, M.Sc.
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure SentinelMighty Guides, Inc.
 
Microsoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterpriseMicrosoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterprisessuserd58af7
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperMohd Anwar Jamal Faiz
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
Top Learnings from Azure Security (1).pdf
Top Learnings from Azure Security (1).pdfTop Learnings from Azure Security (1).pdf
Top Learnings from Azure Security (1).pdfinfosec train
 
Planning and implementing. Unveiling the advanced technology of Microsoft Azu...
Planning and implementing. Unveiling the advanced technology of Microsoft Azu...Planning and implementing. Unveiling the advanced technology of Microsoft Azu...
Planning and implementing. Unveiling the advanced technology of Microsoft Azu...Prometix Pty Ltd
 
SC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security SolutionsSC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security SolutionsFredBrandonAuthorMCP
 
Best Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT SecurityBest Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT SecuritySatyaKVivek
 
A Complete Profile of Tech IT Cloud company
A Complete Profile of Tech IT Cloud companyA Complete Profile of Tech IT Cloud company
A Complete Profile of Tech IT Cloud companyTech IT Cloud
 
Beyond Security Article_Cyber Security_April_2015
Beyond Security Article_Cyber Security_April_2015Beyond Security Article_Cyber Security_April_2015
Beyond Security Article_Cyber Security_April_2015RAVI PRAKASH
 
IoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure ShpereIoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure ShpereMirco Vanini
 
Microsoft Sentinel and Its Components.pptx
Microsoft Sentinel and Its Components.pptxMicrosoft Sentinel and Its Components.pptx
Microsoft Sentinel and Its Components.pptxInfosectrain3
 
R ramya devi cloud computing
R ramya devi cloud computingR ramya devi cloud computing
R ramya devi cloud computingPriyadharshiniVS
 
Company Profile Managemenyt company.pptx
Company Profile Managemenyt company.pptxCompany Profile Managemenyt company.pptx
Company Profile Managemenyt company.pptxhendrik441443
 

Similar a Securing_your_Internet_of_Things_from_the_ground_up_white_paper_EN_US (20)

Azure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 complianceAzure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 compliance
 
Frost Entrust Datacard-award-write-up-final
Frost Entrust Datacard-award-write-up-finalFrost Entrust Datacard-award-write-up-final
Frost Entrust Datacard-award-write-up-final
 
Iot
IotIot
Iot
 
Managed Iot services in pune
Managed Iot services in puneManaged Iot services in pune
Managed Iot services in pune
 
Microsoft Cyber Defense Operation Center Strategy
Microsoft Cyber Defense Operation Center Strategy Microsoft Cyber Defense Operation Center Strategy
Microsoft Cyber Defense Operation Center Strategy
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel
 
Microsoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterpriseMicrosoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterprise
 
Azure security
Azure securityAzure security
Azure security
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...
 
Top Learnings from Azure Security (1).pdf
Top Learnings from Azure Security (1).pdfTop Learnings from Azure Security (1).pdf
Top Learnings from Azure Security (1).pdf
 
Planning and implementing. Unveiling the advanced technology of Microsoft Azu...
Planning and implementing. Unveiling the advanced technology of Microsoft Azu...Planning and implementing. Unveiling the advanced technology of Microsoft Azu...
Planning and implementing. Unveiling the advanced technology of Microsoft Azu...
 
SC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security SolutionsSC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security Solutions
 
Best Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT SecurityBest Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT Security
 
A Complete Profile of Tech IT Cloud company
A Complete Profile of Tech IT Cloud companyA Complete Profile of Tech IT Cloud company
A Complete Profile of Tech IT Cloud company
 
Beyond Security Article_Cyber Security_April_2015
Beyond Security Article_Cyber Security_April_2015Beyond Security Article_Cyber Security_April_2015
Beyond Security Article_Cyber Security_April_2015
 
IoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure ShpereIoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure Shpere
 
Microsoft Sentinel and Its Components.pptx
Microsoft Sentinel and Its Components.pptxMicrosoft Sentinel and Its Components.pptx
Microsoft Sentinel and Its Components.pptx
 
R ramya devi cloud computing
R ramya devi cloud computingR ramya devi cloud computing
R ramya devi cloud computing
 
Company Profile Managemenyt company.pptx
Company Profile Managemenyt company.pptxCompany Profile Managemenyt company.pptx
Company Profile Managemenyt company.pptx
 

Más de Ingrid Fernandez, PhD

SQL_Server_2016_Deeper_Insights_Across_Data_White_Paper
SQL_Server_2016_Deeper_Insights_Across_Data_White_PaperSQL_Server_2016_Deeper_Insights_Across_Data_White_Paper
SQL_Server_2016_Deeper_Insights_Across_Data_White_PaperIngrid Fernandez, PhD
 
hitachi-cio-infographic-internet-of-things
hitachi-cio-infographic-internet-of-thingshitachi-cio-infographic-internet-of-things
hitachi-cio-infographic-internet-of-thingsIngrid Fernandez, PhD
 
hurwitz-whitepaper-essential-elements-of-iot-core-platform
hurwitz-whitepaper-essential-elements-of-iot-core-platformhurwitz-whitepaper-essential-elements-of-iot-core-platform
hurwitz-whitepaper-essential-elements-of-iot-core-platformIngrid Fernandez, PhD
 
hitachi-ebook-social-innovation-forbes-insights
hitachi-ebook-social-innovation-forbes-insightshitachi-ebook-social-innovation-forbes-insights
hitachi-ebook-social-innovation-forbes-insightsIngrid Fernandez, PhD
 
hcp-as-continuous-integration-build-artifact-storage-system
hcp-as-continuous-integration-build-artifact-storage-systemhcp-as-continuous-integration-build-artifact-storage-system
hcp-as-continuous-integration-build-artifact-storage-systemIngrid Fernandez, PhD
 
hitachi-forbes-cios-guide-to-digital-transformation
hitachi-forbes-cios-guide-to-digital-transformationhitachi-forbes-cios-guide-to-digital-transformation
hitachi-forbes-cios-guide-to-digital-transformationIngrid Fernandez, PhD
 
hitachi-content-platform-portfolio-esg-validation-report
hitachi-content-platform-portfolio-esg-validation-reporthitachi-content-platform-portfolio-esg-validation-report
hitachi-content-platform-portfolio-esg-validation-reportIngrid Fernandez, PhD
 
hitachi-cio-infographic-internet-of-things
hitachi-cio-infographic-internet-of-thingshitachi-cio-infographic-internet-of-things
hitachi-cio-infographic-internet-of-thingsIngrid Fernandez, PhD
 
hitachi-ebook-social-innovation-forbes-insights
hitachi-ebook-social-innovation-forbes-insightshitachi-ebook-social-innovation-forbes-insights
hitachi-ebook-social-innovation-forbes-insightsIngrid Fernandez, PhD
 
hitachi-social-innovation-infographic
hitachi-social-innovation-infographichitachi-social-innovation-infographic
hitachi-social-innovation-infographicIngrid Fernandez, PhD
 
American Necrospecialists--the modern artisans of death
American Necrospecialists--the modern artisans of deathAmerican Necrospecialists--the modern artisans of death
American Necrospecialists--the modern artisans of deathIngrid Fernandez, PhD
 
2015_0511 Connected Health-Ingrid-Helix
2015_0511 Connected Health-Ingrid-Helix2015_0511 Connected Health-Ingrid-Helix
2015_0511 Connected Health-Ingrid-HelixIngrid Fernandez, PhD
 

Más de Ingrid Fernandez, PhD (16)

SQL_Server_2016_Deeper_Insights_Across_Data_White_Paper
SQL_Server_2016_Deeper_Insights_Across_Data_White_PaperSQL_Server_2016_Deeper_Insights_Across_Data_White_Paper
SQL_Server_2016_Deeper_Insights_Across_Data_White_Paper
 
Internet_of_Things_CEO_ magazine
Internet_of_Things_CEO_ magazineInternet_of_Things_CEO_ magazine
Internet_of_Things_CEO_ magazine
 
hitachi-cio-infographic-internet-of-things
hitachi-cio-infographic-internet-of-thingshitachi-cio-infographic-internet-of-things
hitachi-cio-infographic-internet-of-things
 
hurwitz-whitepaper-essential-elements-of-iot-core-platform
hurwitz-whitepaper-essential-elements-of-iot-core-platformhurwitz-whitepaper-essential-elements-of-iot-core-platform
hurwitz-whitepaper-essential-elements-of-iot-core-platform
 
hitachi-ebook-social-innovation-forbes-insights
hitachi-ebook-social-innovation-forbes-insightshitachi-ebook-social-innovation-forbes-insights
hitachi-ebook-social-innovation-forbes-insights
 
hcp-as-continuous-integration-build-artifact-storage-system
hcp-as-continuous-integration-build-artifact-storage-systemhcp-as-continuous-integration-build-artifact-storage-system
hcp-as-continuous-integration-build-artifact-storage-system
 
hitachi-forbes-cios-guide-to-digital-transformation
hitachi-forbes-cios-guide-to-digital-transformationhitachi-forbes-cios-guide-to-digital-transformation
hitachi-forbes-cios-guide-to-digital-transformation
 
hitachi-content-platform-portfolio-esg-validation-report
hitachi-content-platform-portfolio-esg-validation-reporthitachi-content-platform-portfolio-esg-validation-report
hitachi-content-platform-portfolio-esg-validation-report
 
hitachi-cio-infographic-internet-of-things
hitachi-cio-infographic-internet-of-thingshitachi-cio-infographic-internet-of-things
hitachi-cio-infographic-internet-of-things
 
hitachi-ebook-social-innovation-forbes-insights
hitachi-ebook-social-innovation-forbes-insightshitachi-ebook-social-innovation-forbes-insights
hitachi-ebook-social-innovation-forbes-insights
 
hitachi-social-innovation-infographic
hitachi-social-innovation-infographichitachi-social-innovation-infographic
hitachi-social-innovation-infographic
 
American Necrospecialists--the modern artisans of death
American Necrospecialists--the modern artisans of deathAmerican Necrospecialists--the modern artisans of death
American Necrospecialists--the modern artisans of death
 
Syllabus Winter 2013
Syllabus Winter 2013Syllabus Winter 2013
Syllabus Winter 2013
 
Intro to dark humor
Intro to dark humorIntro to dark humor
Intro to dark humor
 
2015_0511 Connected Health-Ingrid-Helix
2015_0511 Connected Health-Ingrid-Helix2015_0511 Connected Health-Ingrid-Helix
2015_0511 Connected Health-Ingrid-Helix
 
OJT Final
OJT FinalOJT Final
OJT Final
 

Securing_your_Internet_of_Things_from_the_ground_up_white_paper_EN_US

  • 1. Securing your Internet of Things from the ground up Comprehensive built-in security features of the Microsoft Azure IoT Suite
  • 2. Securing your Internet of Things from the ground up Executive Summary The Internet of Things (IoT) poses unique security, privacy, and compliance challenges to businesses worldwide. Unlike traditional cyber technology where these issues revolve around software and how it is implemented, IoT concerns what happens when the cyber and the physical worlds converge. Protecting IoT solutions requires ensuring secure provisioning of devices, secure connectivity between these devices and the cloud, and secure data protection in the cloud during processing and storage. Working against such functionality, however, are resource-constrained devices, geographic distribution of deployments, and a large number of devices within a solution. This paper explores how the Microsoft Azure IoT Suite provides a secure and private Internet of Things cloud solution. The Azure IoT Suite delivers a complete end-to-end solution, with security built into every stage from the ground up. At Microsoft, developing secure software is part of the software engineering practice, rooted in our decades long experience of developing secure software. To ensure this, Security Development Lifecycle (SDL) is the foundational development methodology, coupled with a host of infrastructure-level security services such as Operational Security Assurance (OSA) and the Microsoft Digital Crimes Unit, Microsoft Security Response Center, and Microsoft Malware Protection Center. The Azure IoT Suite offers unique features which make provisioning, connecting to, and storing data from IoT devices easy and transparent and, most of all, secure. In this paper we examine the Azure IoT Suite security features and deployment strategies to ensure security, privacy, and compliance challenges are addressed. We’ve organized the paper to touch on the following subjects:  Introduction. An understanding of the major security issues inherent to any IoT solution and recommendations for what to consider when looking for an IoT solution provider.  The value of the Microsoft Trusted Cloud. A discussion detailing Microsoft’s established history as a trusted cloud provider and the cloud features that support security in the design of all of Microsoft’s software and cloud services.  The comprehensive components that make the Azure IoT Suite unique within the marketplace. We explore Azure as a trusted platform with built-in security, compliance, privacy, transparency, and control features. We then look at how individual components within this platform together form the foundation for the Azure IoT Suite. We then take a deeper dive into how these pieces deliver secure device provisioning, connectivity, processing and storage.  Securing your infrastructure. Using the Azure IoT Suite and Microsoft technology, we offer prescriptive advice and best practices to follow to ensure IoT deployments keep businesses safe and sound.
  • 3. Securing your Internet of Things from the ground up Introduction ..........................................................................................................................................................1 Microsoft – a secure infrastructure from the ground up..................................................................2 Microsoft Azure – a secure IoT infrastructure for your business....................................................2 Secure device provisioning and authentication................................................................................ 3 Secure connectivity....................................................................................................................................... 4 Secure processing and storage in the cloud...................................................................................... 5 Securing an IoT Infrastructure.......................................................................................................................5 IoT hardware manufacturer/integrator................................................................................................. 6 IoT solution developer................................................................................................................................. 7 IoT solution deployer ................................................................................................................................... 7 IoT solution operator ................................................................................................................................... 7 Conclusion.............................................................................................................................................................8 Appendix.............................................................................................................................................................10
  • 4. 1 Securing your Internet of Things from the ground up Introduction The Internet of Things (IoT) is the wave of the future, offering businesses immediate and real-world opportunities to reduce costs, increase revenue, and transform their business. Many businesses, however, are hesitant to deploy IoT in their organizations due to concerns about security, privacy, and compliance. A major point of concern comes from the uniqueness of the IoT infrastructure, which merges the cyber and physical worlds together, compounding individual risks inherent in these two worlds. Security of IoT pertains to ensuring the integrity of code running on devices, providing device and user authentication, defining clear ownership of devices (as well as data generated by those devices), and being resilient to cyber and physical attacks. Then, there’s the issue of privacy. Companies want transparency concerning data collection, as in what’s being collected and why, who can see it, who controls access, and so on. Finally, there are general safety issues of the equipment along with the people operating them, and issues of maintaining industry standards of compliance. Given the security, privacy, transparency, and compliance concerns, choosing the right IoT solution provider remains a challenge. Stitching together individual pieces of IoT software and services provided by a variety of vendors introduces gaps in security, privacy, transparency, and compliance which may be hard to detect, let alone fix. The choice of the right IoT software and service provider is based on finding providers which have extensive experience running services which span across verticals and geographies, but are also able to scale in a secure and transparent fashion. Similarly, it helps for the selected provider to have decades of experience with developing secure software running on billions of machines worldwide, and have the ability to appreciate the threat landscape posed by this new world of the Internet of Things.
  • 5. 2 Securing your Internet of Things from the ground up Microsoft – a secure infrastructure from the ground up The Microsoft Cloud infrastructure supports more than one billion customers in 127 countries. Drawing on our decades-long experience building enterprise software and running some of the largest online services in the world, we provide higher levels of enhanced security, privacy, compliance, and threat mitigation practices than most customers could achieve on their own. Our Security Development Lifecycle (SDL) provides a mandatory company-wide development process that embeds security requirements into the entire software lifecycle. To help ensure that operational activities follow the same level of security practices, we use rigorous security guidelines laid out in our Operational Security Assurance (OSA) process. We also work with third-party audit firms for ongoing verification that we meet our compliance obligations, and we engage in broad security efforts through the creation of centers of excellence, including the Microsoft Digital Crimes Unit, Microsoft Security Response Center, and Microsoft Malware Protection Center. Microsoft Azure – a secure IoT infrastructure for your business Microsoft Azure offers a complete cloud solution, one that combines a constantly growing collection of integrated cloud services—analytics, machine learning, storage, security, networking, and web—with an industry-leading commitment to the protection and privacy of your data. Our assume breach strategy uses a dedicated “red team” of software security experts who simulate attacks, testing the ability of Azure to detect, protect against emerging threats, and recover from breaches. Our global incident response team works around the clock to mitigate the effects of attacks and malicious activity. The team follows established procedures for incident management, communication, and recovery, and uses discoverable and predictable interfaces with internal and external partners.
  • 6. 3 Securing your Internet of Things from the ground up Our systems provide continuous intrusion detection and prevention, service attack prevention, regular penetration testing, and forensic tools that help identify and mitigate threats. Multi-factor authentication provides an extra layer of security for end users to access the network. And for the application and the host provider, we offer access control, monitoring, anti-malware, vulnerability scanning, patches, and configuration management. The Microsoft Azure IoT Suite takes advantage of the security and privacy built into the Azure platform along with our SDL and OSA processes for secure development and operation of all Microsoft software. These procedures provide infrastructure protection, network protection, and identity and management features fundamental to the security of any solution. The Azure IoT Hub within the IoT Suite offers a fully-managed service that enables reliable and secure bi-directional communication between IoT devices and Azure services such as Azure Machine Learning and Azure Stream Analytics by using per-device security credentials and access control. To best communicate security and privacy features built into the Azure IoT Suite, we’ve broken down the suite into the three primary security areas. Secure device provisioning and authentication The Azure IoT Suite secures devices while they are out in the field by providing a unique identity key for each device, which can be used by the IoT infrastructure to communicate with the device while it is in operation. The process is quick and easy to setup. The generated key with a user-selected device ID forms the basis of a token used in all communication between the device and the Azure IoT Hub. Device IDs can be associated with a device during manufacturing (i.e. flashed in a hardware trust module) or can use an existing fixed identity as a proxy (e.g. CPU serial numbers). Since changing this identifying information in the device is not simple, it is important to introduce logical device IDs in case the underlying device hardware changes but the logical device remains the same. In some cases,
  • 7. 4 Securing your Internet of Things from the ground up the association of a device identity can happen at device deployment time (i.e. an authenticated field engineer physically configures a new device while communicating with the IoT solution backend). The Azure IoT Hub identity registry provides secure storage of device identities and security keys for a solution. Individual or groups of device identities can be added to an allow list, or a block list, enabling complete control over device access. Azure IoT Hub access control policies in the cloud enable activation and disabling any device identity, providing a way to disassociate a device from an IoT deployment when required. This association and disassociation of devices is based on each device identity. Additional device security features include the following:  Devices do not accept unsolicited network connections. They establish all connections and routes in an outbound-only fashion. For a device to receive a command from the backend, the device must initiate a connection to check for any pending commands to process. Once a connection between the device and IoT Hub is securely established, messaging from the cloud to the device and device to the cloud can be sent transparently.  Devices only connect to or establish routes to well-known services with which they are peered, such as an Azure IoT Hub.  System-level authorization and authentication use per-device identities, making access credentials and permissions near-instantly revocable. Secure connectivity Durability of messaging is an important feature of any IoT solution. The need to durably deliver commands and/or receive data from devices is underlined by the fact that IoT devices are connected over the Internet, or other similar networks which can be unreliable. Azure IoT Hub offers durability of messaging between cloud and devices through a system of acknowledgments in response to messages. Additional durability for messaging is achieved by caching messages in the IoT Hub for up to seven days for telemetry and two days for commands. Efficiency is important to ensure conservation of resources and operation in a resource- constrained environment. HTTPS (HTTP Secure), the industry-standard secure version of the popular http protocol, is supported by Azure IoT Hub, enabling efficient communication. Advanced Message Queuing Protocol (AMQP) and Message Queuing Telemetry Transport (MQTT), supported by Azure IoT Hub, are designed not only for efficiency in terms of resource use but also reliable message delivery. Scalability requires the ability to securely interoperate with a wide range of devices. Azure IoT hub enables secure connection to both IP-enabled and non-IP-enabled devices. IP-enabled devices are able to directly connect and communicate with the IoT Hub over a secure connection. Non-IP-enabled devices are resource-constrained and connect only over short distance communication protocols, such as Zwave, ZigBee, and Bluetooth. A field gateway is used to aggregate these devices and performs protocol translation to enable secure bi-directional communication with the cloud.
  • 8. 5 Securing your Internet of Things from the ground up Additional connection security features include the following:  The communication path between devices and Azure IoT Hub, or between gateways and Azure IoT Hub, is secured using industry-standard Transport Layer Security (TLS) with Azure IoT Hub authenticated using X.509 protocol.  In order to protect devices from unsolicited inbound connections, Azure IoT Hub does not open any connection to the device. The device initiates all connections.  Azure IoT Hub durably stores messages for devices and waits for the device to connect. These commands are stored for two days, enabling devices connecting sporadically, due to power or connectivity concerns, to receive these commands. Azure IoT Hub maintains a per-device queue for each device. Secure processing and storage in the cloud From encrypted communications to processing data in the cloud, the Azure IoT Suite helps keep data secure. It provides flexibility to implement additional encryption and management of security keys. Using Azure Active Directory (AAD) for user authentication and authorization, Azure IoT Suite can provide a policy-based authorization model for data in the cloud, enabling easy access management that can be audited and reviewed. This model also enables near-instant revocation of access to data in the cloud, and of devices connected to the Azure IoT Suite. Once data is in the cloud, it can be processed and stored in any user-defined workflow. Access to each part of the data is controlled with Azure Active Directory, depending on the storage service used. All keys used by the IoT infrastructure are stored in the cloud in secure storage, with the ability to roll over in case keys need to be re-provisioned. Data can be stored in DocumentDB or in SQL databases, enabling definition of the level of security desired. Additionally, Azure provides a way to monitor and audit all access to your data to alert you of any intrusion or unauthorized access. Securing an IoT Infrastructure Securing an IoT infrastructure requires a rigorous security-in-depth strategy. Starting from securing data in the cloud, to protecting data integrity while in transit over the public internet, and providing the ability to securely provision devices, each layer builds greater security assurance in the overall infrastructure. This security-in-depth strategy can be developed and executed with active participation of various players involved with
  • 9. 6 Securing your Internet of Things from the ground up the manufacturing, development, and deployment of IoT devices and infrastructure. Following is a high level description of these players.  IoT hardware manufacturer/integrator – Typically these are the manufacturers of IoT hardware being deployed, hardware integrator assembling hardware from various manufacturers, or hardware supplier providing hardware for an IoT deployment manufactured or integrated by other suppliers.  IoT solution developer – The development of an IoT solution is typically done by a solution developer, which may part of an in-house team, or a System Integrator (SI) specializing in this activity. The IoT solution developer can develop various components of the IoT solution from scratch, integrate various off the shelf or open source components, or adopt pre-configured solutions with minor adaptation.  IoT solution deployer – Once an IoT solution is developed, it needs to be deployed in the field. This involves deployment of hardware, interconnection of devices, and deployment of solutions in hardware devices, or in the cloud.  IoT solution operator – Once the IoT solution is deployed, it requires long term operations, monitoring, upgrades, and maintenance. This may be done by an in-house team comprising information technology specialists, hardware operations and maintenance teams, and domain specialists who monitor the correct behavior of overall IoT infrastructure. The following provides best practices for each of these players so as to develop, deploy and operate a secure IoT infrastructure. IoT hardware manufacturer/integrator  Scope hardware to minimum requirements – The hardware design should include minimum features required for operation of the hardware, and nothing more. An example is to include USB ports only if required for the operation of the device. These additional features open the device for unwanted attack vectors, which should be avoided.  Make hardware tamper proof – Build in mechanism to detect physical tampering of hardware, such as opening of device cover, removing a part of the device, etc. These tamper signals may be part of the data stream uploaded to the cloud enabling alerting of these events to the operators.  Build around secure hardware – If COGS permit, build security features such as secure and encrypted storage and Trusted Platform Module (TPM) based boot functionality. These features make devices more secure protecting the overall IoT infrastructure.  Make upgrades secure – Upgrading firmware during lifetime of the device is inevitable. Building devices with secure paths for upgrades and cryptographic assurance of firmware version will allow the device to be secure during and after upgrades.
  • 10. 7 Securing your Internet of Things from the ground up IoT solution developer  Follow secure software development methodology – Developing secure software requires a ground-up thinking about security from the inception of the project all the way to its implementation, testing, and deployment. The choice of platforms, languages, and tools are all influenced with this methodology. The Microsoft Security Development Lifecycle provides a step- by-step approach to building secure software.  Choose open source software with care – Open source software provides an opportunity to quickly develop solutions. When choosing open source software, consider the activity level of the community for each open source component. An active community ensures software will be supported; issues will be discovered and addressed. Alternatively, an obscure and inactive open source software will not be supported and issues will most probably not be discovered.  Integrate with care – Many of the software security flaws exist at the boundary of libraries and APIs. Functionality which may not be required for the current deployment may still be available via an API layer. Making sure that all interfaces of components being integrated are secure ensures overall security. IoT solution deployer  Deploy hardware securely – IoT deployments may require hardware to be deployed in unsecure locations, such as in public spaces or unsupervised locales. In such situations, ensure that hardware deployment is tamper proof to the maximum extent. If USB or other ports are available on the hardware, ensure that these are covered securely. Many attack vectors can use these as entry point for attacks.  Keep authentication keys safe – During deployment, each device requires device IDs and associated authentication keys generated by the cloud service. Keep these keys physically safe even after the deployment. Any compromised key can be used by a malicious device to masquerade as an existing device. IoT solution operator  Keep system up to date. Ensure device operating systems and all device drivers are updated to the latest versions. Windows 10 (IoT or other SKUs), with automatic updates turned on, is kept up to date by Microsoft, providing a secure operating system for IoT devices. For other operating systems, such as Linux, keeping them up to date ensures they are also protected against malicious attacks.  Protect against malicious activity. If the operating system permits, place the latest anti-virus and anti-malware capabilities on each device operating system. This can help mitigate most external threats. Most modern operating systems, such as Windows 10 IoT and Linux, can be protected against this threat by taking appropriate steps.  Audit frequently. Auditing IoT infrastructure for security related issues is key when responding to security incidents. Most operating systems, such as
  • 11. 8 Securing your Internet of Things from the ground up Windows 10 (IoT and other SKUs), provide built-in event logging that should be reviewed frequently to make sure no security breach has occurred. Audit information can be sent as a separate telemetry stream to the cloud service and analyzed.  Physically protect the IoT infrastructure. The worst security attacks against IoT infrastructure are launched using physical access to devices. Protecting against malicious use of USB ports and other physical access is an important safety and security practice. Logging of physical access, such as USB port usage, is key to uncovering any breach that may have occurred. Again, Windows 10 (IoT and other SKUs) enables detailed logging of these events.  Protect cloud credentials – Cloud authentication credentials used for configuring and operating an IoT deployment are possibly the easiest way to gain access and compromise an IoT system. Protect the credentials by changing the password frequently, and not using these credentials on public machines. Note that capabilities of different IoT devices vary. On one hand, some devices may be full blown computers running common desktop operating systems, while on the other hand, some devices may be running very light-weight operating systems. Security best practices described above may be applicable to these devices in varying degree. If provided, additional security and deployment best practices provided by manufacturer of these devices should be followed. Some legacy and constrained devices may not have been designed specifically for IoT deployment. These devices may lack the capability to encrypt data, connect with the Internet, provide advanced auditing, etc. In these cases, using a modern and secure field gateway to aggregate data from legacy devices may provide the security required for connecting these devices over the Internet. Field gateways in this case provides secure authentication, negotiation of encrypted sessions, receipt of commands from the cloud, and many other security features. Conclusion The Internet of Things starts with your things—the things that matter most to businesses. IoT can deliver amazing value to a business by reducing costs, increasing revenue, and transforming business. Success of this transformation largely depends on choosing the right IoT software and service provider. That means finding a provider that not only catalyzes this transformation by understanding business needs and requirements, but also provides services and software built with security, privacy, transparency, and compliance as major design considerations. Microsoft has extensive experience with developing and deploying secure software and services and continues to be a leader in this new age of Internet of Things.
  • 12. 9 Securing your Internet of Things from the ground up The Microsoft Azure IoT Suite builds in security measures by design, enabling secure monitoring of assets to improve efficiencies, drive operational performance to enable innovation, and employ advanced data analytics to transform businesses. With its layered approach towards security, multiple security features, and design patterns, Azure IoT Suite helps deploy an infrastructure which can be trusted to transform any business.
  • 13. 10 Securing your Internet of Things from the ground up Appendix Each Azure IoT Suite pre-configured solution creates instances of Azure services, such as the following:  Azure IoT Hub: Your gateway that connects the cloud to “things”. You can scale to millions of connections per hub and process massive volumes of data with per-device authentication support helping you secure your solution.  Azure DocumentDB: A scalable, fully-indexed database service for semi- structured data that manages metadata for the devices you provision, such as attributes, configuration, and security properties. DocumentDB offers high- performance and high-throughput processing, schema-agnostic indexing of data, and a rich SQL query interface.  Azure Stream Analytics: Real-time stream processing in the cloud that enables you to rapidly develop and deploy a low-cost analytics solution to uncover real- time insights from devices, sensors, infrastructure, and applications. The data from this fully-managed service can scale to any volume while still achieving high throughput, low latency, and resiliency.  Azure App Services: A cloud platform to build powerful web and mobile apps that connect to data anywhere; in the cloud or on-premises. Build engaging mobile apps for iOS, Android, and Windows. Integrate with your Software as a Service (SaaS) and enterprise applications with out-of-the-box connectivity to dozens of cloud-based services and enterprise applications. Code in your favorite language and IDE—.NET, NodeJS, PHP, Python, or Java—to build web apps and APIs faster than ever.  Logic Apps: The Logic Apps feature of Azure App Service helps integrate your IoT solution to your existing line of business systems and automate workflow processes. Logic Apps enables developers to design workflows that start from a trigger and then execute a series of steps—rules and actions that use powerful connectors to integrate with your business processes. Logic Apps offers out-of-the-box connectivity to a vast ecosystem of SaaS, cloud- based, and on-premises applications.  Blob storage: Reliable, economical cloud storage for the data that your devices send to the cloud.
  • 14. 11 Securing your Internet of Things from the ground up © 2016 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it. Some examples are for illustration only and are fictitious. No real association is intended or inferred. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes.