Microsoft offers threat protection for IoT installations
August 1, 2019
To give organisations threat protection and security posture management across their entire IoT installations, Microsoft has announced the general availability of Azure Security Center for IoT.
Azure Security Center allows users to protect their end-to-end IoT deployment by identifying and responding to emerging threats, as well as finding issues in their configurations before attackers can use them to compromise deployment. It helps organisations manage their security roadblocks and remove the barriers keeping them from business transformation.
“With Azure Security Center for IoT, we can both address very real IoT threat models with the velocity of Azure and gain management control over the fastest scaling part of our business, which allows me to focus on delivering outcomes rather than hot fixing devices,” said Alex Kreilein from RapidDeploy.
As organisations pursue digital transformation by connecting vital equipment or creating connected products, IoT deployments will get bigger and more common. In fact, IDC forecasts that IoT will continue to grow at double digit rates until IoT spending surpasses $1tn in 2022. As these IoT deployments come online, newly connected devices will expand the attack surface available to attackers, creating opportunities to target the data generated by the IoT.
“Organisations understand the risks and are rightly worried about IoT,” said Michal Braverman-Blunmenstyk, Microsoft’s CTO for cloud and AI security, in a blog post.
Research shows that security concerns are the top reason organisations have slowed or paused IoT rollouts. Because IoT requires integrating many different technologies (heterogenous devices must be linked to IoT cloud services that connect to analytics services and business applications), organisations face the challenge of securing both the pieces of their IoT deployment and the connections between those pieces. Attackers target weak spots; even one weak device configuration, cloud service, or admin account can provide a way in.
“Your organisation must monitor for threats and misconfigurations across all parts of your IoT: devices, cloud services, the supporting infrastructure, and the admin accounts who access them,” said Braverman-Blunmenstyk.
Securing IoT is challenging for many reasons: IoT deployments are complicated, creating opportunity for integration errors that attackers can exploit; IoT devices are heterogenous and often lack proper security measures; organisations may not have the skillsets or sec-ops headcount to take on a new IoT security workload; and IoT deployments are difficult to monitor using traditional IT security tools.
“When organisations choose Microsoft for their IoT deployments, however, they get secure-by-design devices and services such as Azure Sphere and IoT Hub, end-to-end integration and monitoring from device to cloud, and the expertise from Microsoft and our partners to build a secure solution that meets their exact use case,” said Braverman-Blunmenstyk.
Azure Security Center for IoT builds on Microsoft’s secure-by-design IoT services with threat protection and security posture management designed for securing entire IoT deployments, including Microsoft and third party devices. It is said to be the first IoT security service from a major cloud provider that enables organisations to prevent, detect and help remediate potential attacks on all the different components that make up an IoT deployment, from small sensors, to edge computing devices and gateways, to Azure IoT Hub, and on to the compute, storage, databases, and AI and ML workloads that organisations connect to their IoT deployments.
“This end-to-end protection is vital to secure IoT deployments,” said Braverman-Blunmenstyk. “Although devices may be a common target for attackers, the services that store your data and the admins who manage your IoT solution are also valuable targets.”
As IoT threats evolve due to creative attackers analysing the new devices, use cases and applications the industry creates, Microsoft’s threat intelligence, sourced from the more than six trillion signals that Microsoft collects every day, can help keep organisations ahead of attackers. Azure Security Center creates a list of potential threats, ranked by importance, so security pros and IoT admins can remediate problems across devices, IoT services, connected Azure services and the admins who use them.
Azure Security Center also creates ranked lists of possible misconfigurations and insecure settings, allowing IoT admins and security pros to fix the most important issues in their IoT security posture first. To create these security posture suggestions, Azure Security Center draws from Microsoft’s threat intelligence, as well as industry standards. Users can also port their data into SIEMs such as Azure Sentinel, allowing security professionals to combine IoT security data with data from across the organisation for artificial intelligence or analysis.
“Organisations can monitor their entire IoT solution, stay ahead of evolving threats and fix configuration issues before they become threats,” said Braverman-Blunmenstyk. “When combined with Microsoft’s secure-by-design devices, services and the expertise we share with you and your partners, Azure Security Center for IoT provides an important way to reduce the risk of IoT while achieving your business goals.”