Edge computing gives customers the ability to move cloud-like workloads out of the data center to the very places where data is collected—delivering real-time intelligence, and solving intermittent connectivity issues. Yet as the number of devices making up IoT increases, so do the IoT security risks that companies must address.
A recent study conducted by Microsoft in partnership with Ponemon Institute included a survey of companies that have adopted IoT solutions and 65% of them mentioned that security is a top priority when implementing IoT. Attacks targeting IoT devices put businesses at risk. Impacted devices can be bricked, held for ransom, employed as launch points for further network attacks, or used for malicious purposes. Among many consequences we often see stolen IP and data theft, and compromised regulatory status, all of which can have brand and financial implications on the business.
In keeping with the Microsoft end-to-end security promise and our belief that every IoT device should be secured by design, we are excited to announce General Availability of our Edge Secured-core program for Windows IoT devices. Below, we’ll share how Edge Secured-core addresses vulnerabilities and helps enterprise customers, device manufacturers, and solution builders accelerate the development and deployment of secure, scalable IoT solutions.
Edge Secured-core is a new certification in the Azure Certified Device program for IoT devices running a full operating system such as Linux (in preview) or Windows 10 IoT (available now). Edge Secured-core certified devices meet additional security requirements around device identity, secure boot, operating system hardening, device updates, data protection, and vulnerability disclosures. All of this is designed to help prevent attacks, protect your data, and defend against those attempting to infiltrate your infrastructure.
Building on the expertise Microsoft developed around Secured-core for commercial Windows 10 PCs, Edge Secured-core takes a similar approach for IoT devices. This certification can be used to validate that certified devices include specific security hardware technology, have an operating system with built-in security, and use IoT services such as Microsoft Defender for IoT that continually monitor for threats on the device.
For companies building devices, Edge Secured-core provides a low-cost differentiator that enables customers to easily identify your device that has been configured to meet a higher security standard.
Edge Secured-core drives scalable security
Through the use of Edge Secured-core, companies can trust that IoT devices are built with a foundation of security and can be deployed seamlessly and securely. It also provides enterprises and solution builders with the confidence that the devices they’re purchasing deliver the following security promises:
Hardware-based device identity
Capable of enforcing system integrity
Stays up to date and is remotely manageable
Provides data-at-rest protection
Provides data-in-transit protection
Built-in security agent and hardening
Here are a few specific scenarios where you can see the added value for Edge Secured-core devices compared to devices without it.
Device without Edge Secured-core
Edge Secured-core device
Six months after purchasing the device, there’s a vulnerability. The device receives an update and the vulnerability is fixed.
At the discretion of the OEM to supply device updates.
OEMs required to supply device updates for a period of at least 60 months from the date of submission.
A malicious actor attempts to identify vulnerable devices to install malware on.
At the discretion of the OEM to supply device updates and OT to keep device secure.