09-01-2020 08:57 AM - last edited on 09-02-2020 07:04 AM by kartben
Secure transmission of data from devices in the field can be challenging depending on the business environment. What do you do if you have a need to create an IoT Solution that operates on an offshore oil rig? How do you securely transmit data from devices that may have been installed over a decade ago? This month we’re starting off the Ask the IoT expert series focusing on IoT and security.
We are looking for your questions and ideas and we’ll respond, so go ahead and ask us anything!
My name is Martin Tuip and I’m the worldwide Azure IoT Security and Windows IoT Marketing Lead at Microsoft and joined by a team of Microsoft IoT experts to answer any questions you may have regarding this topic: Arjmand Samuel (all up IoT security expert), Eustace Asanghanwa (security at the edge expert) Nicole Berdy (all things DPS and more) and Ramit Malhotra (all up IoT security and certificates expert).
If you have any questions regarding IoT security, please leave them as comments in this very discussion and one of us will be here to answer it. To make this Ask the IoT Expert globally inclusive the Q&A will play out in this post and last for the whole month of September. You can also count on us leaving hints and tips throughout the month in this post.
Developers, we’re looking forward to your questions – please ask away!
09-01-2020 09:14 PM
I am running 5k Windows 10 IoT enterprise Thinclient at work with UWF + monthly patching via SCCM and having difficulties keeping up with security in an effective manner.
The time to perform monthly patching and WinSXS compact is taking much longer time than redeploy the OS. Is there a plan to improve this?
09-03-2020 11:10 PM
Thanks for your question. Have you tried cleaning up the component store
09-04-2020 12:13 AM
@95twr With UWF running at all times, I need to schedule a few hours per month with UWF turn off to install Windows update and perform component store cleanup after updates.
These are low powered devices with low and slow eMMC storage. Install of monthly 1Gb to 1.6 Gb cumulative updates from LTSC 1507/1607 + component store cleanup can take longer than re-image the device.
LTSC 1809 seems improve a bit yet this is far from efficient.
09-04-2020 07:55 AM
@95twr I'd to know about a 101 on check lists for security on IoT Hub.
Also what should be the correct setup to avoid mqtt-dup from a gateway sending messasges to IoT Hub, is there any kind of ACK I can/should set up?
09-08-2020 03:19 PM
@null null Thanks for sharing the feedback. If possible, we’d like to clarify a few items to help us better understand the issue here.
Would like to understand a bit more details of the issue you experienced and connect with you offline. Please message me if you would like to connect. Thanks.
09-08-2020 04:23 PM
I am applying Windows update every month during servicing window. WinSXS needs to be cleanup to save disk space, as well as avoiding automatic WinSxS cleanup task schedule kicks in and use up the UWF ram overlay outside servicing window.
@95twr Here are my questions:
1. Where will Azure SQL edge fit? Will the future IOT Developer include this or will a new cert emerge(Under SQL Server)?
2. How many of the regular SQL server security features will be present in this SQL Edge solution?
I wonder how performance of this remote devices will be managed and monitored. How DDOS attacks be regulated/observed?
@George Carlisle Good questions, I will reach out to some on the SQL side and see what they say.