Companies are constantly improving the speed and accuracy of decision-making, increasing their operating income and revenue based on getting the right information in the hands of the people who need it. Digital transformation empowers organizations to make data driven decisions by connecting their critical assets and vital equipment and collecting telemetry data for further analysis. Such information assists organizations to improve their fleet management, reduce operational costs, providing higher quality of service, and improving overall efficiency. By 2025 there will be nearly 80 billion IoT devices deployed worldwide, with an average of 10 IoT devices per person on the planet!
IoT devices are firmly designed to connect to a network, perform a certain predefined set of actions and share certain information with an external system. Some IoT devices may even communicate basic telemetry back to the device manufacturer or have means to receive software updates. Many IoT devices are simply connected to the internet with little management or oversight.
In most cases however, the IT operation center doesn’t know these devices exist on the network, and they are unaware of the potential risk and attack surface they represent by being unsecure.
In 2018, hundreds of thousands of home and small business networking and storage devices were compromised and loaded with the so-called “VPNFilter” malware. The FBI has publicly attributed this activity to a nation-state actor and took subsequent actions to disrupt this botnet, although the devices would remain vulnerable to re-infection unless proper firmware or security controls were put in place by the user. The investigation uncovered that an actor had used these devices to gain initial access to corporate networks.
These attacks could have been averted if the affected devices would have been identifiable, maintained, and monitored by security teams, and prevention actions have been taken to mitigate the risks on those devices. A constantly evolving threat landscape requires new approaches to protection, IoT security posture, enterprise scale deployment, and automation.
What is Azure Security Center for IoT?
Azure Security Center for IoT provides threat protection and security posture management designed for securing entire IoT deployments, including Microsoft and 3rd party devices. Azure Security Center is the first IoT security service from a major cloud provider that enables organizations to prevent, detect, and help remediate potential attacks on all the different components that make up an IoT deployment: from small sensors, to edge computing devices and gateways, to Azure IoT Hub, and on to the compute, storage, databases, and AI/ML workloads that organizations connect to their IoT deployments. This end-to-end protection is vital to secure IoT deployments.
Meet us @ RSA 2020
If you want to learn more about understanding and detecting threats to your IoT landscape, come meet our team at the Microsoft booth @ RSA 2020.
To learn more about Azure Security Center for IoT visit our website.