Microsoft

Our mission is to empower every person and every organisation on the planet to achieve more.

Meeting the ongoing challenge with security and IoT

The Internet of Things (IoT) is a hot technology with consumers. The idea of a fully connected home, and the convenience and comfort that provides, is too good to resist. ABI Research predicts the global smart home market alone will reach $123 billion by 2022.

Whether it’s improving the physical security of your home with smart locks, enjoying a better driving experience through the technology embedded into your car, or automating your home through the devices that are coming from the likes of Google, Apple and Amazon, IoT provides plenty of opportunities to improve your home through technology.

Unfortunately, hackers see IoT as an opportunity, too. Security vendor, Symantec, said in its recent annual security threat report: “Targeted attack groups increasingly focus on IoT as a soft entry point. It previously reported that, in 2018, attacks towards IoT had increased by 600 per cent year-on-year.

As far back as 2014 there have been horror stories of hackers accessing home baby monitoring cameras, but perhaps the best recent example of the potential risk posed by hackers targeting IoT is when Chinese researchers from Keen Security Lab remotely took control of an electronic car.

How Microsoft is solving the IoT security problem

One of the biggest problems IoT device manufacturers face is that security needs to be handled differently compared with the security software and hardware developed for computers.

“It’s an entirely new challenge. If you think of traditional IT and mobility management scenarios where there’s well defined approaches to data protection and access management, coming to IoT, where those methods don’t apply, it is an entirely new world.”  Danielle Damasius Principle PM, Azure Sphere, Microsoft, said. “With IoT you’re looking at devices that are always on, unmanaged from a traditional sense and unattended in a lot of cases, so often there are not many indicators a device has been compromised – there isn’t the traditional watchdogs in place.”

Solutions around IoT security need to come from the hardware manufacturing end. With so many devices in production, and no unified platform for IoT security to operate on, manufacturers have previously been left to their own security practices. By the time the end-user has a few IoT devices in their environment, security has become a patchwork of differing standards provided by a wide range of different vendors that have vastly different levels of resourcing available to provide security. Hackers only need to find one vulnerability to gain access to the organisation’s network – and such an environment is ripe for finding weaknesses. It is why IoT is seen as a “soft target.”

As a result, Microsoft has developed Azure Sphere to create a highly secured IoT devices.. A Linux-based embedded OS and cloud service specifically designed for IoT devices, Azure Sphere addresses the most critical challenges facing IoT by presenting a uniform platform for security that all device manufacturers can access.

Manufacturers implement the Azure Sphere platform onto their devices, and can then rely on the built-in security provided by Microsoft’s security practice. Connected to the cloud, Microsoft brings its considerable weight in security to provide failure reporting to identify threats and automatic updates to addressvulnerabilities as they are revealed.

IoT security best practices

While IoT does offer consumers a rich new world of connectivity, people will stop using the devices if the security risk escalates. And the reputational damage to IoT device manufacturers that offer insecure products will be severe – as irritating as it is having ransomware pop up on your computer, the thought of a hacker using your home electronics to spy on you at home is far worse.

“Foundationally, we believe that when you start building devices you should immediately have security in mind,” Damasius said. “Azure Sphere is designed to make it easy and affordable for manufactures to build renewable security into their devices from the outset.”

Microsoft also has a network of hardware and design partners that it works with to help other partner manufacturers build security into their devices.

“Some manufactures in IoT still think they can solve for security later,” Damasius said. “No manufacturer sets out to make insecure devices, of course. Nobody wants to be the one with the botnet refrigerator. But if they’re not being proactive about security from the outset, then they are unintentionally being insecure and putting their brands and customers at risk.”

IoT will boost efficiency and productivity in businesses and at home. Manufacturers want to capitalise on that, and it won’t be long until connectivity is expected when purchasing a device. However, security concerns with IoT provide a real reputational risk for organisations, which is why it’s important the industry moves to a unified and co-ordinated approach to security as quickly as possible.

For more information on IoT and security, don’t miss Danielle Damasius’ presentation at the IoT in Action event in Sydney on March 19. Register to attend here.


Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags MicrosoftsolutionsEventsymantecIoTAzure Sphere

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

IDG Online Staff

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Cate Bacon

Aruba Instant On AP11D

The strength of the Aruba Instant On AP11D is that the design and feature set support the modern, flexible, and mobile way of working.

Dr Prabigya Shiwakoti

Aruba Instant On AP11D

Aruba backs the AP11D up with a two-year warranty and 24/7 phone support.

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?