Microsoft Extends Secured-Core Program to IoT Devices
Microsoft is expanding its Edge Secured-core program to include IoT devices, a decision intended to address rising security concerns as edge computing grows increasingly popular.
The Edge Secured-core certification is part of Microsoft’s Azure Certified Device program. Initially designed to analyze and validate devices for specific security hardware technology, it offers something of a security seal of approval so users can run an OS safely.
The decision to include IoT devices in this system was motivated by a recent Microsoft study in collaboration with Ponemon Institute, which found that 65% of companies surveyed see security as the top priority when implementing IoT, with data privacy being a particular area of concern.
IoT attacks pose a significant industry problem, an issue that is only continuing to increase as more businesses are deploying IoT devices. Devices at the network edge are the Achilles heel of the system; having multiple points of weakness for potential attacks. Such breaches can see devices being bricked, held for ransom or used as a launch pad for further attacks, with data being stolen or compromised.
With the addition of IoT devices to Microsoft’s platform, customers will be able to more easily select devices with adequate levels of security. Several markers have been identified for devices to meet these security requirements; including the capacity to enforce system integrity, hardware-based device identity, data-at-rest encryption and a built-in security agent.
In addition, all Edge Secured-core device operators will need to provide system updates for at least 60 months.