Today, I’m pleased to announce we’re introducing support for X.509 certificates to enhance device-level authentication. X.509 certificates are considered the gold standard for exchanging information between two parties – for example, a connected device and a cloud platform – with cryptographic safeguards that allow businesses to be alerted to any potential exposure to information in transit.
With Azure IoT support for X.509 certificates, an IoT device can now store a private key locally, and an associated device X.509 certificate generated to identify the device to Azure IoT Hub before the information is transmitted. The benefit to customers in industries such as manufacturing, healthcare and smart cities is that device identity can be transmitted safely and securely from the edge to the cloud while maintaining integrity. More details about this feature can be found here.
Securing your IoT deployment
We’ve also just published a new, easy-to-read primer on Azure IoT Hub security features called Securing your IoT deployment. The distributed nature of the Internet of Things, which can span individual homes, corporate buildings and even geographies, combined with the sheer scale at which many IoT devices are deployed, make security one of the key considerations when adopting, designing and deploying IoT.
At Microsoft, we’ve developed our IoT security based on our enterprise expertise, recommending that businesses adopt a defense-in-depth strategy that layer multiple security features to mitigate the risk of any one security technology being compromised. Like IoT itself, which relies on a broad ecosystem of technology providers, partners and companies to bring solutions to life, we believe that securing an IoT infrastructure end-to-end requires the collective efforts of device manufacturers, operators, integrators, solution developers and individuals or business deploying IoT.
Microsoft is working with our customers to enable security best practices, including tools to ensure devices, assets and data are secure. We believe in proactively sharing our security approach and have published a number of whitepapers that provide detailed information about our approach to security architecture and features, including:
- Security from the ground up: A high level look at what Azure provides in terms of architecture and features for security; and an introduction to Azure IoT features for securing IoT infrastructure.
- Security best practices: A collection of industry-wide best practices for securing an IoT infrastructure.
- Security architecture: A look at the IoT architecture entirely built around threat modeling. The document introduces threat modeling and walks through an actual threat model for the Azure IoT reference architecture.