Article Brought to you by Microsoft

Microsoft best practices for managing IoT security concerns

Mariam Gewida | Program Manager, Azure IoT Security
The Internet of Things, or IoT, has expanded beyond the mere concept that it was when first introduced. IoT is now part of most individuals’ daily activities, from smart speakers and thermostats to smartwatches and vehicles. IoT devices and systems bring massive convenience and functionality. IoT is transforming the way businesses function, and more rapidly than ever, industrial IoT, manufacturing, and critical infrastructure are depending on IoT for their operations. However, due to the complicated nature of IoT, when implementing and managing IoT, security must be top of mind. During a thorough survey, organizations were asked about their top security concerns when implementing IoT. Figure 1 identifies such concerns as per the IoT Signals report published in October 2021:
– Ensuring data privacy (46%).
– Ensuring network-level security (40%).
– Security endpoints for each IoT device (39%).
– Tracking and managing each IoT device (36%).
– Making sure all existing software is updated (35%).
– Updating firmware and other software on devices (34%).
– Performing hardware/software tests and device evaluation (34%).
– Updating encryption protocols (34%).
– Conducting comprehensive training programs for employees involved in IoT environment (33%).
– Securely provisioning devices (33%).
– Shifting from device-level to identity-level control (29%).
– Changing default passwords and credentials (29%).
Figure 1: Types of IoT security.

The importance of security for IoT

Rewinding back to 2016, a major Distributed Denial of Service (DDoS) attack took place on a major internet service provider, impacting multiple websites and their customers. Why? Thousands of users failed to change the default passwords on their connected devices, providing an opportunity for attackers to form a botnet attack. Consequences? Detrimental. Fast-forwarding to the more recent years, security in IoT is finally starting to gain attention due to the realization of the impact any attack has on organizations and users. As outlined in Microsoft’s Zero Trust paper, below are some of the many consequences of IoT breaches:
– Operation and revenue impact due to potential changes in production, quality, and core business.
– Customer impact due to changes in product and service experience and reputation.
– Regulation impact due to non-compliance with government and industry-wide regulations.

Design lifecycle and risk diligence

Microsoft provides numerous tools, services, and capabilities that address IoT Security concerns, while also providing effective solutions to mitigate top IoT Security issues.
When designing an IoT solution, it is important to understand the potential threats within the design. This will provide an opportunity to integrate security and risk diligence in each step of the design lifecycle, as well as harden and maintain your solution’s security protocols. First step is understanding how to secure your IoT environment. Second step is identifying and mitigating potential security issues within your design. Third step is maintaining a security maturity model that allows you to track and manage the maturity of your design’s information security management. Finally, fourth step is following Microsoft’s Zero Trust principles to mitigate top security concerns.

Top properties of a highly secured IoT environment (device security)

Building a secure IoT solution is not an easy task. However, following the most studied and recommended principles and practices will provide you with the necessary tools needed to achieve optimal security within the design. Refer to Figure 2 for the top seven properties utilized within all highly secured and connected devices: hardware-based root of trust, small trusted computing base, defense in depth, compartmentalization, certificate-based authentication, renewable security, and failure reporting.
Figure 2: Top properties of highly secure devices.

Threat modeling

When designing an IoT solution, one must understand the potential threats that accompany that solution and identify the best protocols to defend the solution from such threats. Starting the design of a solution with security as a top aspect will help with this process. This is why Microsoft offers the Threat Modeling Tool, which is a key aspect of Microsoft Security Development Lifecycle. The tool encompasses five major steps in the security lifecycle: define, diagram, identify, mitigate, and validate. Additionally, the tool enables users to share information about their systems’ security designs, analyze designs for security issues, and provide mitigation suggestions for the identified issues.

Security Maturity Model (SMM)

What is SMM and how does it help? Security maturity is the measure of the understanding of the current security level, its necessity, benefits, and cost of its support. It provides a degree of confidence in the effectiveness of security implementation in meeting organizational needs, with an understanding of necessity, benefits, and costs:
– Builds on existing maturity models, frameworks, and concepts.
– Provides a holistic solution addressing process, technology, and operations.
– Provides actionable guidance for specific IoT scenarios.
– Connects maturity with control frameworks, best practices, and other guidance.
– Enables IoT providers to invest appropriately in security mechanisms to meet their requirements.

Zero Trust principles and best practices for end-to-end security

When designing an IoT solution, it is extremely important to identify and understand potential threats to that solution. To help with this process, Microsoft established five Zero Trust principles that encourage defense in depth procedures and provide clear guidelines on achieving optimal security within IoT solutions.
Our customers and partners have IoT security-related concerns, such as ensuring data privacy and maintaining a solid process for changing default passwords. To address these concerns, we apply the Zero Trust principles within our products and services. The following sections are linked to our Well-Architectured Framework for IoT security, which expands on many of the Microsoft products and services that provide highly secured protocols for IoT solutions.

Strong identity

The first pillar of Zero Trust principles is having a strong identity for IoT devices. Maintaining a strong identity within your IoT ecosystem can be achieved using a variety of processes and protocols. To name a few, having a hardware root of trust, strong authentication and authorization protocols, and renewable credentials are great steps towards mitigating the top identity concerns.

Least-privileged access

In addition to the strong identity provided by integrated devices and services, Zero Trust requires least-privileged access control to limit any potential blast radius from authenticated identities that may have been compromised or running unapproved workloads. From access control policies and protocols to strong authentication mechanisms, Microsoft has its customers covered with a strong list of services such as Microsoft Azure Sphere, which securely connects microcontroller unit (MCU)-powered devices from the silicon to the cloud, while implementing least-privilege access by default.
Additionally, Microsoft provides a wide variety of training programs and resources to anyone interested in or working in an IoT environment. From Cybersecurity 101 training to Cybersecurity Awareness Month, employees can benefit from Microsoft’s implementations for IoT and operational technology (OT) security. For a full list of Microsoft Security trainings and programs, please read #BeCyberSmart—When we learn together, we’re more secure together.

Device health

Maintaining a device’s health means regularly running scans that provide effective information such as potential threats, vulnerabilities, weakened passwords, and anomalous behaviors. A trusted device must be continuously verified for its health, and such scans will enable such verification and ensure that only trusted and verified devices can access the larger IoT ecosystem. Microsoft tools such as Microsoft Defender for IoT and Microsoft Sentinel will help your organization track and manage its IoT devices and perform the necessary tests and evaluations to understand where your devices’ health stands.

Continual updates

To maintain IoT device health, continuous software and firmware updates are critical. A healthy target state should be identified and met at all times through centralized configuration and compliance management. Azure Device Update for IoT Hub is a great service for deploying over-the-air (OTA) updates to your IoT devices.

Security monitoring and response

Coupled with continuous monitoring for trusted device health, security monitoring and response further hardens the security of IoT devices by quickly identifying threats and providing the best mitigation protocols. Microsoft follows a defense in depth approach and offers IoT services that follow the key Zero Trust capabilities. This includes monitoring and controlling access to public endpoints, running security agents for security monitoring and detection, and incorporating response systems in all IoT devices. Tools and services like the Microsoft Defender for IoT will bring your IoT solutions one step closer to strong security.