Microsoft Azure IoT Suite Overview (Customer...
Transcript of Microsoft Azure IoT Suite Overview (Customer...
![Page 1: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/1.jpg)
![Page 2: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/2.jpg)
North Carolina Highway Signs Compromised By a
Foreign Hacker*
Penetration of a Water Treatment Facility by a
Foreign Hacker*
*NSTAC Report to the President on the Internet of Things. www.dhs.gov/sites/default/files/publications/
![Page 3: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/3.jpg)
Information
Technology
Operational
Technology
System of Systems
![Page 4: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/4.jpg)
How? • Secure Development Lifecycle
• Secure Network Technologies
• Threat & Vulnerability Mitigation
• Monitoring and Alerting
• Software/Firmware Auto-Updates
• Privacy Models
Mission of ITDesign and maintain
software, hardware and
network resources which run
securely and provide
privacy
Information Technology (IT) the application of computers and telecommunications equipment to store, retrieve, transmit and
manipulate data*
*en.wikipedia.org/wiki/Information_technology
![Page 5: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/5.jpg)
How? • Robust machines, with built-in safety features
• Automated monitoring and control
• Isolate and control – cut off all interaction with the world
• Design to protect against natural and man-made disasters
Mission of OTDesign and maintain machines
which run reliably, and safely
(do not cause injury or harm to
other machines, humans, and
the environment)
Operations Technology (OT) collects information and causes changes in the physical world through the direct
monitoring and control of physical devices in industrial contexts
![Page 6: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/6.jpg)
Information
Technology
Operational
Technology
System of Systems
![Page 7: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/7.jpg)
Information
Technology
Specialists
Hardware
Device
Specialist
System of Systems
![Page 8: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/8.jpg)
Why is IoT vulnerable?
![Page 9: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/9.jpg)
• Many Industrial IoT deployments are brownfield• Size and capital expense involved with building and retrofitting
• Brownfield industrial deployments • Rely on physical security (remove all interaction with the outside world)• Based on obscure or proprietary protocols and systems
• Most industrial IoT systems will be old and out of date - at greater risk of attacks
• Not always possible to rip-and-replace industrial machines to bring them up to modern security standards
![Page 10: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/10.jpg)
Trustworthy
IoT
Security Privacy
Reliability Safety
Environment Threats
System faults
Human Errors
![Page 11: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/11.jpg)
WINDOWS
10 IOT
Partha: Remove the background pictures, need to
move ‘Trusted’ pillar in the place of connected and
connected moves to the bottom. Slide 10 should
become the next slide and should have a similar
design as this slide with IoT Core.
PRODUCTIVECommercial OS platform that brings modern user experience to your things
TRUSTEDTrusted platform for cloud-
connected devices
CONNECTEDOpen platform that easily connects things,
endpoints, and the cloud
![Page 12: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/12.jpg)
Windows 10 Enterprise for IoT devicesWindows 10 IoT Enterprise
Windows 10 Mobile for IoT devicesWindows 10 IoT Mobile
Windows 10 for small footprint IoT devicesWindows 10 IoT Core
![Page 13: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/13.jpg)
Windows platform provides secure key handling
Developers can easily build secure cloud applications for Windows IoT
Connected Service for Azure IoT Hub
![Page 14: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/14.jpg)
Security from the ground up
Microsoft Cloud
Largest online services in the world
Centers of excellence
Operational Security Assurance (OSA) process
Security Development Lifecycle (SDL)
azure.microsoft.com/documentation/articles/securing-iot-ground-up/
![Page 15: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/15.jpg)
Azure IoT Suite
Device Connectivity & Management
Data Ingestion and Command & Control
Stream Processing & Predictive Analytics
Workflow Automation and Integration
Dashboards and Visualization
Preconfigured Solutions
Predictive Maintenance
Remote Monitoring
![Page 16: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/16.jpg)
Analyze and act
on new data
Integrate and transform
business processes
Connect and scale
with efficiency
----101010110101010001101000101 11----˃
And more. . .
Business Systems
--- 101 0110001010111--˃
![Page 17: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/17.jpg)
Defense in depth
Securely connect millions of devices . . .
Over a secure internet connection . . .
To Microsoft Azure – built with security from the ground up
----1010101101010101010110101110100100100010111----˃
˂---1010101101010101010110101110100100100010111----
Device Security Connection Security Cloud Security
![Page 18: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/18.jpg)
… represents the use of multiple
computer security techniques to help
mitigate the risk of one component of
the defense being compromised or
circumvented*
*en.wikipedia.org/wiki/Defence_in_depth#Information_security
Each role is responsible for a layer of
depth, and each layer has further layers
of safeguards so as to build defense
in depth
![Page 19: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/19.jpg)
Roles
IoT solution operator
IoT solution deployer
IoT cloud and solution provider
IoT solution developer
IoT hardware manufacturer and integrator
![Page 20: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/20.jpg)
Element S T R I D E
External entity
Process
Data Store ?
Data Flow
The STRIDE model
Spoofing Identity
Tampering with Data
Repudiation
Information Disclosure
Denial of Service
Elevation of Privilege
User DeviceField
GatewayCloud
GatewayFront EndServices
BackendServices
IdentitySystem User
DataFederation
Partners
Local User Zone
Local Zone Device ZoneField Gateway Zone
Cloud Gateway Zone
Trust Boundary
Azure Services Zone Remote User Zone
Gateway Zone Services Zone
![Page 21: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/21.jpg)
Follow Us! Blog :
https://blogs.microsoft.com/iot/
Partners – join the community:
http://aka.ms/CEPartnerForm (select IoT)
Go to www.InternetOfYourThings.com
![Page 22: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/22.jpg)
• Learn how to build in security from
the ground up
• Gartner Predicts 2016: Security and
the Internet of Things
• https://azure.microsoft.com/en-
us/documentation/articles/iot-hub-
security-ground-up/
IoT Site Azure.com Site
![Page 23: Microsoft Azure IoT Suite Overview (Customer facing)download.microsoft.com/documents/CEEHQ/virtual-summit/IoT_Onli… · • Based on obscure or proprietary protocols and systems](https://reader031.fdocuments.us/reader031/viewer/2022022019/5b935e0c09d3f209728dbbab/html5/thumbnails/23.jpg)