IoT Security Considerations in the Enterprise

Lee Hickin | IoT Product Manager | @leehickinDave Glover | Developer Evangelist | @dglover

• Who are we & what do we do• Microsoft, IOT, Open Source &

Security• IOT Security – layers of

consideration• STRIDE – Understanding the

Threats

Agenda

• Threat Modelling and Determine Risks• Hardware and Device Capabilities • Price Point Considerations

• Updates• You can’t secure what you can’t update

• Secure Communications• Cloud Security

IoT Security Considerations

Device

Device Environment

Field Gateway

Cloud Gateway

Services

Four zones of IoT securityTr

ansp

ort P

roto

cols

1

2

34

Devices

• UEFI Secure Boot and Measured Boot (Boot Attack)• Bitlocker and TPM Support (Offline Attack)• Windows Update• Trusted Cryptographic Services• Storage and Communications

• Universal Windows Platform• Capability and Permission• Managed Memory• Signed executables

Enterprise Grade Security for IoT Assets

Windows 10 IoT Enterprise1 GB RAM, 16 GB StorageX86

Enterprise Manageability and Security

Rich user experienceWin32 & UWP

Windows 10 IoT Editions

Handheld devicesModern Shell & UWP

lockdown and multi-user support

Windows 10 IoT Mobile512 MB RAM, 4 GB storageARM

Optimized for small & low cost IoT devices

Single UWP App experienceLow cost silicon

Windows 10 IoT Core (OEM Pro Edition)256MB RAM, 2GB storageX86 or ARM

Windows 10 Enterprise for IoT devices

Windows 10 Mobile Enterprise for IoT devices

New Windows 10 version for IoT devices

Windows 10 IoT Core Platforms

DISCOVERnearby friendly devices

IDENTIFYservices runningon those devices

ADAPTto devices comingand going

MANAGEdiversetransports

INTEROPERATEacross different OSes

EXCHANGEinformation and services

SECUREagainst nearby bad actors

IoT Interoperability and AllJoyn

TransportGatewaysServices

HTTPSAMQPS

Azure IoT Hub IoT Hub

Up to 10M Devices per Hub

Identity Registry

Device Management Provisioning

IoT Hub Gateway

HTTPS,AMQPS,MQTT

Data and Command Flow

Per-device command

queues

Event HubSelf

Hosted Gateway

MQTT,Custom

Field Gateway

OPC UA,MQTTCoAP,

AllJoyn, ...

CloudFieldM

MM

APIs

OSS Device Agents

Management

Communication

Provisioning

Azure IoT Hub OSS Device Agents

Harness

Microsoft Azure IOT SuiteConnect technology assets to other devices, cloud-based services and infrastructure

Address variable demand with scalable, efficient data collection and storage in the cloud

Configure rules and executable scripts that define actions on devices

Connect

Configure

Extend

Administer Apply business rules to remotely manage and govern devices

Intelligent Systems ServiceAzure IOT Suite

Efficiently capture, store, visualize and analyze data to drive meaningful business insights

1. Draw an application diagram and then decompose the architecture2 Assign the STRIDE mnemonic to each element in the diagram

3 Determine the risk

4 Chose mitigations (or not!)

IoTThreat

Modeling STRIDES –> Spoofing IdentityT –> Tampering R –> RepudiationI –> Information DisclosureD –> Denial of ServiceE –> Elevation of Privilege

© 2015 Microsoft Corporation. All rights reserved.

Backup Slides

Source HP Fortify: Defence for the Internet of Thingshttp://www8.hp.com/hpnext/posts/hp-fortify-defense-internet-things-iot

Top Devices Have Major Security Weaknesses

Microsoft Azure IoT Services

Devices Device Connectivity Storage Analytics Presentation & Action

Event Hub SQL Database Machine Learning App Service

IoT Hub Table/Blob Storage

Stream Analytics Power BI

Service Bus DocumentDB HDInsight Notification Hubs

External Data Sources 3rd party

Databases Data Factory Mobile Services

Data Lake BizTalk Services

{ }

Threats in the IoT platformSTRIDE Threat ImplementationSpoofing How do we know we are talking to the right

deviceAuthentication Secure Channels

Tampering How do we make sure that the device was not tampered with (physically or environmentally)

AuthorizationSecure Channels

Repudiation Modifying audit logs AuthenticationSecure logging and auditingDigital Signatures

Information Disclosure

Eavesdropping on the communication EncryptionAuthorization

Denial of Service DoS against service/device (resource exhaustion, power drain,…)

ThrottlingHigh Available designAuthorizationControlling inbound connections

Elevation of Privilege Forcing the device/service to do something it was not supposed to do

AuthorizationLeast privilege

Policies, Procedures, Guidance

Defense in DepthCloud Field Gateways Devices

Physical

Global NetworkIdentity and Access Control

ApplicationData

Physical Physical

Local Network Local Network

EdgeApplicationData Data

HostHostHost

Data Privacy Protection and Controls

People and Device Identity Federation, Data Attestation

Trustworthy Platform Hardware, Signed Firmware, Secure

Boot/Load

Secure Networks, Transport and Application Protocols,

Segmentation

Tamper/Intrusion Detection Physical Access Security

IoT Sweet Spot $1000 PCs$400

Phones

• IoT capabilities are primarily value-add to other primary capabilities

• How much computer, storage, and networking circuitry can you add to the BOM for a $40-range retail product for that value-add?

• Tiny devices make awfully vulnerable network servers

Capability constrained devicesCost

Computational CapabilitiesMemory/Storage Capacity

Energy Consumption/Source

$1 Senso

r

$10000

Server

Component Quality

• IoT Security is a shared responsibility• Security concepts to the edge • Device code, provisioning, certificates, data management

• Implement a Secure Development Lifecycle• http://microsoft.com/sdl• Keep track of the cyber supply chain• Work out an incident response plan that includes updates

• Leverage industry best practices for defense-in-depth• Select device platforms by best balance between feature and security

capabilities for your scenario and budget.• Leverage best practice network design, but don’t just trust the

network. • Establish security boundaries at the application layer

Call to Action!

• Build on the Azure IoT Suite and IoT Hub• Secure, Service Assisted, Bi-Directional Communication• Hyper-Scale Device Identity Management• Device Management Foundation

• Review our platform principles and certifications• Azure Trust Center

http://azure.microsoft.com/en-us/support/trust-center/

Call to Action!

ISO 27001/27002SOC 1/SSAE 16/ISAE 3402 and SOC 2Cloud Security Alliance CCMFedRAMPFISMAFBI CJIS (Azure Government)

PCI DSS Level 1United Kingdom G-CloudAustralian Government IRAPSingapore MTCS StandardHIPAACDSAEU Model Clauses

Food and Drug Administration 21 CFR Part 11FERPAFIPS 140-2CCCPPFMLPS

Improve your skills by enrolling in our free cloud development courses at the Microsoft Virtual Academy.Try Microsoft Azure for free and deploy your first cloud solution in under 5 minutes!Easily build web and mobile apps for any platform with AzureAppService for free.

Resources

Internet

ISP

(Mobile) Network Operators

Personal Environment and Networks

Complex Connected Things

Device

Device

Device

Device

Field Gateway

Cloud Systems

Device

Cloud Gateway

Device

LocalInteraction

MNOGatewa

y

Cloud Portals and APIs

Mobile & WebInteraction

Control System

Analytics

Data Management

Watches, Glasses, Work Tools, Hearing Aids,

Robotic Assistance, …

Homes, Vehicles, Vessels, Factories, Farms,

Oil Platforms, …

Vehicle Fleets, Sea Vessels, LV Smart Grids,

Cattle, …

Local Gateway

Local Portals and APIs

Control System

Analytics

Data Management