Microsoft is making its Edge Secured-core program for Windows-based IoT devices generally available, addressing security concerns associated with the growing popularity of edge computing. Edge Secured core is a new certification added to the Azure Certified Device program for IoT devices running a full operating system, such as Windows 10 IoT or Linux. While Windows 10 IoT support is generally available, it is still in preview for Linux.
IoT devices at the network edge pose a significant security challenge. IoT device networks that transmit data back to enterprise systems for analysis have several flaws.
Charles Broadfoot, Senior Program Manager at Microsoft expressed, “citing an in-house study conducted in collaboration with Poneman Institute that about 65% of companies adopting IoT solutions mentioned edge security as their topmost priority. Devices that are targeted in IoT attacks can be bricked, held for ransom, or exploited to launch further attacks. The common attacks associated with the IoT devices include stolen IP, data theft, and compromised regulatory status.”
Microsoft initially unveiled the Secured-core concept in 2019 to compete with Apple’s monopoly over its hardware and operating systems. Microsoft collaborated with Windows PC manufacturers as part of this initiative to gain some control over hardware security and have a say in how devices could prevent attacks from exploiting firmware dominance over the Windows kernel.
Microsoft expanded the program later in 2021 to include Windows servers and Azure stack hyperconverged infrastructure (HCI) servers.
Secured core was not intended to be branded on PCs, but rather to certify security for non-Microsoft hardware running Windows. Microsoft has listed devices that are part of the program, including edge and non-edge machines, in its Azure Certified Device catalog.
Apart from validating a hardware device for specific security hardware technology, the certification will ensure users that they are running an operating system with built-in security and that continuous threat monitoring with IoT services such as Microsoft Defender for IoT is being used.
Edge Secured-core will provide IoT device makers with a simple, low-cost differentiator that will allow customers to identify high-security configurations on their devices.
Read more articles: