About Us

Microsoft Made its Secured-core Certification Generally Available

Microsoft is making its Edge Secured-core program for Windows-based IoT devices generally available, addressing security concerns associated with the growing popularity of edge computing. Edge Secured core is a new certification added to the Azure Certified Device program for IoT devices running a full operating system, such as Windows 10 IoT or Linux. While Windows 10 IoT support is generally available, it is still in preview for Linux.

IoT devices at the network edge pose a significant security challenge. IoT device networks that transmit data back to enterprise systems for analysis have several flaws.

Charles Broadfoot, Senior Program Manager at Microsoft expressed, “citing an in-house study conducted in collaboration with Poneman Institute that about 65% of companies adopting IoT solutions mentioned edge security as their topmost priority. Devices that are targeted in IoT attacks can be bricked, held for ransom, or exploited to launch further attacks. The common attacks associated with the IoT devices include stolen IP, data theft, and compromised regulatory status.”

Microsoft initially unveiled the Secured-core concept in 2019 to compete with Apple’s monopoly over its hardware and operating systems. Microsoft collaborated with Windows PC manufacturers as part of this initiative to gain some control over hardware security and have a say in how devices could prevent attacks from exploiting firmware dominance over the Windows kernel.

Microsoft expanded the program later in 2021 to include Windows servers and Azure stack hyperconverged infrastructure (HCI) servers.

Secured core was not intended to be branded on PCs, but rather to certify security for non-Microsoft hardware running Windows. Microsoft has listed devices that are part of the program, including edge and non-edge machines, in its Azure Certified Device catalog.

Apart from validating a hardware device for specific security hardware technology, the certification will ensure users that they are running an operating system with built-in security and that continuous threat monitoring with IoT services such as Microsoft Defender for IoT is being used.

Edge Secured-core will provide IoT device makers with a simple, low-cost differentiator that will allow customers to identify high-security configurations on their devices.

Read more articles:

What is IoT Security?

Unified Endpoint Management- A Software Solution!

Unified Endpoint Management (UEM) is a software solution that allows organizations to monitor and manage all devices like computers, mobile devices, scanners, network devices, IoT, etc. connected to their network using a single management interface. UEM treats all end-users or devices as “Endpoints”.

The Evolution of UEM – Unified Endpoint Management is replacement and upgradation for various traditional tools like Enterprise Mobility Management (EMM), Mobile Device Management (MDM) and Client Management Tools (CMT).

  • Client Management Tools were used to handle client systems and various tasks like software delivery, patch management, and remote control. However, CMT lacked the ability to manage new devices and technologies like mobile devices and the Bring Your Own Device (BYOD) System.
  • As a result, Mobile Device Management (MDM) started being used in situations where the company owned and managed every device solely for security reasons. MDM is the process of remotely managing the utility of mobile devices and allocating functions like corporate functionality, supportability, security while also allowing users some freedom and flexibility. MDM solutions worked at the device level and they lacked control of other external applications, it was difficult to overcome the obstacles posed by BYOD.
  • The limitations visible in MDM solutions, however, led to development of Enterprise Mobility Management (EMM) which includes features Mobile App Management, Mobile Content Management, Containerization, and Identity Management in a centralized solution. This provides a comprehensive approach that addresses all aspects of the device. EMM now allowed employers to remotely manage all devices like smartphones, laptops, tablets, etc., and applications used by organization’s employees. With the introduction of these versatile applications, allowing organizations to communicate and access business resources seamlessly, the emphasis shifted away from application visibility and control towards streamlining worker productivity.


UEM Removes the Need for Multiple Tools

As stated above, there is a shortage of expertise with the use of different tools. Since, administrators must perform a variety of tasks like operating system updates, security measures, and remote monitoring, and it is difficult for administrators to educate themselves on different tools, their negligence may lead to costly mistakes. Therefore, organizations felt the need to avoid multiple solutions. Enterprise firms wanted a solution that brought the management of all end-users and endpoints together on one unified solution.This led to the development of Unified Endpoint Management (UEM) Solutions. UEM solutions are the most recent iterations of software applications that control and track all devices of employees and clients throughout their life cycle. Clients appreciate the right to use their own devices, and employers appreciate the risk minimization and increased productivity that comes with knowing that employees can safely access and use company’s resources.


Features of UEM Solutions

Integration with Multiple Platforms – Unified Endpoint Management is designed to work with multiple platforms like Android, MacOS, Chrome OS, Windows, Linux, etc. It can update, monitor, control, configure and help in migration of device or OS from a single management dashboard.

Compliance – The first step in ensuring system enforcement is deciding which types of devices UEM will allow to enroll as endpoints in company’s network. With user and endpoint compliance UEM establishes perimeter-based security to protect company’s assets. Endpoints are subjected to routine compliance tests to ensure that they are up to date on security fixes, operating system updates, patches and how to treat devices that have been compromised. After a user registers and uses the organization’s network services, the endpoint user must comply with user compliance policy.

Mobile Application Management (MAM) – MAM applies security controls and policies to applications with an option to block dangerous apps. One of the key reasons for failures in a company’s security system is differences in security and management policies for controlling entities, security applications and operating system maintenance. Corporate applications that have been developed in-house can be deployed and controlled through MAM. They can also be isolated from personal applications to protect private information – so an employee does not need to separate their work and personal device but also can maintain distance between their personal and professional lives.

Identity and Access Management – Endpoints are the subject of identity and access management, which ensures that only trusted individuals or devices have safe access to organization’s data. By associating registered devices (endpoints) with users’ credentials with various services like application signing and Single Sign-On (SSO), UEM assesses an endpoint’s behaviour to calculate certificate management risk. This helps indicates whether a user is to be granted or refused access to a particular resource.

Data Stripping – Data stripping is a security technique that removes company’s information from standard applications and redirects it to protected ones. It is a security feature of UEM. It provides a secure and isolated approach to protect organization’s sensitive information.

Devices are becoming more advanced; employees and work policies are changing, and the security environment is constantly changing. These factors are pushing businesses to implement a single endpoint management system (UEM) to handle and protect all endpoints, their users, applications and information in an efficient manner.

Intertrust Platform Now Features Edge-to-cloud Security

Intertrust is expanding its flagship Intertrust Platform with robust, scalable authentication features to protect and manage IoT devices and data in zero-trust circumstances. New features provide end-to-end security and compatibility across data operations and multi-vendor IoT devices for data-driven businesses. Intertrust delivers trustworthy data technology and services to major global organizations, ranging from mobile, consumer electronics, and Internet of Things (IoT) manufacturers to service providers and corporate software platform firms.

Intertrust’s new edge-to-cloud capabilities combine a highly scalable secure device authentication architecture with application protection technology that safeguards devices running at the endpoint from malicious assault, allowing businesses to securely link IoT devices to cloud services. These devices relay trusted data to Intertrust Platform’s data operations layer, even if the data goes across untrusted networks. The control software then analyses and sends these devices reliable authorization signals. The Intertrust Platform offers device management capability through a “single pane of glass,” allowing businesses to choose devices from a variety of vendors while ensuring consistent and reliable security.

The Intertrust Platform gives businesses secure interoperability, allowing data management systems to work together as one. Enterprises can use the Intertrust Platform to choose best-of-breed technology via diverse data management systems from top data platforms, cloud service providers, and other vendors. When dealing with competitors and partners in complex legal and security contexts, this helps avoid vendor lock-in and provides scalability. Apps built on the Intertrust Platform, such as AI, benefit from secure access to controlled data.

Talal G. Shamoon, CEO of Intertrust commented, “Intertrust Platform enables enterprise customers to run interoperable services and devices in the face of growing threats and complex regulatory frameworks. With the addition of edge-to-cloud security for IoT devices in zero-trust networks to the Intertrust Platform, customers now have a comprehensive, secure and scalable platform that interoperates with best of breed data services, AI, and IoT devices in one consistent data operations and device management system.”

Intertrust’s solutions for digital media and energy applications are everywhere. The Intertrust Platform currently includes zero trust features in billions of devices. Intertrust is collaborating with global energy and mobility companies to allow IoT applications in renewable energy, modern grids, and energy retail environments. In addition, the Virtual Power Plant developers will provide security and interoperability between assets operated by diverse businesses.

Read more articles:

What is IoT Security?

What is Cloud Security?

AppOmni Introduced Developer Platform!!

What is IoT Security?

The entire world has stepped into the digital bubble. Cell phones are popular, tablets have substituted spiral notebooks in classrooms, and industries have created cutting-edge technology such as self-driving cars.

Everything appears to be interconnected, especially in the corporate world. Because of the compact design, low profile, and capabilities, the IoT devices dominate the corporate environment and are being used by an insider, making them a formidable tool to avoid traditional security defenses focused on external and recognized threats. 

Infosecurity Outlook experts stated that the term IoT is increasingly making its way into everyday use. However, the internet of things (IoT) has become so large that security development has had to keep up.

IoT security is a technology that helps secure IoT-connected devices and networks. It is the practice of keeping IoT systems safe. IoT security tools help protect IoT devices against threats, identify, and monitor vulnerabilities, also assist in the remediation of flaws. The IoT solution’s availability, integrity, and confidentiality are all ensured by IoT security. If devices are not well secured, allowing them to connect to the internet exposes them to a range of dangers.

The advantages of IoT are evident, but high-profile cyberattacks, combined with uncertainties about security best practices and their related costs, prevent many organizations from utilizing it. Similarly, end-users are concerned about the repercussions of IoT security vulnerabilities.

Although cybercriminals can misuse information at various locations within an IoT platform, from corporate servers to cloud storage, it means you shouldn’t abandon your work tablet in favour of a pen and paper, but simply that you must prioritize IoT security. 

Nevertheless, users can apply a few best methods to prevent threats:

  • Keep track of mobile devices update your antivirus software automatically.
  • Strong login credentials should be mandatory.
  • Install end-to-end encryption.
  • Set up device and software updates regularly. 
  • Choose an expert cybersecurity provider
  • Set up a strict access control policy for APIs.

Conclusion

In addition to security protocols, users should be aware of emerging technology advancements. Recently, IoT security is considered on a priority basis. Research into how to secure specific businesses, monitor IoT-related dangers, and prepare for future game-changers like 5G is ongoing. Users must understand that because the Internet of Things is a dynamic and evolving industry, its security will need to evolve and adapt over time. It also makes sure that the company’s, data, and processes are safe as you develop your IoT network.

T-Mobile and Deutsche Telekom Launch T-IoT for Enterprises

T-Mobile US and Deutsche Telekom AG introduced T-IoT, a complete enterprise solution for global IoT connectivity, support, and administration.

T-IoT provides businesses with a single worldwide staff and a single global solution to manage all of their cross-border connections! It will be offered in 188 destinations and on 383 networks around the world.

In addition, there is limited flexibility in how businesses pay for IoT. Each carrier has its own payment strategy, making it difficult for companies to efficiently deploy IoT globally. Scalability will be even more crucial with 5G to enable meaningful use cases, analytics, data insight, and ROI.

T-Mobile and Deutsche Telekom have teamed up to bring T-IoT to the masses. This global service embodies two terms that aren’t often connected with the Internet of Things: simple and versatile.

President, T-Mobile Business Group, Mike Katz said, “The Un-carrier rewrote the rules of wireless. Now, as America’s 5G leader, with the fastest, largest, and most reliable 5G network, we’re writing the rules of the 5G era, and we’re doing it in favor of customers and businesses. With T-IoT and our award-winning networks, we’re poised to help businesses realize the true potential of IoT by completely disrupting the status quo of how IoT is purchased and managed.”

“One provider. One solution. That’s ‘making it simple’ taken at its word. Many industries, such as healthcare or automotive, depend on international supply chains. And their customers today rely on receiving service and assistance anywhere in the world. We’re able to do that with this transatlantic collaboration, with our networks, for the best customer experience worldwide,” says Hagen Rickmann, Managing Director Business Customers, Telekom Deutschland.

Senior Vice President Research and Development, Volker Lang says, “We combine digital medical solutions and state-of-the-art communication technology. With Home Monitoring, the patient’s vital data is digitally available to the medical team and is constantly analyzed. If threshold values are exceeded, the medical team can react immediately. This only works with an absolutely reliable network that transmits the data reliably at all times. We are active in over 100 countries. The T-IoT infrastructure is indispensable for us.”

User & Entity Behaviour Analytics – An Overview

UEBA technologies employ analytics to construct standard profiles and behaviours for users and entities (servers, routers) in an Enterprise firm over a period. This is referred to as “baselining”. Activity that differs from these standard baselines is flagged as suspicious by UEBA technology and analytics applied to these anomalies helps in the discovery of possible risks and security incidents.

The term UEBA was introduced by one of the leading research firm Gartner. UEBA Solutions includes following three factors –
Use Cases – UEBA solutions gives information on how employees, clients and other entities in the organization’s network behave. They conduct activities like anomaly identification, alerting and tracking. And, contrasting to traditional single use-case based specialized tools, UEBA tools are applicable to multiple use cases.
Data – UEBA collects real time event data in structured and unstructured format from user’s and entity’s activities directly or through an existing IT repository. This Enriched data must be machine-readable.
Analytics – UEBA Solutions uses analytics for user focused data exploration and visualization with machine learning (ML) and statistical models by comparing baseline rules with users and entities’ activities with their profiles to detect anomalies.

UEBA Solution Benefits
UEBA Solutions consider both internal and external threats of an organization when creating new policies and rules. When the attack pattern is unknown (zero-day attack), or if the attack enters laterally by changing credentials, IP addresses in an enterprise, traditional security tools struggle to identify a compromised insider. UEBA solutions can detect these attacks because attackers force compromised users or entities to behave differently than defined rules or baseline.

In most cases, UEBA solutions are provided as a cloud-based service or on-premises, sometimes both to an organization. UEBA vendors often require companies to install appliances for network traffic monitoring. The vendor’s approach and design are flexible in terms of the organization’s current and future needs. It’s takes time of 1 month or more to create baselines, profiles and classes of users and entities.

By determining which users reflect anomalous behaviour as compared to known baselines, UEBA solutions prioritize alerts. A security alarm would not be triggered by a single slightly unusual incident. To generate an alarm, the device needs several indicators of suspicious behaviour. This saves investigating team’s time by reducing number of alerts and allows security analysts to find actual security issues more quickly.

UEBA’s Application in IoT – UEBA can play vital role in security risk of Internet of Things (IoT). Huge number of internet-connected devices are deployed by businesses mostly with less security measures in place. Attackers can hack IoT devices and use them to steal information or to launch attack on other companies like DDoS attack. This can cause significant financial losses. UEBA can monitor large number of connected devices for an enterprise firm, create baselines for similar devices and detect when a device deviates from its normal behavior.

Advanced Analytics in UEBA Solutions – Data Integration helps UEBA solutions to compare data from various sources. UEBA solutions apply statistical models on data gathered from various sources with help of machine learning to do deep behavioural profiling in order to identify sensitive changes in user’s activity. The use of unstructured data for unsupervised learning gives big advantage. Data Presentation is used to present findings in a comprehensible way to security analysts.

Use Cases – Uniqueness of use cases separates UEBA solutions from other tools. UEBA solutions build use cases for various domains like malicious insider, incident prioritization, compromised insider, Identity and privileged access management, data exfiltration, etc. These pre-defined uses cases are available at one click on cloud storage which enables quick deployment.

Decoding Zero Trust Security | Zero Trust Concept & Models (Part-1)

Years after it first got mentioned in 2010, the concept of Zero Trust is regaining momentum. Backed by analysts, vendors, and Cloud Security Alliance; Zero Trust is the latest buzzword in the security industry.

Zero Trust framework got popular in the wake of data breaches and modern cyber-attacks. The traditional security measures focused on creating a security perimeter for insiders, and everything outside the perimeter was untrusted. This model believed that insiders should be trusted and gave them full access to resources. Unfortunately, this model couldn’t cope up with the changing threat landscape with malicious insiders and outside attackers trying to move laterally to target important resources.

Decoding Zero Trust Security

Secondly, an upsurge in the number of IoT devices, increased mobility, and vast adoption of cloud by organizations is constantly pushing the network boundary closer to the identity. So rather than a network-centric perimeter, there is a need to have an identity-based perimeter, with users and devices being the center of focus.

To address these challenges, Zero Trust treats all access request with no trust and gives access permission on a strict need-to-know basis. Zero Trust is a concept in network security based on strict identity verification for users and devices. It requires that every access request by users or devices is fully authorized, authenticated, and encrypted before granting access. True to its nature “Trust nothing, verify everything”; Zero Trust security framework believes that nothing should be trusted and even requests originating from within the security perimeter should be verified. There are three models/ architectures through which Zero Trust security can be implemented in organizations –

  • Software-Defined Perimeter
  • Network Micro-Segmentation
  • Identity Aware Proxy

(This is Part 1 of the blog, where the concept of Zero Trust security is explained, Part 2 will discuss the various models to implement Zero Trust security)