Archive for the ‘Internet of things; IoT and security’ Category

Securing the Internet of Things: Introducing the Security Program for Azure IoT

This post is authored by Sam George, Partner Director Program Management, Azure IoT

As the Internet of Things (IoT) continues to gain traction in the enterprise, questions of security and privacy are top of mind for business decision makers, executives and IT alike. In our work with customers, we find many businesses are struggling to determine how secure their end-to-end IoT infrastructure is, or even delaying IoT implementations until security best practices and standards can be established and confirmed.

Our goal at Microsoft to keep our customer’s IoT solutions secure.  We already do this on multiple levels, ranging from the cloud and beyond – including Azure’s enterprise-grade security, working with standards bodies on IoT security, and providing comprehensive security recommendations and guidance – to individual assets that only support secure protocols when connecting to devices and the Windows 10 IoT Core secure IoT operating system.

While these are all important aspects of IoT security, we have heard from enterprises that they want additional security assurances to make sure they have assembled their IoT solutions in a secure way from devices, to connectivity, to cloud.

Today, I’m thrilled to announce the Security Program for Azure IoT.  This new program brings together a curated set of best-in-class security auditors customers can choose from to perform a security audit on their IoT solutions, find issues and provide recommendations.  The Security Program for Azure IoT will work from the ground up, examining everything from a businesses’ devices and assets to gateways and even communication to the cloud.

Our initial best-in-class security auditors include Casaba Security LLC, CyberX, Praetorian, and Tech Mahindra and will expand as the program grows. Microsoft will also be working with these security auditing partners and standards organizations, such as the Industrial Internet Consortium (IIC), to establish industry protocols and best practices for security auditing. This is part of our commitment to establish a vibrant and safe IoT ecosystem.

In all our security efforts, Microsoft works with security partners to help protect businesses – and ultimately help us raise the bar across the industry. Select Azure IoT customers will be the first to take advantage of this program to evaluate their end-to-end IoT infrastructure and manage their security risk. In the coming months, we’ll continue to provide updates on the Security Program for Azure IoT, our global auditing partners, and auditing standards.

In the meantime, we invite you to learn more from our Securing Your IoT Deployment and Securing Your Internet of Things from the Ground Up whitepapers. You can also read more about our public recommendations for cybersecurity and IoT standards or attend our upcoming talk at IoT Solutions World Congress on Trustworthy Internet of Things Infrastructure. For more information about the security auditing program, please visit our partner page on

Microsoft partners with cities and governments to improve cybersecurity for citizens

February 3rd, 2015 No comments

City life is changing – there is no doubt about that. Unprecedented population shifts and extraordinary growth have impacted how urban populations live and work together. For city leaders, this rapid change has created not only unique challenges, but also significant opportunities.

Many are looking to technologies like the Cloud and Internet of Things (IoT) devices to solve growing problems, and for good reason. The Cloud increases efficiency and simplifies operations in ways never thought possible in the past and devices make connectivity possible anytime and anywhere. These improvements help city leaders focus more heavily on managing and modernizing services for their citizens, and tackling the challenges of running their cities.

Introducing new technology, though, has its own set of risks. In terms of cybersecurity, it’s important to fully understand these complex issues and have a well-thought strategy in place. Microsoft remains committed to supporting National and City governments in developing a unified approach to cybersecurity. Furthering this commitment, Microsoft CityNext has recently joined the Rockefeller Foundation’s 100 Resilient Cities (100RC) as a platform partner to help build resilience in cities around the world.

As a platform partner, Microsoft will offer 100RC member cities a wealth of best practices, resources, and industry expertise gained from extensive experience in the cybersecurity space, including a seven-step approach to help cities design and implement cybersecurity strategies. We hope that this partnership further emphasizes the need for cities to develop holistic strategies, and will help leaders enhance services, manage operations, and protect citizens.

To learn more about the partnership, read the Microsoft CityNext blog post.