Forum Discussion
95twr
Microsoft
MicrosoftAsk the IoT Expert: Ask us any IoT Security Questions you have in September
Secure transmission of data from devices in the field can be challenging depending on the business environment. What do you do if you have a need to create an IoT Solution that operates on an offshore oil rig? How do you securely transmit data from devices that may have been installed over a decade ago? This month we’re starting off the Ask the IoT expert series focusing on IoT and security.
We are looking for your questions and ideas and we’ll respond, so go ahead and ask us anything!
My name is Martin Tuip and I’m the worldwide Azure IoT Security and Windows IoT Marketing Lead at Microsoft and joined by a team of Microsoft IoT experts to answer any questions you may have regarding this topic: Arjmand Samuel (all up IoT security expert), Eustace Asanghanwa (security at the edge expert) Nicole Berdy (all things DPS and more) and Ramit Malhotra (all up IoT security and certificates expert).
If you have any questions regarding IoT security, please leave them as comments in this very discussion and one of us will be here to answer it. To make this Ask the IoT Expert globally inclusive the Q&A will play out in this post and last for the whole month of September. You can also count on us leaving hints and tips throughout the month in this post.
Developers, we’re looking forward to your questions – please ask away!
Martin
#iot #azureiot #Developer #IoTArchitect #RealWorldScenario #IoTSecurity
- What is the best pattern for passing secrets (connection credentials etc.) into Azure IoT Edge Modules. In our scenario these would be IoT Edge modules in the Azure Marketplace, which our users would need to pass secrets into in order to connect to a SaaS Service.
We are considering Env variables, but not sure if there is a security concern with this approach we should be considering. - 95twr
As September comes to a close, I'd like to thank you all for participating and asking questions on this month's "Ask The Expert" topic.
My closing thoughts on this topic are that The Internet of Things (IoT) creates both great opportunities as well as challenges for businesses. As IoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, and/or people, this interconnectivity of devices through the internet opens them up to cyber risk if they are not properly protected. We all have to understand that IoT security is fundamental and needs to be addressed throughout the eco-system as organizations’ assets, data, brand, and reputation are on the line.
95twr Here are my questions:
1. Where will Azure SQL edge fit? Will the future IOT Developer include this or will a new cert emerge(Under SQL Server)?
2. How many of the regular SQL server security features will be present in this SQL Edge solution?
I wonder how performance of this remote devices will be managed and monitored. How DDOS attacks be regulated/observed?
- 95twr
George Carlisle Good questions, I will reach out to some on the SQL side and see what they say.
95twr I'd to know about a 101 on check lists for security on IoT Hub.
Also what should be the correct setup to avoid mqtt-dup from a gateway sending messasges to IoT Hub, is there any kind of ACK I can/should set up?
I am running 5k Windows 10 IoT enterprise Thinclient at work with UWF + monthly patching via SCCM and having difficulties keeping up with security in an effective manner.
The time to perform monthly patching and WinSXS compact is taking much longer time than redeploy the OS. Is there a plan to improve this?
- 95twr
Thanks for your question. Have you tried cleaning up the component store
- Hi. What is my Iot security on this September? Just I would like to know
Thanks
