Cloud Provider Microsoft Azure Rolls Out Security Center for IoT

Microsoft Azure today announced Azure Security Center for IoT, which provides hybrid cloud security management and threat protection capabilities to help its manufacturing customers monitor the security status of their Azure-connected Internet of Things devices used in industrial applications.

The cloud provider’s new offering is designed to make it easier for partners and customers to build enterprise-grade industrial IoT solutions with open standards and ensure their security.

“They want security more integrated into every layer, protecting data from different industrial processes and operations from the edge to the cloud,” Sam George, Microsoft Azure’s IoT director, said in a blog post yesterday. “They want to enable proof-of-concepts quickly to improve the pace of innovation and learning, and then to scale quickly and effectively. And they want to manage digital assets at scale, not dozens of devices and sensors.”

While some cloud providers address pieces of this puzzle, Azure is the world’s first cloud offering to deliver “an end-to-end, unified approach to IoT security,” according to Caglayan Arkan, Microsoft’s global lead of manufacturing and resources industry.

Azure Security Center for IoT allows customers to find missing security configurations across IoT devices, the edge and cloud.

“They can check which ports are open on their IoT devices, confirm their (structured query language) database is encrypted and act to remediate any issues,” Arkan said in a blog post.

Microsoft Azure said it sources threat intelligence from the 6 trillion-plus signals that Microsoft collects daily and provides that information in the security center, which integrates with Azure IoT Hub to provide IoT security information inside the portal.

“This means manufacturers can take advantage of a single view of security across all their Azure solutions — including Azure IoT solutions, from edge devices to applications — using hundreds of built-in security assessments in a central dashboard,” Arkan said.

Volpara Solutions piloted the Azure Security Center for IoT. The Wellington, New Zealand-based company, which has a U.S. office in Rochester, N.Y., provides breast imaging analytics and analysis products.

“The Microsoft Azure IoT Security solution provides us with management and threat protection for the full stack, including IoT devices, IoT hubs as well as the computing and data resources utilized by our solutions, effectively saving us from ‘rolling our own’ and aligning our IoT security neatly with our other Azure-based solutions and line-of-business application usage,” Garth Beaumount, Volpara’s chief information security officer, said in a statement.

Microsoft Azure unveiled the Azure Security Center for IoT and other updates in advance of its presence next week at Hannover Messe, the industrial technology trade show in Hannover, Germany.

It upgraded Azure Sentinel, its cloud-native security information and event management tool unveiled earlier last month, to allow customers to combine their IoT security data with their other security data and use analysis or machine learning to identify and address threats.

Microsoft Azure extended its Azure IP Advantage benefits, its intellectual property protection offering, to customers with Azure-connected IoT devices. The program offers unlimited indemnification coverage for Azure Sphere, Microsoft’s Linux-based operating system for internet-of-things applications, and Windows IoT, its family of operating systems designed for use in embedded systems. It also gives customers access to 10,000 Microsoft patents to defend themselves against IP lawsuits.

Microsoft Azure also rolled out OPC Twin and OPC Vault as part of its Azure Industrial IoT Cloud Platform. OPC Twin creates a digital twin of manufacturers’ OPC unified architecture-enabled machines and makes the information model of that specific machine available in the cloud, while OPC Vault automates security management by creating, managing and revoking certificates for OPC UA-enabled machines on a global scale.