53 min
Secure by Default with Microsoft: “Without IoT security people will be reluctant to innovate.” Beyond The Now IoT Security Podcast | PSA Certified
-
- Technology
In our second #beyondthenow podcast episode with Microsoft, we take a deep dive into IoT security with Eustace Asanghanwa (Principal Program Manager for Security, Azure IoT, Microsoft). Eustace and David explore IoT security challenges, what we mean by a secure by default approach, and the benefits of protection profiles. They also discuss Microsoft Azure's PSA Certified Level 1 certification, how it is helping to facilitate better collaboration with the ecosystem, and why we need to see more cohesion between different security certification schemes.
Introductions to Eustace and Microsoft. [01:24]
The Azure RTOS is PSA Certified Level 1 and how this addresses the ‘trilemma’ of IoT security. [03:56]
PSA Certified is also helping to facilitate collaboration between the AzureRTOS and the ecosystem. [06:56]
People value IoT security but they don’t always know what it means. [09:41]
Securing the IoT will encourage new innovations [10:44]
The autonomy of IoT devices is removing the ‘human companion’ and the IoT security protection that provides. [12:01]
What is a ‘secure by default’ approach to security? [16:11]
A Secure by default approach enables a threat modeling mindset. [17:08]
When you design-in security you need to consider the product’s entire lifecycle. [18:52]
People are willing to invest in IoT security because they understand the value of the IoT and digital transformation. [22:10]
Securely deploying the IoT requires an ecosystem approach. [23:00]
It's unrealistic to expect system integrators to become experts in all areas of IoT development and deployment. [24:53]
As an ecosystem, we need to work together on the solutions to reduce the burden on system integrators. [26:29]
Microsoft Azure’s Blueprint approach to IoT security. [27:39]
Confidential Compute and the edge. [31:47]
Protection profiles help us to answer the question ‘Is this device secured?’ [33:21]
Protection profiles create a baseline of requirements for specific devices to be secured. [36:20]
Multiple certifications help us target security at different levels of granularity. [39:36]
We expect to see a more cohesive composition between IoT security certification schemes that target different functionalities and markets. [41:27]
Eustace’s predictions for the IoT in 5 years’ time. [46:02]
Blockchains might lower the cost of security infrastructure. [49:01]
Eustace’s top piece of IoT security advice. [50:26]
In our second #beyondthenow podcast episode with Microsoft, we take a deep dive into IoT security with Eustace Asanghanwa (Principal Program Manager for Security, Azure IoT, Microsoft). Eustace and David explore IoT security challenges, what we mean by a secure by default approach, and the benefits of protection profiles. They also discuss Microsoft Azure's PSA Certified Level 1 certification, how it is helping to facilitate better collaboration with the ecosystem, and why we need to see more cohesion between different security certification schemes.
Introductions to Eustace and Microsoft. [01:24]
The Azure RTOS is PSA Certified Level 1 and how this addresses the ‘trilemma’ of IoT security. [03:56]
PSA Certified is also helping to facilitate collaboration between the AzureRTOS and the ecosystem. [06:56]
People value IoT security but they don’t always know what it means. [09:41]
Securing the IoT will encourage new innovations [10:44]
The autonomy of IoT devices is removing the ‘human companion’ and the IoT security protection that provides. [12:01]
What is a ‘secure by default’ approach to security? [16:11]
A Secure by default approach enables a threat modeling mindset. [17:08]
When you design-in security you need to consider the product’s entire lifecycle. [18:52]
People are willing to invest in IoT security because they understand the value of the IoT and digital transformation. [22:10]
Securely deploying the IoT requires an ecosystem approach. [23:00]
It's unrealistic to expect system integrators to become experts in all areas of IoT development and deployment. [24:53]
As an ecosystem, we need to work together on the solutions to reduce the burden on system integrators. [26:29]
Microsoft Azure’s Blueprint approach to IoT security. [27:39]
Confidential Compute and the edge. [31:47]
Protection profiles help us to answer the question ‘Is this device secured?’ [33:21]
Protection profiles create a baseline of requirements for specific devices to be secured. [36:20]
Multiple certifications help us target security at different levels of granularity. [39:36]
We expect to see a more cohesive composition between IoT security certification schemes that target different functionalities and markets. [41:27]
Eustace’s predictions for the IoT in 5 years’ time. [46:02]
Blockchains might lower the cost of security infrastructure. [49:01]
Eustace’s top piece of IoT security advice. [50:26]
53 min