IoT is a huge topic, especially for enterprises. Many have been doing it for years, and many more are interested in doing it for the first time. Companies like Target have proven that it is often these smaller and non-obvious machines that are being used to penetrate systems and cause havoc or steal information. Utilizing an air-gap or analog segregations only make manipulations more difficult to detect. Microsoft has created a very robust set of Azure services to mitigate any qualms about using their cloud services, but what about their connected devices? Could an infiltrator access these to penetrate the system, or modify their programming to cause malicious damage?
Microsoft’s first line of protection is developing code with security in mind from the beginning. All software developed by Microsoft has security in mind during all parts of the software development lifecycle, Including Windows. Windows 10 IoT Core is no exception to this. Very few other vendors have the time, resources, and experiences as Microsoft to take security so seriously.
Windows 10 IoT
As mentioned before, Window 10 IoT is the Operating System that Microsoft developed to run on IoT devices like the Raspberry Pi and Minnowboard Max. It has the distinct advantage to leverage the time-tested security features of big Windows itself. We can utilize existing safe-guards in several key categories such as information protection, malware resistance, core security, and advanced lockdown.
Bitlocker is a key aspect to help protect data at rest. This is a system wide encryption of the files on the IoT storage device. Someone with physical access to the device can’t copy out the memory and find out how your software works, or obtain encryption keys to access cloud services. Conversely, because of the encryption, someone cannot modify files on the device to change the programming or configuration.
Secure Boot is Microsoft’s way of verifying that the operating system is authentic and untampered with. When UEFI with Secure Boot starts, the UEFI firmware verifies that the bootloader’s digital signature has not changed after it was signed. It also verifies that a trusted authority issued the digital signature. With this kind of protection, no malware can modify the device and have its code run. At best, it would be detected and the device would no longer start.
Securing the Windows Core
Device Guard allows only trusted applications to run, and nothing else. An organization wanting to use this feature will sign the software that it wants to run across its system. Only this signed software will run. It is important to also note, that Organizations can sign software they do not make without needing to rebuild or repackage the software, this allows third-party software to be trusted as well.
Windows 10 IoT Core contains many ways to lock down specific capabilities of the device. Whether its booting straight into a desired Universal app, or locking down unauthorized USB peripherals, Windows 10 IoT provides these capabilities to create a dedicated device experience. In addition, there is nothing listening to unsolicited traffic on Windows 10 IoT, this prevents drive-by attacks.
These are just a few of the many ways that Microsoft has built into its IoT operating system. But with just these examples, we can see that data is protected at rest. That the operating system cannot be tampered with, and applications too are verified before running. These protections cover remote malware as well as people with physical access to the device. In addition, when following Microsoft’s SDLC, by building apps that only listen to pre-authorized cloud endpoints, we can be confident in the end-to-end security of the IoT hardware and services provided by Microsoft.
To see more on how Microsoft handles security on their IoT and Azure Platforms check out their videos on Channel 9.