Microsoft bolsters easier IoT to cloud data security with industry partners



IoT security Easier IoT security

Security services firm Thales, Australian telco Telstra and open source hardware and software company Arduino say they have a much easier pill to swallow when it comes to delivering good security without headaches.

Thales and Telstra are working with Microsoft and Arduino to pave the way for scalable security for connected IoT devices, by deploying a system that enables trusted and secure end-to-end communications between devices and the cloud.

The technology enables instant and standardised mutual authentication between a device and a cloud platform via cellular networks, while fully-complying with GSMA IoT SAFE security specifications.

Microsoft has integrated the IoT SAFE solution within its Azure IoT Hub and has also provided Azure Stream Analytics, the Cosmos DB and Power BI services to quickly enable the development of safe end-to-end IoT applications.

Within the IoT ecosystem, billions of devices collect, process and send data to the cloud, where a range of different IoT services are executed. To enable security, the IoT cloud service must have absolute trust in data received from connected devices. Equally, devices need to trust the cloud.

This is only possible if the device and server are mutually authenticated. However, the new partners said that the IoT devices market is so fragmented – with a patchwork of different operating systems and chips being utilised – that security services scalability and duplication are “very limited”.

The level of trust enabled by the new solution is reached by a “security-by-design” approach for any IoT devices based on standardised SIM or eSIM technology.

As soon as an IoT device is switched on, any SIM or eSIM featuring Thales’s IoT SAFE application is automatically and securely provisioned. Once the IoT device gets a proper digital certificate created and stored in the SIM/eSIM, then a trusted communication between the device and the server is permitted, in full respect of data integrity and confidentiality.

Tony Shakib, general manager for Azure IoT business acceleration at Microsoft, said: “By bringing together each IoT technology layer – device, software, network and cloud – we can deliver a more streamlined approach to IoT security. This allows customers and partners to focus on creating business value from their solutions while ensuring their IoT deployments remain secure.”

Gerhard Loots, global IoT solutions executive at Telstra, said: “The key role of GSMA IoT SAFE specifications is to deliver scalable and future-proof IoT security for cellular networks. Being able to offer standardised easy-to-implement IoT security to our customers is a huge leap forward for all use cases, including smart energy, automotive, health and home solutions.”

Emmanuel Unguran, SVP mobile and connectivity solutions at Thales, added: “With this hassle-free approach we are supporting a sustainable and scalable trusted ecosystem from which all key stakeholders, such as mobile network operators, device manufacturers and IoT industries, can benefit.”