The Edge Secured-core program is designed to validate IoT devices for specific security hardware technology, and ensure users that they are running an OS with built-in security technology. Credit: Metamorworks / Getty Images Addressing security concerns associated with the growing momentum for edge computing, Microsoft is making its Edge Secured-core program for Windows-based IoT devices generally available. Added as a new certification under the Azure Certified Device program, Edge Secured-core is for IoT devices running a full operating system, such as Windows 10 IoT or Linux. While support for Windows 10 IoT is generally available, it is still in preview for Linux. IoT devices at the network edge pose an enormous security challenge. Networks of IoT devices, transmitting data back to enterprise systems for analysis, have multiple points of weakness. Citing an in-house study conducted in collaboration with Poneman Institute, Charles Broadfoot, senior program manager at Microsoft, said in a blog post that about 65% of companies adopting IoT solutions mentioned edge security as their topmost priority. Devices that are targeted in IoT attacks can be bricked, held for ransom, or exploited to launch further attacks. The common attacks associated with the IoT devices include stolen IP, data theft, and compromised regulatory status, Broadfoot added. What does an Edge Secured-core device include? To meet security requirements for IoT devices, Edge Secured-core certified devices will address issues such as device identity, secure boot, operating system hardening, device updates, data protection, and vulnerability disclosures. Additionally, an Edge Secured-core device will require OEMs to supply device updates for a period of at least 60 month. Other device requirements include support for modern protocols and algorithms to protect data at rest and in transit. The certification, apart from validating a hardware device for specific security hardware technology, will ensure users that they are running an operating system with built-in security and the use of continuous threat monitoring with IoT services such as Microsoft Defender for IoT. Edge Secured-core will provide IoT device makers with an easy, low-cost differentiator enabling customers to identify high-security configurations on their devices, according to Broadfoot. Microsoft’s Secured-core concept expands Microsoft first introduced the Secured-core concept in 2019 in an effort to match Apple’s control over its own hardware and operating systems. Within this initiative, Microsoft partnered up with Windows PC makers to gain some control over hardware security, and have a say in how devices could stop attacks from exploiting firmware dominance over the Windows kernel. Later in 2021, Microsoft expanded the program to include Windows servers and Azure stack hyperconverged infrastructure (HCI) servers. Various server products from vendors including Dell, HPE, Lenovo, AMD, and NEC—which ran Windows Server 2016, 2019, and 2022 versions—received Secured-core approval. Secured-core was not designed to be included as branding on the PCs, but only to certify security for non-Microsoft hardware running Windows. Microsoft has listed devices, including edge and non-edge machines, that are part of the program in its Azure Certified Device catalog. Related content news FBI warns Black Basta ransomware impacted over 500 organizations worldwide CISA advisory includes indicators of compromise and TTPs that can be used for threat hunting. By Lucian Constantin May 14, 2024 6 mins Ransomware Phishing Healthcare Industry news Australian federal budget outlines investment in cybersecurity The Australian government announced its 2024-25 federal budget and CSO has selected highlights that indicate how much will go towards cybersecurity and in what areas. By Samira Sarraf May 14, 2024 5 mins Fraud Protection and Detection Software Data and Information Security brandpost Sponsored by Microsoft Security New threat trends emerge out of East Asia With total vigilance concerning the latest East Asian developments in the threat landscape, security leaders can enhance their readiness to safeguard against the most imminent dangers. By Microsoft Security May 14, 2024 5 mins Security news Equipped with AI tools, hackers make apps riskier than ever The odds of attacks are growing as attackers can now easily access code modification and reverse engineering tools. By Shweta Sharma May 14, 2024 4 mins Application Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe