Tag Archives: closer

RSA teams up with Yubico for passwordless authentication

The world might be one step closer to the passwordless future that security enthusiasts dream of.

On Dec. 10, RSA Security announced a strategic partnership with Yubico, the company known for its USB authentication keys, to drive passwordless authentication in the enterprise. The partnership combines Yubico’s YubiKey technology with RSA’s FIDO-powered SecurID authentication to eliminate passwords for enterprise employees, particularly those in use cases where mobile phones may not be appropriate or permitted for authentication. The combined offering, YubiKey for RSA SecurID Access, will launch in March.

Jim DucharmeJim Ducharme

In this Q&A, Jim Ducharme, vice president of identity and fraud and risk intelligence products at RSA, discusses the new Yubico partnership, FIDO as a standard and how close we are to the so-called “death of passwords.”

Editor’s note: This interview has been edited for length and clarity.

Tell me how the Yubico partnership came to be.

Jim Ducharme: I was talking to a customer and they mentioned how customers are struggling with the various use cases out there for people to prove to be who they say they are. A few years ago, I think that everybody thought that the world was just going to be taken over by mobile phone authentication and that’s all they’d ever need and they’d never need anything else. But they’re quickly realizing that they need multiple options to support the various use cases. Mobile authentication is certainly a new modern method that is convenient, given that everybody is walking around with a mobile phone, but there are a number of use cases, like call centers, remote workers and even folks who, believe it or not, don’t have a smartphone, that they still need to care for and make sure that they are who they say they are.

At RSA, we’ve had our SecurID tokens for quite a while now, but there are other use cases that we’ve found. FIDO-compliant devices were looked at as something that customers wanted to deploy. Particularly hardware-based ones like a Yubico security key. And RSA was the founding member of the FIDO subcommittee on enterprise application, but largely the uptick has been on the consumer identity side of it. We wanted to figure out how we can help the enterprise with their employee use cases, leveraging FIDO and these standards, coupled with these other use cases like call centers or areas where there is a particular device that a user needs to use and they need to prove they are who they say they are.

This customer sent me on this sort of tour of asking my customers what they thought about these use cases and I was amazed at how many customers were already looking at this solution yet finding themselves having to purchase Yubico keys from Yubico and purchase RSA from us for the FIDO backend. It’s only natural for us to bring these two strong brands together to give customers what they need sort of all-in-one box, virtually if you will. Now what we offer is more choice in how users authenticate themselves, allowing them to transform as maybe they get more comfortable with adopting mobile authentication. A lot of users don’t want to use their mobile phone for corporate authentication, but that’s slowly increasing. We wanted to make sure we were providing a platform that can allow users that flexibility of choice, but as the same time, allow our customers and the identity teams to have a single structure to support those different use cases and allow that transformation to happen over time, whether it be from hardware devices, hardware tokens, to mobile authenticators to desktop authenticators to new biometrics, et cetera.

How does this partnership with Yubico fit into RSA’s overall strategy?

Ducharme: Obviously things like a Yubico device is just another form of a passwordless authenticator. But there are plenty of passwordless authenticators out there right now — most people have them in their hands now with [Apple] Face ID and Touch ID, but that’s only part of the solution. Our focus is an identity ecosystem that surrounds the end user and their authenticator where passwords still exist. Despite these new passwordless authenticators, we still haven’t managed to get rid of the password. The help desk is still dealing with password resets, and the support costs associated with passwords are actually going up instead of down. If we’re implementing more and more passwordless authentication, why is the burden on the help desk actually going up? The reality is, most of these passwordless authentication methods are actually not passwordless at all. These biometric methods are nothing more than digital facades on top of a password, so the underlying password is still there. They’re allowing a much more passwordless experience, which is great for the end user, but the password is still there. We’re actually finding that in many cases, the help desk calls are going up because you’re not using that password as frequently as you used to, and now once a month or once a week when people have to use it, they are more apt to forget it than the password they use every single day. We’re actually seeing an increase in forgotten passwords because the more we’re taking passwords out of users’ hands, the more they’re actually forgetting it. We really have to go that last mile to truly get rid of the passwords.

Strategically, our goal is not only to have a spectrum of passwordless authentication and experiences for end users, but we also have to look at all of these other places where the password hides and eliminate those [uses]. Until we do, the burden on the help desk, the costs on the IT help desk are not going to go down, and that’s one of the important goals of moving towards the passwordless world, and that’s where our focus is.

Do you think companies are worried about lost keys and having that negatively impact availability?

Ducharme: Yes. As a matter of fact, we had a customer dinner last night and that is probably one of the number one [concerns], the notion of lost keys. The thing that’s nice about the YubiKey devices is that they sit resident within the device so the odds of losing it are less such. But it absolutely is still an issue. Whenever you have anything that you have to have, you could potentially lose it.

We need to make sure they’re easily replaceable, not just easy but cost-wise as well, and couple that with credential enrollment recovery. When they lose those devices, make sure that they still have accessibility to the systems they still need access to. Even if you don’t lose it permanently, you forget it on your desk at home and when you arrive to work, well, you can’t be out of business for the day because you left your key at home. That’s what we’re working on — what do you do when the user doesn’t have their key? We still need to be able to provide them access very securely and while not reverting back to a password. What we’re trying to do is surround these physical devices and mobile phones with these recovery mechanisms when the user doesn’t have access to their authenticator, whatever form it is. 

How much progress do you think FIDO has made in the last couple years?

Ducharme: FIDO has gotten a lot of good brand recognition. We’re seeing some uptick in it, but we think with this announcement we’re hoping to really increase the pace of adoption. The great news is we’re seeing the support in things like the browsers. It was a huge milestone when Microsoft announced its support with Windows Hello. We’re starting to get the plumbing in all the right places so we’re very optimistic about it. But the actual application, it’s still a vast minority of a lot of customers in the enterprise use case, and a lot of that has to do with the technology refresh cycles. Are they getting the browsers on the end users’ laptops? Are they using Hello for business? But honestly, these upgrade cycles to Windows Hello are happening faster than the previous Windows cycles, so I’m optimistic about it. But what we’re encouraged by is the adoption of the technology like FIDO, like Web OPM, within the browsers and the operating systems; the end user adoption, by which I mean the companies deploying these technologies to their end users, isn’t quite there yet. This is what we’re hoping to bring out.

Do you think we’re going to see the death of passwords sometime in the next several years?

Ducharme: I’ve been in the identity space now for about 20 years. During a lot of that, I would say to myself the password will never die. But I actually think we’re on the cusp of really being able to get rid of the password. I’ve seen the market understand what it’s truly going to take to get rid of the password from all facets. We have the technology now that it’s accessible with people every day with their mobile phones, wrist-based technologies and all of that. We have the ability to do so. It’s within reach. The question will be, how do we make this technology successful, and how do we make it a priority? So I really am optimistic. What we’ll have to do is push through people using passwordless experiences to help people understand that we really have to get rid of the underlying passwords. The industry’s going to have to do the work to flush out the password for the last mile. I believe the technologies and the standards exist to do so, but until we start looking at the security implications and the costs associated with those passwords and really take it seriously, we won’t do it. But I do believe we have the best opportunity to do it now.

Go to Original Article
Author:

Windows Server 2008 end of life: Is Azure the right path?

As the Windows Server 2008 end of life inches closer, enterprises should consider which retirement plan to pursue before security updates run out.

As of Jan. 14, Microsoft will end security updates for Windows Server 2008 and 2008 R2 machines that run in the data center. Organizations that continue to use these server operating systems will be vulnerable because hackers will inevitably continue to look for weaknesses in them, but Microsoft will not — except in rare circumstances — provide fixes for those vulnerabilities. Additionally, Microsoft will not update online technical content related to these operating systems or give any free technical support.

Although there are benefits to upgrading to a newer version of Windows Server, there may be some instances in which this is not an option. For example, your organization might need an application that is not compatible with or supported on newer Windows Server versions. Similarly, there are situations in which it is possible to migrate the server to a new operating system, but not quickly enough to complete the process before the impending end-of-support deadline.

Microsoft has a few options for those organizations that need to continue running Windows Server 2008 or 2008 R2. Although the company will no longer give updates for the aging operating system through the usual channels, customers can purchase extended security updates.

You can delay Windows Server 2008 end of life — if you can afford it

Those who wish to continue using Windows Server 2008 or 2008 R2 on premises will need Software Assurance or a subscription license to purchase extended updates. The extended updates are relatively expensive, or about 75% of the cost of a current version Windows Server license annually. This is likely Microsoft’s way of trying to get customers to migrate to a newer Windows Server version because the extended security updates cost almost as much as a Windows Server license.

The other option for those organizations that need to continue running Windows Server 2008 or 2008 R2 is to migrate those servers to the Azure cloud. Organizations that decide to switch those workloads to Azure will receive free extended security updates for three years.

Servers often have multiple dependencies, and you will need to address these as part of the migration planning.

Know what a move to Azure entails

Before migrating a Windows Server workload to the cloud, it is important to consider the pros and cons of making the switch to Azure. The most obvious benefit is financial and gives you a few years to run this OS without the hassle of having to pay for extended security updates.

Another benefit to the migration to Azure is a reduction in hardware-related costs. Windows Server 2008 was the first Windows Server version to include Hyper-V, but many organizations opted to install Windows Server 2008 onto physical hardware rather than virtualizing it. If your organization runs Windows Server 2008/2008 R2 on a physical server, then this is a perfect opportunity to retire the aging server hardware.

If your Windows Server 2008/2008 R2 workloads are virtualized, then moving those VMs to Azure can free up some capacity on the virtualization hosts for other workloads.

Learn about the financial and technical impact

One disadvantage to operating your servers in Azure is the cost. You will pay a monthly fee to run Windows Server 2008 workloads in the cloud. However, it is worth noting that Microsoft offers a program called the Azure Hybrid Benefit, which gives organizations with Windows Server licenses 40% off the cost of running eligible VMs in the cloud. To get an idea of how much your workloads might cost, you can use a calculator and find more details at this link.

Another disadvantage with moving a server workload to Azure is the increased complexity of your network infrastructure. This added complication isn’t limited just to the migrating servers. Typically, you will have to create a hybrid Active Directory environment and also create a VPN that allows secure communications between your on-premises network and the Azure cloud.

Factor in these Azure migration considerations

For organizations that decide to migrate their Windows Server 2008 workloads to Azure, there are a number of potential migration issues to consider.

Servers often have multiple dependencies, and you will need to address these as part of the migration planning. For instance, an application may need to connect to a database that is hosted on another server. In this situation, you will have to decide whether to migrate the database to Azure or whether it is acceptable for the application to perform database queries across a WAN connection.

Similarly, you will have to consider the migration’s impact on your internet bandwidth. Some of your bandwidth will be consumed by management traffic, directory synchronizations and various cloud processes. It’s important to make sure your organization has enough bandwidth available to handle this increase in traffic.

Finally, there are differences between managing cloud workloads and ones in your data center. The Azure cloud has its own management interface that you will need to learn. Additionally, you may find your current management tools either cannot manage cloud-based resources or may require a significant amount of reconfiguring. For example, a patch management product might not automatically detect your VM in Azure; you may need to either create a separate patch management infrastructure for the cloud or provide the vendor with a path to your cloud-based resources.

Go to Original Article
Author:

Jake Braun discusses the Voting Village at DEF CON

Election security continues to be a hot topic, as the 2018 midterm elections draw closer. So, the Voting Village at DEF CON 26 in Las Vegas wanted to re-create and test every aspect of an election.

Jake Braun, CEO of Cambridge Global Advisors, based in Arlington, Va., and one of the main organizers of the DEF CON Voting Village, discussed the pushback the event has received and how he hopes the event can expand in the future.

What were the major differences between what the Voting Village had this year compared to last year?

Jake Braun: The main difference is it’s way bigger. And we’ve got, end to end, the voting infrastructure. We’ve got voter registration, a list of voters in the state of Ohio that are in a cyber range that’s basically like a county clerk’s network. Cook County, Illinois, their head guy advised us on how to make it realistic [and] make it like his network. We had that, but we didn’t have the list of voters last year.

That’s the back end of the voter process with the voter infrastructure process. And then we’ve got machines. We’ve got some new machines and accessories and all this stuff.

Then, on the other end, we’ve got the websites. This is the last piece of the election infrastructure that announces the results. And so, obviously, we’ve got the kids hacking the mock websites.

What prompted you to make hacking the mock websites an event for the kids in R00tz Asylum?

Braun: It was funny. I was at [RSA Conference], and we’ve been talking for a long time about, how do we represent this vulnerability in a way that’s not a waste of time? Because the guys down in the [Voting Village], hacking websites is not interesting to them. They’ve been doing it for 20 years, or they’ve known how to do it for 20 years. But this is the most vulnerable part of the infrastructure, because it’s [just] a website. You can cause real havoc.

I mean, the Russians — when they hacked the Ukrainian website and changed it to show their candidate won, and the Ukrainians took it down, fortunately, they took it down before anything happened. But then, Russian TV started announcing their candidate won. Can you imagine if, in November 2020, the Florida and Ohio websites are down, and Wolf Blitzer is sitting there on CNN saying, ‘Well, you know, we don’t really know who won, because the Florida and Ohio websites are down,’ and then RT — Russian Television — starts announcing that their preferred candidate won? It would be chaos.

Anyway, I was talking through this with some people at [RSA Conference], and I was talking about how it would be so uninteresting to do it in the real village or in the main village. And the guy [I was talking to said], ‘Oh, right. Yeah. It’s like child’s play for them.’

I was like, ‘Exactly, it’s child’s play. Great idea. We’ll give it to R00tz.’ And so, I called up Nico [Sell], and she was like, ‘I love it. I’m in.’ And then, the guys who built it were the Capture the Packet guys, who are some of the best security people in the planet. I mean, Brian Markus does security for … Aerojet Rocketdyne, one of the top rocket manufacturers in the world. He sells to [Department of Defense], [Department of Homeland Security] and the Australian government. So, I mean, he is more competent than any election official we have.

The first person to get in was an 11-year-old girl, and she got in in 10 minutes. Totally took over the website, changed the results and everything else.

How did it go with the Ohio voter registration database?

Braun: The Secretaries of State Association criticized us, [saying], ‘Oh, you’re making it too easy. It’s not realistic,’ which is ridiculous. In fact, we’re protecting the voter registration database with this Israeli military technology, and no one has been able to get in yet. So, it’s actually probably the best protected list of voters in the country right now.

Have you been able to update the other machines being used in the Voting Village?

Braun: Well, a lot of it is old, but it’s still in use. The only thing that’s not in use is the WinVote, but everything else that we have in there is in use today. Unlike other stuff, they don’t get automatic updates on their software. So, that’s the same stuff that people are voting on today.

Have the vendors been helpful at all in providing more updated software or anything?

Braun: No. And, of course, the biggest one sent out a letter in advance to DEF CON again this year saying, ‘It’s not realistic and it’s unfair, because they have full access to the machines.’

Do people think these machines are kept in Fort Knox? I mean, they are in a warehouse or, in some places, in small counties, they are in a closet somewhere — literally. And, by the way, Rob Joyce, the cyber czar for the Trump administration who’s now back at NSA [National Security Agency], in his talk [this year at DEF CON, he basically said], if you don’t think that our adversaries are doing exactly this all year so that they know how to get into these machines, your head is insane.

The thing is that we actually are playing by the rules. We don’t steal machines. We only get them if people donate them to us, or if we can buy them legally somehow. The Russians don’t play by the rules. They’ll just go get them however they want. They’ll steal them or bribe people or whatever.

They could also just as easily do what you do and just to get them secondhand.

Braun: Right. They’re probably doing that, too.

Is there any way to test these machines in a way that would be acceptable to the manufacturers and U.S. government?

Braun: The unfortunate thing is that, to our knowledge, the Voting Village is still the only public third-party inspection — or whatever you want to call it — of voting infrastructure.

The unfortunate thing is that the only time this is done publicly by a third party is when it’s done by us. And that’s once a year for two and a half days. This should be going on all year.
Jake BraunCEO of Cambridge Global Advisors

The vendors and others will get pen testing done periodically for themselves, but that’s not public. All these things are done, and they’re under [nondisclosure agreement]. Their customers don’t know what vulnerabilities they found and so on and so forth.

So, the unfortunate thing is that the only time this is done publicly by a third party is when it’s done by us. And that’s once a year for two and a half days. This should be going on all year with all the equipment, the most updated stuff and everything else. And, of course, it’s not.

Have you been in contact with the National Institute of Standards and Technology, as they are in the process of writing new voting machine guidelines?

Braun: Yes. This is why DEF CON is so great, because everybody is here. I was just talking to them yesterday, and they were like, ‘Hey, can you get us the report as soon as humanly possible? Because we want to take it into consideration as we are putting together our guidelines.’ And they said they used our report last year, as well.

How have the election machines fared against the Voting Village hackers this year?

Braun: Right, of course, they were able to get into everything. Of course, they’re finding all these new vulnerabilities and all this stuff. 

The greatest thing that I think came out of last year was that the state of Virginia wound up decommissioning the machine that [the hackers] got into in two minutes remotely. They decommissioned that and got rid of the machine altogether. And it was the only state that still had it. And so, after DEF CON, they had this emergency thing to get rid of it before the elections in 2017.

What’s the plan for the Voting Village moving forward?

Braun: We’ll do the report like we did last year. Out of all the guidelines that have come out since 2016 on how to secure election infrastructure, none of them talk about how to better secure your reporting websites or, since they are kind of impossible to secure, what operating procedures you should have in place in case they get hacked.

So, we’re going to include that in the report this year. And that will be a big addition to the overall guidelines that have come out since 2016.

And then, next year, I think, it’s really just all about, what else can we get our hands on? Because that will be the last time that any of our findings will be able to be implemented before 2020, which is, I think, when the big threat is.

A DEF CON spokesperson said that most of the local officials that responded and are attending have been from Democratic majority counties. Why do you think that is?

Braun: That’s true, although [Neal Kelley, chief of elections and registrar of voters for] Orange County, attended. Orange County is pretty Republican, and he is a Republican.

But I think it winds up being this functionally odd thing where urban areas are generally Democratic, but because they are big, they have a bigger tax base. So then, the people who run them have more money to do security and hire security people. So, they kind of necessarily know more about this stuff.

Whereas if you’re in Allamakee County, Iowa, with 10,000 people, the county auditor who runs the elections there, that guy or gal — I don’t know who it is — but they are both the IT and the election official and the security person and the whatever. You’re just not going to get the specialized stuff, you know what I mean?

Do you have any plans to try to boost attendance from smaller counties that might not be able to afford sending somebody here or plans on how to get information to them?

Braun: Well, that’s why we do the report. This year, we did a mailing of 6,600 pieces of mail to all 6,600 election officials in the country and two emails and 3,500 live phone calls. So, we’re going to keep doing that.
 
And that’s the other thing: We just got so much more engagement from local officials. We had a handful come last year. We had several dozen come this year. None of them were public last year. This year, we had a panel of them speaking, including DHS [Department of Homeland Security].

So, that’s a big difference. Despite the stupid letter that the Secretary of State Association sent out, a lot of these state and local folks are embracing this.

And it’s not like we think we have all the answers. But you would think if you were in their position and with how cash-strapped they are and everything, that they would say, ‘Well, these guys might have some answers. And if somebody’s got some answers, I would love to go find out about those answers.’

Microsoft IoT Central broadens reach with simplicity of SaaS for enterprise-grade IoT – Internet of Things

IoT is fast becoming a key strategy for companies of all sizes, as they strive to get closer to their customers and offer great product experiences—all while reducing operational expenditures. Until now, however, it’s been a major hurdle to gain the skills needed to build and manage connected solutions. This obstacle has been further compounded by concerns about security, scalability, and difficulties finding an IoT solution that has built-in best practices gained from years of experience in the sector.

This is why today we are pleased to launch the public preview of Microsoft IoT Central to address these barriers. Microsoft IoT Central is the first true highly scalable IoT software-as-a-service (SaaS) solution that offers built-in support for IoT best practices and world-class security along with the reliability, regional availability, and global scale of the Microsoft Azure cloud. Microsoft IoT Central allows companies worldwide to build production-grade IoT applications in hours—without having to manage all the necessary back-end infrastructure or learn new skills. In short, Microsoft IoT Central enables everyone to benefit from IoT.

IoT Solutions without the hassle

Microsoft IoT Central takes the hassle out of creating an IoT solution by eliminating the complexities of initial setup as well as the management burden and operational overhead of a typical IoT project. That means you can bring your connected product vision to life faster while staying focused on your customers and products. The end-to-end IoT SaaS solution equips you to harness the “digital feedback loop” to draw better insights from your data and convert them into intelligent actions that result in better products and experiences for your customers.

By reducing the time, skills, and investment required to develop a robust enterprise-grade IoT solution, Microsoft IoT Central also sets you up to quickly reap the powerful business benefits of IoT. You can get started quickly, connecting devices in seconds and moving from concept to production in hours. The complete IoT solution lets you seamlessly scale from a few to millions of connected devices as your IoT needs grow. Moreover, it removes guesswork thanks to simple and comprehensive pricing that makes it easier for you to plan your IoT investments and achieve your IoT goals.

On the security front, Microsoft IoT Central leverages industry-leading privacy standards and technologies to help ensure your data is only accessible to the right people in your organization. With IoT privacy features such as role-based access and integration with Azure Active Directory permissions, you stay in control of your information.

From years of working in the commercial space, we understand organizations’ need to take advantage of existing applications and data to glean richer insights, integrate business workflows, and take more effective actions. So, in the coming months, Microsoft IoT Central will also be able to integrate with customers’ existing business systems—such as Microsoft Dynamics 365, SAP, and Salesforce—to accelerate more proactive sales, service, and marketing.

Several customers have already started building solutions for their businesses with Microsoft IoT Central. Here’s what they have to say:

  • “Small-scale IoT use cases are rare, even though they can have profound social impact. Why? Because each use case has unique needs that in turn require special sensor configurations and secure provisioning to the cloud before the solution can even be turned on. Arrow has simplified this process by bringing together Microsoft’s IoT Central platform and Libelium’s Plug & Sense IoT Toolkits, which help small, medium, and even large businesses get their IoT projects up and running sooner. Microsoft’s IoT Central solution helped us pilot in weeks, at minimal cost, a public school environmental monitoring solution that would have taken a year to develop from scratch. School and government officials can now monitor and improve the safety of public spaces without the cost and duration of typical IoT projects.” – Jeff Reed, PhD, VP Microsoft Global Alliance at Arrow Electronics
  • “Mesh Systems is passionate about the work Microsoft is doing with the release of Microsoft IoT Central. We recognize how Microsoft IoT Central accelerates projects that need entry-level simplicity while also be extendable to meet more complex requirements. We value this level of SaaS offering from Microsoft because it allows us to focus on identifying and iterating on the application business transformation, which is critical across the IoT market.” – Uri Kluk, CTO, Mesh Systems
  • “With Microsoft IoT Central and partner VISEO, we created and deployed IoT solutions quickly, securely, and at scale—with the reach and resources of the global Azure cloud platform. The solution we implemented enables us to collect telemetry data on thousands of our devices. We are now able to do predictive maintenance and ensure our firmware is always up to date—critical advantages in the health field. With this data, we are better able to serve our market and adapt our service to the needs of our customers.” – Philippe Angotta, Director of Customer Relations, LPG
  • “Patterson Companies believes there is an opportunity to realize significant improvement in dental device fix/repair service-level outcomes for its customers via an IoT Remote Monitoring & Diagnostics solution. The OEMs that manufacture dental devices are actively implementing and enhancing their IoT capabilities to provide ongoing performance data from devices connected at the dental office. Microsoft IoT Central provides a highly configurable and intuitive solution to define the criteria needed to monitor and diagnose any variety of connected devices. This in turn equips Patterson service technicians with current and past performance data, allowing them to transition from a reactive stance to one that is proactive and results in higher levels of customer satisfaction.” – Nate Hill, Principal Architect, Patterson Dental
  • “The Umbra Group is excited to work with Microsoft IoT Central and Microsoft Dynamics 365 Finance & Operations to monitor performance and health of our systems in ways we never have been able to do before. These new tools enable us to integrate commercial, supply chain, production, and product data from the time an order is placed all the way through to serving up insights for how and when to service a device. Umbra expects to see tremendous benefits during product development and testing by being able to see and act on real-time performance data regardless of location. Our customers will be thrilled to be able to have maintenance activities performed during scheduled machine down time instead of experiencing interruptions in service, since machine conditions will now be predictable.” – David Manzanares, Vice President of Engineering, Umbra Group
  • “Digital transformation will drive mass-scale growth of the IoT market. Scalable, secure, reliable, and pay-per-use solutions are needed to handle these volumes efficiently. ICT Group has a strong focus on the Industrial IoT market, and Microsoft IoT Central offers us the ability to create insights and add real business value. ICT Group has been involved in the development of Microsoft IoT Central from the start. Microsoft IoT Central has enabled us to gather more valuable insights to inform how we manage our products with this digital feedback loop.” – Aart Wegink, Director Digital Transformation, ICT Group, The Netherlands

Microsoft is leading the way in IoT innovation, and we are committed to introducing new features at a rapid pace so customers can quickly and continually reap benefits and stay ahead of the game. As a true IoT SaaS solution, Microsoft IoT Central gives customers automatic access to new features as they’re released. It also frees customers from updating the underlying hardware.

Azure IoT Hub Device Provisioning Service now available

To further simplify IoT, we are also announcing the availability of Azure IoT Hub Device Provisioning Service. Azure IoT Hub Device Provisioning Service enables zero-touch device provisioning and configuration of millions of devices to Azure IoT Hub in a secure and scalable manner. Device Provisioning Service adds important capabilities that, together with Azure IoT Hub device management, help customers easily manage all stages of the IoT device lifecycle.

For a deeper look into the features of Microsoft IoT Central, check out the new Microsoft IoT Central website and demo, and start your free trial today. Also, for a deeper dive be sure to see our blog post, “Microsoft IoT Central delivers low-code way to build IoT solutions fast.”

Tags: Azure IoT Hub, Azure IoT Hub Device Provisioning Service, device management, Microsoft IoT Central