Make sure your tools, libraries, and build systems are safe from tampering. Scan for vulnerabilities during builds and while things are running.
Knowing where your software comes from and checking that it’s legitimate throughout the life cycle helps you catch problems early and fix them before they reach production.
Contoso’s challenge
- The engineering team is setting up their build and release pipelines, but they haven’t made sure the build system is secure or reliable yet.
- They’re using some open-source tools in both their firmware and cloud systems.
- They’ve heard how supply chain attacks or insider threats can sneak in bad code that could mess with systems or leak data. If their customer’s environmental reporting gets compromised, it could be a huge problem for both Contoso and the customers.
Applying the approach and outcomes
- The team updates their build processes for both firmware and back-end cloud systems to include security scans for common vulnerabilities and exposures (CVEs) and malware in dependencies, code, and packages.
- They also look at anti-malware options for their Azure Stack HCI setup, such as Windows Defender Application Control.
- These steps help make sure the software and firmware that they ship doesn’t do anything unexpected, and that their customers’ reporting stays accurate and secure.
Employ strong cryptographic mechanisms
Use strong cryptography, like encryption, certificates, and code signing, to build trust. Make sure only trusted sources can decrypt these mechanisms.
When you adopt this approach, only trusted sources can access or change your system and data.
Even if someone intercepts encrypted data, they can’t read it without the right key. And digital signatures help confirm that nothing was tampered with along the way.
Contoso’s challenge
- The devices that they chose for sensing and data transfer don’t have enough processing power to support HTTPS or custom encryption.
- The workload team plans to use network boundaries as their primary isolation technique.
- A risk review flagged that unencrypted communication between IoT devices and control systems could be a big problem. Just segmenting the network isn’t enough.
Applying the approach and outcomes
- They worked with the device manufacturer to upgrade to a more powerful model. The new devices support certificate-based communication and can verify signed firmware before running it.
Leave a Reply