{"id":39820,"date":"2021-03-02T14:00:19","date_gmt":"2021-03-02T14:00:19","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=92889"},"modified":"2021-03-02T14:00:19","modified_gmt":"2021-03-02T14:00:19","slug":"microsoft-brings-advanced-hardware-security-to-server-and-edge-with-secured-core","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-brings-advanced-hardware-security-to-server-and-edge-with-secured-core\/","title":{"rendered":"Microsoft brings advanced hardware security to Server and Edge with Secured-core"},"content":{"rendered":"

A cursory look at recent headlines reveals two clear trends. First, organizations around the world are embracing digital transformation using technologies across cloud and edge computing to better serve their customers and thrive in fast-paced environments. Second, attackers are constantly innovating new attacks as technology changes and targeting these organizations\u2019 high-value infrastructure with advanced technical capabilities connected to both cybercrime and espionage.<\/p>\n

The MagBo marketplace<\/a>, which sells access to more than 43,000 hacked servers, exemplifies the ever-expanding cybercrime threat. Compromised servers are being exploited to mine cryptocurrency<\/a> and are being hit with ransomware attacks<\/a>. Meanwhile, IoT vulnerabilities are on the rise<\/a>, with more than half of IoT devices deemed susceptible to attack<\/a>. In addition to these risks, companies often struggle with a lack of expertise and familiarity with security standards as well as complex regulations like the IoT Cybersecurity Improvement Act of 2020<\/a>.<\/p>\n

Given these factors, continuing to raise the security bar for critical infrastructure against attackers and also make it easy for organizations to hit that higher bar is a clear priority for both customers and Microsoft. As systems like the Xbox show<\/a>, successfully protecting systems requires a holistic approach that builds security from the chip to the cloud across hardware, firmware, and the operating system. Using our learnings from the Secured-core PC<\/a> initiative, Microsoft is collaborating with partners to expand Secured-core to Windows Server, Azure Stack HCI, and Azure-certified IoT devices, as well as bring the Secured-core values of advanced hardware-based protection and simpler security enablement to the server and IoT ecosystem.<\/p>\n

Powerful protection with Secured-core Server and Edge Secured-core<\/h2>\n

Following Secured-core PC, we are introducing Secured-core Server which is built on three key pillars: simplified security, advanced protection, and preventative defense. Secured-core Servers come with the assurance that manufacturing partners have built hardware and firmware that satisfy the requirements of the operating system (OS) security features. Like Secured-core PC and Secured-core Server, Edge Secured-core advances built-in security for IoT devices running a full OS. Edge Secured-core also expands Secured-core coverage to Linux, in addition to Windows platforms.<\/p>\n

Simplified security<\/h3>\n

New functionality in the Windows Admin Center makes it easy for customers to configure the OS security features of Secured-core for Windows Server and Azure Stack HCI systems. The new Windows Admin Center security functionality will allow enabling advanced security with a click of the button<\/a> from a web browser anywhere in the world. With integrated Azure Stack HCI systems, manufacturing partners can also enable OS features, further simplifying the configuration experience for customers so that Microsoft\u2019s best server security is available right out of the box. For Windows Server and validated Azure Stack HCI solutions, customers can look for Secured-core certified systems to simplify acquiring secure hardware platforms.<\/p>\n

\"The<\/p>\n

The Azure Certified Device program<\/a> already helps customers find the right edge and IoT solutions for their needs. We are adding the Edge Secured-core public preview to the Azure Certified Device program. Edge Secured-core devices meet extra security requirements around device identity, secure boot, OS hardening, device updates, data protection, and vulnerability disclosures, which will be uniquely identifiable on the Azure Certified Device catalog.<\/p>\n

Advanced protection<\/h3>\n

Secured-core Servers maximize hardware, firmware, and OS capabilities to help protect against current and future threats. These safeguards create a platform with added security for critical applications and data used on the server. Secured-core functionality spans the following areas:<\/p>\n