You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/digital-twins/security-best-practices.md
+5-4Lines changed: 5 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,7 +7,7 @@ manager: bertvanhoof
7
7
ms.service: digital-twins
8
8
services: digital-twins
9
9
ms.topic: conceptual
10
-
ms.date: 11/19/2019
10
+
ms.date: 01/15/2020
11
11
---
12
12
13
13
# Azure Digital Twins security best practices
@@ -35,6 +35,7 @@ Some key practices to safely secure your IoT devices include:
35
35
> * Limit I/O and device bandwidth to improve performance. Rate-limiting can improve security by preventing denial-of-service attacks.
36
36
> * Keep device firmware, operating system, and software up to date.
37
37
> * Periodically audit and review device, software, network, and gateway security best practices as they continue to improve and evolve.
38
+
> * Use trusted, certified, and compliant security systems, software, and devices. For example, review [the compliance offerings](https://azure.microsoft.com/overview/trusted-cloud/compliance/) for Azure Cloud.
38
39
39
40
Some key practices to safely secure an IoT space include:
40
41
@@ -62,8 +63,8 @@ Azure Digital Twins uses [Azure Active Directory](https://docs.microsoft.com/azu
62
63
> * Use a certificate issued by a trusted [certificate authority](../active-directory/authentication/active-directory-certificate-based-authentication-get-started.md) rather than app secrets to authenticate.
63
64
> * Limit OAuth 2.0 scope of access for a token.
64
65
> * Verify the length of time a token is valid and whether a token remains valid.
65
-
> * Set appropriate lengths of time that tokens are valid for.
66
-
> *Refresh expired tokens.
66
+
> * Set appropriate lengths of time that tokens are valid for. Refresh expired tokens.
67
+
> *Remove unused **Redirect URIs** and permissions per [Role-based access control best practices](#role-based-access-control-best-practices).
67
68
68
69
## Role-based access control best practices
69
70
@@ -75,4 +76,4 @@ Azure Digital Twins uses [Azure Active Directory](https://docs.microsoft.com/azu
75
76
76
77
* To learn about role-based access control, read [Role-based access control](./security-role-based-access-control.md).
77
78
78
-
* To learn about authentication, read [Authenticate with APIs](./security-authenticating-apis.md).
79
+
* To learn about authentication, read [Authenticate with APIs](./security-authenticating-apis.md).
0 commit comments