You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/iot/iot-overview-scalability-high-availability.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ services: iot
6
6
author: dominicbetts
7
7
ms.author: dobett
8
8
ms.topic: overview
9
-
ms.date: 05/18/2023
9
+
ms.date: 06/20/2024
10
10
ms.custom: template-overview
11
11
# Customer intent: As a solution builder, I want a high-level overview of the options for scalability, high availability, and disaster recovery in an IoT solution so that I can easily find relevant content for my scenario.
12
12
---
@@ -21,7 +21,7 @@ The following diagram shows a high-level view of the components in a typical IoT
21
21
22
22
## IoT solution scalability
23
23
24
-
An IoT solution may need to support millions of connected devices. You need to ensure that the components in your solution can scale to meet the demands.
24
+
An IoT solution might need to support millions of connected devices. You need to ensure that the components in your solution can scale to meet the demands.
25
25
26
26
Use the Device Provisioning Service (DPS) to provision devices at scale. DPS is a helper service for IoT Hub and IoT Central that enables zero-touch device provisioning at scale. To learn more, see [Best practices for large-scale IoT device deployments](../iot-dps/concepts-deploy-at-scale.md).
27
27
@@ -50,7 +50,7 @@ Service limits and quotas:
50
50
51
51
## High availability and disaster recovery
52
52
53
-
IoT solutions are often business-critical. You need to ensure that your solution can continue to operate in the event of a failure. You also need to ensure that you can recover your solution in the event of a disaster.
53
+
IoT solutions are often business-critical. You need to ensure that your solution can continue to operate if a failure occurs. You also need to ensure that you can recover your solution following a disaster.
54
54
55
55
To learn more about the high availability and disaster recovery capabilities the IoT services in your solution, see the following articles:
Copy file name to clipboardExpand all lines: articles/iot/iot-overview-security.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ author: dominicbetts
5
5
ms.service: iot
6
6
services: iot
7
7
ms.topic: conceptual
8
-
ms.date: 06/27/2023
8
+
ms.date: 06/20/2024
9
9
ms.author: dobett
10
10
---
11
11
@@ -29,7 +29,7 @@ Implementing the recommendations in this article helps you meet the security obl
29
29
30
30
## Microsoft Defender for IoT
31
31
32
-
Microsoft Defender for IoT can automatically monitor some of the recommendations included in this article. Microsoft Defender for IoT should be the first line of defense to protect your resources in Azure. Microsoft Defender for IoT periodically analyzes the security state of your Azure resources to identify potential security vulnerabilities. It then provides you with recommendations on how to address them. To learn more, see:
32
+
Microsoft Defender for IoT can automatically monitor some of the recommendations included in this article. Microsoft Defender for IoT should be the frontline of defense to protect your resources in Azure. Microsoft Defender for IoT periodically analyzes the security state of your Azure resources to identify potential security vulnerabilities. It then provides you with recommendations on how to address them. To learn more, see:
33
33
34
34
-[Enhance security posture with security recommendations](../defender-for-iot/organizations/recommendations.md).
35
35
-[What is Microsoft Defender for IoT for organizations?](../defender-for-iot/organizations/overview.md).
@@ -51,7 +51,7 @@ Microsoft Defender for IoT can automatically monitor some of the recommendations
51
51
52
52
-**Choose open-source software with care**: Open-source software provides an opportunity to quickly develop solutions. When you're choosing open-source software, consider the activity level of the community for each open-source component. An active community ensures that software is supported and that issues are discovered and addressed. An obscure and inactive open-source software project might not be supported and issues aren't likely be discovered.
53
53
54
-
-**Deploy hardware securely**: IoT deployments may require you to deploy hardware in unsecure locations, such as in public spaces or unsupervised locales. In such situations, ensure that hardware deployment is as tamper-proof as possible. For example, if the hardware has USB ports ensure that they're covered securely.
54
+
-**Deploy hardware securely**: IoT deployments might require you to deploy hardware in unsecure locations, such as in public spaces or unsupervised locales. In such situations, ensure that hardware deployment is as tamper-proof as possible. For example, if the hardware has USB ports ensure that they're covered securely.
55
55
56
56
-**Keep authentication keys safe**: During deployment, each device requires device IDs and associated authentication keys generated by the cloud service. Keep these keys physically safe even after the deployment. A malicious device can use any compromised key to masquerade as an existing device.
57
57
@@ -71,17 +71,17 @@ Microsoft Defender for IoT can automatically monitor some of the recommendations
71
71
72
72
-**Use Transport Layer Security (TLS) 1.2 to secure connections from devices**: IoT Hub and IoT Central use TLS to secure connections from IoT devices and services. Three versions of the TLS protocol are currently supported: 1.0, 1.1, and 1.2. TLS 1.0 and 1.1 are considered legacy. To learn more, see [Authentication and authorization](iot-overview-device-connectivity.md#authentication).
73
73
74
-
-**Ensure you have a way to update the TLS root certificate on your devices**: TLS root certificates are long-lived, but they still may expire or be revoked. If there's no way of updating the certificate on the device, the device may not be able to connect to IoT Hub, IoT Central, or any other cloud service at a later date.
74
+
-**Ensure you have a way to update the TLS root certificate on your devices**: TLS root certificates are long-lived, but they still might expire or be revoked. If there's no way of updating the certificate on the device, the device might not be able to connect to IoT Hub, IoT Central, or any other cloud service at a later date.
75
75
76
-
-**Consider using Azure Private Link**: Azure Private Link lets you connect your devices to a private endpoint on your VNet, enabling you to block access to your IoT hub's public device-facing endpoints. To learn more, see [Ingress connectivity to IoT Hub using Azure Private Link](../iot-hub/virtual-network-support.md#ingress-connectivity-to-iot-hub-using-azure-private-link) and [Network security for IoT Central using private endpoints](../iot-central/core/concepts-private-endpoints.md).
76
+
-**Consider using Azure Private Link**: Azure Private Link lets you connect your devices to a private endpoint on your virtual network, enabling you to block access to your IoT hub's public device-facing endpoints. To learn more, see [Ingress connectivity to IoT Hub using Azure Private Link](../iot-hub/virtual-network-support.md#ingress-connectivity-to-iot-hub-using-azure-private-link) and [Network security for IoT Central using private endpoints](../iot-central/core/concepts-private-endpoints.md).
77
77
78
78
## Cloud security
79
79
80
80
-**Follow a secure software development methodology**: The development of secure software requires you to consider security from the inception of the project all the way through implementation, testing, and deployment. The [Microsoft Security Development Lifecycle](https://www.microsoft.com/securityengineering/sdl/) provides a step-by-step approach to building secure software.
81
81
82
82
-**Choose open-source software with care**: Open-source software provides an opportunity to quickly develop solutions. When you're choosing open-source software, consider the activity level of the community for each open-source component. An active community ensures that software is supported and that issues are discovered and addressed. An obscure and inactive open-source software project might not be supported and issues aren't likely be discovered.
83
83
84
-
-**Integrate with care**: Many software security flaws exist at the boundary of libraries and APIs. Functionality that may not be required for the current deployment might still be available by through an API layer. To ensure overall security, make sure to check all interfaces of components being integrated for security flaws.
84
+
-**Integrate with care**: Many software security flaws exist at the boundary of libraries and APIs. Functionality that might not be required for the current deployment might still be available by through an API layer. To ensure overall security, make sure to check all interfaces of components being integrated for security flaws.
85
85
86
86
-**Protect cloud credentials**: An attacker can use the cloud authentication credentials you use to configure and operate your IoT deployment to gain access to and compromise your IoT system. Protect the credentials by changing the password frequently, and don't use these credentials on public machines.
0 commit comments