Om Malik recently posted a rant about how unfriendly consumer IoT is to its customers. The goal of almost all suppliers centers on sucking up as much consumer behavior as possible while preventing competitors from interoperating. I may have more on that later.
The rant came my way the day before this news item relating to security of connected devices in manufacturing. Reading Malik’s column, I wondered about the entire manufacturing IoT ecosystem—interoperability, ease of use, ease of adding new device, and, of course, security. In our case it’s not only suppliers sucking data from our systems, it’s also industrial espionage and attacks from outside.
This news discusses how three companies came together recently to devise a solution advance.
CyberArk and Device Authority, in collaboration with Microsoft, have launched a solution that strengthens and scales connected device authentication to enterprise applications with Zero Trust principles. It helps manufacturers reduce cyber risk from connected devices in factory floors and edge environments with robust identity security, automated access management and device lifecycle protection.
The manufacturing industry is rapidly transforming to digital, driven by the coming together of the Internet of Things (IoT) and Operational Technology (OT), with countless devices connected to optimize operations. Each connected device potentially introduces new cybersecurity vulnerabilities. The NIST reference architecture for IoT, introduced in May 2024, provides a structured approach to secure onboarding, continuous device management and threat monitoring across the device lifecycle. The collaboration between Microsoft, CyberArk and Device Authority helps organizations translate this framework into practical, scalable solutions.
Each partner brings essential capabilities to this end-to-end solution architecture for NIST compliance.
- Through Microsoft Azure IoT and Defender for IoT, Microsoft enables secure, scalable device management and real-time monitoring. The cloud-edge integration ensures consistent device security, even in remote, air-gapped environments.
- CyberArk’s modern privileged access management capabilities restrict unauthorized human access to critical devices and systems, enforcing user and device security policies without the need for time consuming, error-prone manual human intervention.
- Device Authority automates secure device onboarding, identity credentialing and encryption, minimizing human error, accelerating incident response and maintaining data integrity through the connected ecosystem.
Further reading
Learn about the importance of protecting your IoT and OT devices from cyber threats.
Learn more about the joint solution with CyberArk, Device Authority, and Microsoft.
