Safeguard against cyber attacks with secure stable operating system platforms

In today's connected world the threat of cyber-attacks is a concern for major corporations and SMEs alike. Due to the hyper-sensitive nature of the data, one of the most targeted areas of online attacks is in the medical industry, meaning robust online security measures are not only advisable, they are critical.
Using modern operating systems which are kept completely updated is key in the fight against online crime. One of the most common mechanisms for cyber attackers is to not only find weaknesses in operating system software, but also exploit software that has not had previous weaknesses patched by updates. Once a virus or breach has been reported, software developers create a patch to secure it and roll it out in the form of software updates. Hackers will often "reverse engineer" this update to learn what vulnerability it is securing, then design a virus which exploits users who have not yet updated their software.
To limit these vulnerabilities between updates, Windows 10 IoT Enterprise LTSB has key advantages in customisation as well as lock-down features which prevent unauthorised system configuration changes taking place.

Disabling feature updates

If the device has an internet connection then the operating system can automatically update to the next released distribution version without notice, which could cause application issues as well as system outages. The ability to disable Windows 10 feature updates is key to the reliability of embedded systems, as this allows the operating system to be deployed at a known working and fully tested point if feature updates are left enabled.

Unified write filter (UWF)

A unified write filter can be utilised to protect the disk volume, which intercepts all writes made to the protected disk and redirects them to a virtual overlay. Here, the data is stored or allowed to write through to the protected volume (depending on your configuration), which improves the reliability and stability of your embedded device and helps to:
 
  • Increase the disk life by reducing the read write cycles to the protected volume.
  • Protect against disk corruption in the case of power outages, as the only data that can be damaged is in the overlay and this is refreshed from the protected volume when the device is rebooted.
  • Protect against unauthorized application installs or system changes as the system is always booted from a known state / configuration.

Secure Boot

Secure Boot can be utilised which protects the device during boot time, and is the first policy enforcement point stopping unauthorised code / scripts from being executed during the boot phase. It restricts the system to only allow execution of binaries signed by a specified authority, and prevents unknown code from being executed on the platform and potentially weakening the security of the device.

For more information on our custom embedded operating system services click here to get in touch, or speak to one of our technical sales team by calling 01782 337 800.
Get in touch
Our technical sales team are ready to answer your questions.
T: +44 (0)1782 337 800 • E: sales@impulse-embedded.co.uk
+44(0)1782 337 800
Happy Holidays from Impulse! Please note that we will be closed for the holiday period from 20th December, and will reopen on 2nd January. Our last shipping date of the year to customers will be 18th December 2024.
+44(0)1782 337 800
MediaSolutionsSafeguard against cyber attacks with secure stable...