When you work with Azure and Azure IoT, at some point you have to think about a jump box (aka jump server).
This is a device in your network that supports access to other devices in a secure way.
Yes, you can probably access devices in some sort of secure way already using device-specific credentials. Think about an RDP session or using an SSH connection. Still, credentials once remembered by a user, are hard to forget.
The trick with a jump box is to work with multiple layers of security.
First, you have to log in to one device. From there, you ‘jump’ to the next one:
The jump box should be made accessible using other credentials apart from the other connection.
Even better, if these credentials are put in AAD so the login credentials are related to the user logging in, access can be revoked once people are…
View original post 1,467 more words