Using intelligence to advance security from the edge to the cloud

 |   Brad Smith - President

Brad Smith holds up a microcontroller unit
Brad Smith, Microsoft president and chief legal officer, holds up a microcontroller unit (MCU) at Microsoft’s security news briefing on April 16, 2018.

We are living in a world where almost everything is becoming connected, whether it’s the electrical grid, phone system, our cars, or the appliances that heat our home or chill our food.  As this Internet of Things (IoT) continues to proliferate, so does the threat of debilitating cyber-attacks, like last year’s devastating ransomware attacks that damaged, destroyed and disrupted systems around the world. And these attacks are only growing more sophisticated – and commonplace.  

We recognize that we and others in the tech sector have the first responsibility to address these issues. After all, we build the products.  We operate the platform.  We unfortunately are the battlefield in many ways.  We are the first responders.  At Microsoft and at many of our peers, our security professionals are the ones that answer the call, scramble onto airplanes, and stay by our customer’s side until their issues are resolved. Trust is the underpinning of our relationship with our customers, and we recognize that we must earn and maintain that trust every single day.  

That’s why this year at RSA in San Francisco, Microsoft is announcing new offerings to take security more squarely to where it needs to go and where it has not effectively gone before – the edge. Today we’re unveiling a series of new services and features that will better harden not only our intelligent cloud but also the billions of connected devices that live on its edge. And we’re supporting these advances with new offerings that will making security easier for our customers to manage.    

Azure Sphere: Extending security to the Internet of Things

Over the past 15 years, we’ve repeatedly taken steps to strengthen security protection not only for Windows and Office software, but also to harden our Xbox chipsets. We’re now combining this expertise and these advances to secure at the silicon level the billions of connected devices that will sit on the edge of the world’s computing network.

Applying new advances by our security researchers, we are introducing security protection for the next generation of cloud and edge devices powered by microcontroller units (MCUs). This growing class of cloud-connected devices – 9 billion of which ship every year – run tiny MCU chips that will power everything from kitchen appliances and toys to industrial equipment on factory floors. This next wave of connected devices is increasingly intelligent and connected. They will improve daily life in countless ways, but if they’re not secure, they will make people, communities and countries vulnerable to attack in more ways than ever before.

Today we’re announcing Azure Sphere, the industry’s first holistic solution for securing MCU-based devices from the silicon to the cloud. This solution brings together three critical pieces and advances: 

  • First, Azure Sphere is based on Microsoft’s development of an entirely new class of MCUs with more than five times the power of legacy MCUs. We’ll license the IP for these new MCUs royalty free to silicon manufacturers, removing barriers for silicon partners who want to develop and manufacture Azure Sphere chips. Already MediaTek is producing Azure Sphere-certified silicon, with more partners to follow.  
  • Second, Azure Sphere will bring to these new chips a new customized operating system built for IoT security. This OS incorporates a custom Linux kernel that has been optimized for an IoT environment and reworked with security innovations pioneered in Windows to create a highly secured software environment. 
  • Finally, Azure Sphere will feature a turnkey cloud security service that guards every Azure Sphere device, including the ability to update and upgrade this security protection for a 10-year lifetime of the device. Importantly, Azure Sphere will work alongside any cloud  private or proprietary so that customers can continue to use their existing data infrastructure while adopting Azure Sphere’s groundbreaking security for their devices. 

This combined approach to Azure Sphere brings together the best of hardware, software and services innovation. It is open to any MCU chip manufacturer, open to additional software innovation by the open source community and open to work with any cloud. In short, it represents a critical new step for Microsoft by integrating innovation across every aspect of technology and by working with every part of the technology ecosystem, including our competitors. We believe this holistic solution will bring to IoT devices better security, resilience and developer agility than anything on the market today. 

Simplifying security through new cloud offerings 

In the past, some enterprises were hesitant to move to the cloud because of perceived security risks. Today, customers appreciate that the cloud is almost certainly more secure than on-premise environments. The result is that customers trust the security of their enterprise to us, so they can focus on their core business.   

Over the past year we’ve focused on strengthening Microsoft 365 so it not only helps our customers be more collaborative and productive, but also makes it easier to secure IT infrastructure against a growing range of threats. Because Microsoft 365 is a cloud service, we’re able to rapidly develop and deploy new security innovations based on learnings and insights coming from our Microsoft Intelligent Security Graph. Today we’re announcing four cloud-based advances that will enable customers to use Microsoft 365 to strengthen further their security protection: 

  • The most time consuming and challenging work in security operations today is identifying and fixing threats before they spread. That’s why we’re announcing new automated threat detection and remediation tools to help simplify and streamline this process. With Windows Defender Advanced Threat Protection (ATP) automated investigation and remediation capabilities, in the upcoming Windows 10 update, systems can automatically go from alert to investigation to remediation in a fraction of the time it used to take. 
  • Another important aspect of responding to security threats involves controlling access to sensitive data without impacting productivity. We’re announcing a new step today to help ensure that compromised devices can’t access sensitive data on a customer’s network, by connecting a feature called Conditional Access to Windows Defender ATP for an added layer of device risk-level assessment. It means that customers can now limit access to mission-critical information if risks such as malware are detected at the individual device level, while automatic remediation tools address the problem. 
  • We’re complementing these advances with a new and advanced security tool to help customers manage their overall security environment. Microsoft Secure Score provides a single dashboard and summary score that makes it easier for organizations to quickly determine which controls to enable to help protect users, data and devices, as well as compare their results with other organizations with similar profiles using machine learning.  
  • Security increasingly is a team sport not only within an enterprise but across the customer network. Intelligence data, in particular, gets better with additional signals coming in, and so we’re increasing the ability for customers and partners to collaborate with us, with one another and with their own customers. Today we’re announcing the preview of a new Microsoft Graph security API for connecting to Microsoft products powered by the Microsoft Intelligent Security Graph. The new security API provides an integration point that allows technology partners and customers to greatly enhance the intelligence of their products to speed up threat investigation and remediation. Already, leading companies like Palo Alto Networks, PwC and Anomali are exploring the security API for their own solutions. And because we’re committed to collaborating with customers and partners to enable integration between Microsoft’s security technology and the broader ecosystem, we are also announcing the new Microsoft Intelligent Security Association. This new program streamlines our engagement on all things security and allows technology partners to benefit from, and contribute to, the Intelligent Security Graph and Microsoft security products. 

Security is a shared responsibility 

All of the advances we’re announcing today reflect another essential fact of life. Security has become a shared responsibility. We believe that Microsoft has an important responsibility and is in a unique position to help address the world’s security issues and contribute to long-term solutions. But no one has anything close to a monopoly on good security ideas or expertise. More than ever, the continuing rise in security threats requires that we work together in new ways across the tech sector and with customers and governments.  

That’s why we’re committed not only to greater security collaboration at the technology level, but also to advancing the public security policies the world needs. 

RSA offers the entire industry an important opportunity each year to talk about the challenges of cybersecurity. We need more of these conversations. Even more, we need action. That’s why we continue to advocate around the world to interpret and build on existing international laws and ultimately establish a Digital Geneva Convention to protect civilians against cyber-attacks. And it’s why just last week we launched Microsoft’s Defending Democracy Program, based on a new team at Microsoft dedicated to working with governments, technology companies, academia and civil society to address cyber-related threats and interference in democratic processes.   

Today’s big security challenges require bold ideas. Whether it’s strengthening our products, using data to better identify and disrupt threats, or working with customers on their own cyber-resilience, we are committed to delivering world-class security to customers and partners. And we are committed to working across the tech industry and public sector to improve our shared defense of the technology infrastructure on which the world depends.

Tags: , , , , ,