Microsoft is ramping up its efforts to protect Internet of Things technology. It's latest cybersecurity innovation Azure Sphere, a dedicated end-to-end IoT solution, was unveiled by President Brad Smith during RSA Conference in San Francisco Monday. The Azure Sphere OS is based on a custom Linux kernel to help ensure a secure, trustworthy software platform for the IoT. The service is compatible with cloud services beyond Azure.
The company is engineering security solutions at the chip level that include built-in networking, silicon technologies first "pioneered" in Xbox and capabilities that enable "ambient intelligence in an MCU [microcontroller] for the first time."
The Sphere includes Security Service, which helps defend devices with certificate-based authentication for all communication and automatically thwarts and responds to threats on a system. The system gives users a security "score" with suggested remediation to improve those scores. Simulated ransomware or phishing attacks are also a feature of the service that can help with workforce training.
"By definition, it's our people who are the first responders" when it comes to cybersecurity, Smith said. Because Silicon Valley-type companies are the entities who manufacture the products and operate the services, there is an inherent responsibility to provide for those vulnerable to another "cyber-geddon."
Though the private sector could never single-handedly take on cyberattacks, creating a line of services to make monitoring and addressing threats easier is the first step in ensuring a safer cyberspace.
As companies continue to rely on IoT devices and IoT-based workloads, companies like Microsoft are adapting to the associated security risks. In an attempt to take "cybersecurity from an art to a science," Microsoft is tackling properties of IoT devices, beginning with hardware, Smith said.
The custom silicon in the chips is used to make the company's "hardware root of trust" that has physical side channels attack protections. Microsoft is partnering with hardware manufacturers to make the chips for the Azure Sphere, expected to be on the market in 2018.
As threats continue to evolve, simply protecting a system's services is not enough when the hardware itself can be corrupted. Intel's decades old chip flaws only highlighted the holes in hardware vulnerabilities that Microsoft is looking to avoid.