For the first time in its 43-year history, Microsoft has announced a Linux-based operating system.
The company announced its new holistic Azure Sphere platform for end-to-end Internet of Things (IoT) security, which contains three levels: new custom microcontroller chips, the Azure Sphere Security Service for connecting and security IoT devices, and Azure Sphere OS, which runs on a custom Linux kernel.
At the company’s press conference during the RSA security conference in San Francisco, Microsoft President Brad Smith said the company is tackling IoT security at three different levels: silicon, operating system, and cloud. Smith broke down how each component of Azure Sphere works, built according to the company’s Seven Properties of Highly Secure Devices:
Azure Sphere certified microcontrollers (MCUs): Developed by Microsoft Research, the custom MCUs will be licensed royalty-free to silicon manufacturers. The chips include built-in networking and security subsystems for deeper chip-based IoT security. The first Azure Sphere chip, the MediaTek MT3620, will be on the market this year. Smith said there will be more partners to come.
Azure Sphere OS: Smith said Microsoft realized that Linux was better suited than Windows for IoT devices. Azure Sphere OS is built with a custom Linux kernel and security monitor for “defense in-depth” with multiple layers of security, according to Smith. The company had previously announced SQL Server support for Linux, but a non-Windows OS is a first.
Azure Sphere Security Service: The new Microsoft Azure-based cloud service will perform certificate-based authentication for both device-to-device and device-to-cloud communications, push software updates directly down to IoT devices, and perform threat-detection scans across the entire device ecosystem.
Smith said Microsoft is making the Azure Sphere Security Service compatible not only with Azure, but with other cloud infrastructure providers such as Amazon Web Services (AWS), Google Cloud, IBM, Oracle, and others. The company is doing this for the same reason it’s releasing a Linux-based OS: making sure billions of IoT devices are secure.
“There are going to be 9 billion of these MCU-based devices shipped this year,” he said. “They’ll be in the toys of our children, in our kitchens, our refrigerators, in every room in our house…that infrastructure will only be as secure as the weakest link.
“We’re a Windows company, but what we recognized is that the best solution for a computer of this size in a toy is not a full-blown version of Windows. It’s a custom Linux Kernel,” Smith said. “It’s an important step for us and the industry.”
New Enterprise Automation and Security Tools
In typical Microsoft fashion, the company saved Azure Sphere for last. Before that, the company also announced a slew of new automated cloud security tools for enterprises. Diana Kelly, CTO of Microsoft’s Enterprise Cybersecurity Group, announced a new way to gamify cybersecurity using the Microsoft Secure Score and Attack Simulator.
Kelly explained the score as an extension of Microsoft’s Office 365 Secure Score that lets companies measure their scores anonymously against competitors in the same industry. Microsoft also provides actionable recommendations companies can take to increase their score. There’s also the Attack Simulator, which allows IT to simulate phishing or ransomware attacks. The company can then educate users who clicked through to raise their security awareness, and tune their security policies based on the results.
Microsoft announced enhancements to Windows Defender’s Advanced Threat Protection (ATP) as well, which expands upon the enterprise threat protection capabilities in the Fall Creators Update to let Microsoft run automated investigation and remediation on attacks and breaches. There’s also more integrated threat detection across Office 365, Microsoft 365, and identity protection in Azure.
Kelly also ran detailed new conditional access capabilities that perform ongoing risk assessments if a user is logging in attempting to get sensitive data. Windows Defender ATP recognizes what devices they’re using, where they’re logging in from, and device-level assessmetns of their risk scores to prevent compromised machines from accessing corporate data. Finally, Microsoft is making its Intelligent Security Graph API available to partners.