Brad Smith (Microsoft)
Microsoft has stepped up its portfolio of security products designed to provide additional protection in Microsoft 365 while also tackling emerging threats aimed at the internet of things (IoT) and edge devices.
The global tech giant unveiled a raft of new security offerings on 16 April at this year’s RSA Conference in San Francisco, including several new intelligent security features for its Microsoft 365 commercial cloud offering designed to make it easier for IT and security professionals to manage security across their businesses.
Specifically, the company unveiled four new cloud-based developments aimed at strengthening end customers’ security profiles.
These include a new automated threat detection and remediation tools to help simplify and streamline the process of identifying and fixing threats before they spread.
The company also revealed a new tool to control access to sensitive data and ensure that compromised devices can’t access sensitive data on a customer’s network -- connecting a feature called Conditional Access to Windows Defender Advanced Threat Protection (ATP) for an added layer of device risk-level assessment.
Another new security tool revealed at the event was Microsoft Secure Score, which provides a single dashboard and summary score that makes it easier for organisations to quickly determine which controls to enable to help protect users, data and devices.
Additionally, the company announced the preview of a new Microsoft Graph security application programming interface (API) for connecting to Microsoft products powered by the Microsoft Intelligent Security Graph.
The new security API provides an integration point that allows technology partners and customers to greatly enhance the intelligence of their products to speed up threat investigation and remediation.
“All of the advances we’re announcing today reflect another essential fact of life,” Microsoft president and chief legal officer, Brad Smith, said in a blog post. “Security has become a shared responsibility.
“We believe that Microsoft has an important responsibility and is in a unique position to help address the world’s security issues and contribute to long-term solutions. But no one has anything close to a monopoly on good security ideas or expertise.
“More than ever, the continuing rise in security threats requires that we work together in new ways across the tech sector and with customers and governments,” he said.
One of the big announcements by Microsoft at the event was the launch of its Azure Sphere preview. Azure Sphere is a new solution for creating highly-secured, internet-connected microcontroller devices.
Azure Sphere includes three components that work together to protect and power devices at the edge, including Azure Sphere-certified microcontrollers (MCUs) – a new cross-over class of MCUs that combines both real-time and application processors with built-in Microsoft security technology and connectivity.
The solution also involves Azure Sphere OS, an operating system that is purpose-built to offer unequalled security and agility.
Meanwhile, the new offering includes the Azure Sphere Security Service, a turnkey, cloud service designed to guard every Azure Sphere device, brokering trust for device-to-device and device-to-cloud communication through certificate-based authentication.
According to Smith, Azure Sphere is based on Microsoft’s development of an entirely new class of MCUs with more than five times the power of legacy MCUs.
“We’ll license the IP for these new MCUs royalty free to silicon manufacturers, removing barriers for silicon partners who want to develop and manufacture Azure Sphere chips,” Smith said. “Already, MediaTek is producing Azure Sphere-certified silicon, with more partners to follow.
Smith said that Azure Sphere will bring to the new chips a new customised operating system built for IoT security.
The OS is based on a custom Linux kernel that has been optimised for an IoT environment and reworked with security innovations pioneered in Windows to create a highly secured software environment.
Microsoft claims that Azure Sphere will work alongside any cloud platform – private or proprietary – so users can continue to employ their existing data infrastructure while adopting Azure Sphere’s security for their devices.
“This combined approach to Azure Sphere brings together the best of hardware, software and services innovation. It is open to any MCU chip manufacturer, open to additional software innovation by the open source community and open to work with any cloud,” Smith said.
