Securing smart devices that are already smart is one problem The next is securing dumb devices that become smart.
In its bet to secure the Internet of Things (IoT) devices, Microsoft announced Azure Sphere, which is made up of three parts: an operating system, dedicated Azure Sphere-certified microcontrollers (MCUs), and an Azure Sphere Security Service.
Debuting at the RSA Conference, where Microsoft also made a few other security-related announcements, Azure Sphere most interesting part is the certified microcontrollers.
They are tiny chips that can go into smart devices. The MCUs combine "both real-time and application processors with built-in Microsoft security technology and connectivity," said Microsoft, adding that the silicon security includes "learnings" capabilities taken from Xbox, regarding how to secure these microcontrollers and devices they power.
The MCUs are run by Azure Sphere OS that is built on a custom Linux kernel with added application containers that compartmentalize code.
And for last, the Azure Sphere Security Service's role is to act as a "turnkey, cloud service" that protects each Azure Sphere device, including device-to-device and device-to-cloud communication. It provides the authentication, responds to threats and provides information on device and application failures.
Microsoft's goal with Azure Sphere, is to provide a holistic approach on securiting IoT devices.
With hardware, an OS, and a security service deeply integrated, Azure Sphere could offer a compelling option for those who are building IoT devices.
From smart fridges, thermometers and lightbulbs designed to be convenient and easy to use, security is often an afterthought. The once were dumb devices but turned smart, have allowed hackers to gain access to personal data, giving them the ability to control the devices as part of a zombie network capable of taking down the internet.
Read: DDoS To DynDNS: The Internet Breaks
With more IoT devices going online, Microsoft wants to secure them with Azure Sphere, and at the same time propel itself forward into a strong position in the market.
Initially, Azure Sphere is available in private preview, using MediaTek MT3620 as its first chip.
Microsoft is also including a security subsystem in these secured multicontrollers that it calls "Pluton." The controllers are powered by a Cortex-A processor with the real-time guarantees of a Cortex-M class processor, according to Microsoft's Azure Sphere website.
On the announcement at RSA, Microsoft also introduced Microsoft Automated Threat Detection and Remediation. Built on top of its Windows Defender Advanced Threat Protection service, it providings investigation and remediation capabilities, with conditional access for providing real-time risk assessments.
Microsoft is also making an interface for its Microsoft Intelligent Security Graph available to customers and developers, said the officials.