Microsoft Announces IoT Security Solution and Protection in Microsoft 365

This year at RSA in San Francisco, Microsoft announced new security offerings for cloud and edge devices powered by microcontroller units (MCUs), along with four cloud-based advances that will enable its customers to use Microsoft 365 to strengthen their security protection.

With Azure Sphere, Microsoft is trying to offer security protection to the billions of connected devices that will sit on the edge of the world's computing network. These devices are typically powered by microcontroller units (MCUs). This growing class of cloud-connected devices run tiny MCU chips that will power everything from kitchen appliances and toys to industrial equipment on factory floors.

Azure Sphere is based on Microsoft's development of an entirely new class of MCUs with more than five times the power of legacy MCUs. Microsoft will license the IP for these new MCUs royalty free to silicon manufacturers. Already MediaTek is producing Azure Sphere-certified silicon, the MT3620. MediaTek and Microsoft have worked together to develop a specialized chipset with a Wi-Fi connected controller built around a processor designed to run Azure Sphere's IoT operating system. It also includes built-in support for Microsoft's latest security protocols. These chipsets will be sold as part of the Azure Sphere solution.

MT3620 features an Arm Cortex-A7 application processor operates up to 500MHz and includes large L1$ and L2$ and integrated SRAM for efficient operation over a wider range of potential applications. Two general purpose Arm Cortex-M4F I/O subsystems support the requirements of the many on-chip peripherals including 5x UART/I2C/SPI, 2x I2S, 8x ADC, up to 12 PWM counters and up to 72x GPIOs. These two Cortex-M4F I/O subsystems are primarily intended to support real-time I/O processing but can also be used for general purpose computation and control. The Cortex-M4F cores may run any end-user-provided operating system or run a 'bare metal app' with no operating system.

Outside of these three end-user accessible cores, MT3620 contains an isolated security subsystem with its own Arm Cortex-M4F core that handles secure boot and secure system operation. In addition, a 1x1 dual-band 802.11a/b/g/n Wi-Fi radio subsystem is controlled by a dedicated Andes N9 32-bit RISC core. This subsystem contains radio, baseband and MAC that is designed to allow high throughput applications with great power efficiency.

Operation of the MT3620 security features and Wi-Fi networking are isolated from, and run independently of, end user applications. Only hardware features supported by the Azure Sphere Secure IoT Platform are available to MT3620 end-users. As such, security features and Wi-Fi are only accessible via defined APIs and are robust to programming errors in end-user applications regardless of whether these applications run on the Cortex-A7 or the user-accessible Cortex-M4F cores.

MediaTek is now sampling chips and will have broad product availability by Q3 of 2018.

Azure Sphere will also bring to these new chips a new customized operating system built for IoT security. This OS incorporates a custom Linux kernel that has been optimized for an IoT environment and reworked with security innovations to create a highly secured software environment.

Finally, Azure Sphere will feature a turnkey cloud security service that guards every Azure Sphere device, including the ability to update and upgrade this security protection for a 10-year lifetime of the device. Importantly, Azure Sphere will work alongside any cloud - private or proprietary.

With Azure Sphere, Microsoft is trying to build a new ecosystem, which consists of silicon vendors, original device manufacturers and original equipment manufacturers from a broad range of industries.

Office 365

Microsoft also announced four cloud-based advances that will enable the company's customers to use Microsoft 365 to strengthen their security protection:

A new automated threat detection and remediation tools will help Microsoft's customers streamline the process of identifying and fixing threats before they spread. With Windows Defender Advanced Threat Protection (ATP) automated investigation and remediation capabilities, in the upcoming Windows 10 update, systems can automatically go from alert to investigation to remediation in a fraction of the time it used to take.
Another aspect of responding to security threats involves controlling access to sensitive data without impacting productivity. Microsoft announced a new step today to help ensure that compromised devices can't access sensitive data on a customer's network, by connecting a feature called Conditional Access to Windows Defender ATP for an added layer of device risk-level assessment. It means that Microsoft's customers can now limit access to mission-critical information if risks such as malware are detected at the individual device level, while automatic remediation tools address the problem.
A new and advanced security tool can help Microsoft's customers manage their overall security environment. Microsoft Secure Score provides a single dashboard and summary score that makes it easier for organizations to quickly determine which controls to enable to help protect users, data and devices, as well as compare their results with other organizations with similar profiles using machine learning. 
Intelligence data gets better with additional signals coming in, and so Microsoft is increasing the ability for its customers and partners to collaborate with the company, with one another and with their own customers. Microsoft announced the preview of a new Microsoft Graph security API for connecting to Microsoft products powered by the Microsoft Intelligent Security Graph. The new security API provides an integration point that allows technology partners and customers to enhance the intelligence of their products to speed up threat investigation and remediation. Microsoft also announced the new Microsoft Intelligent Security Association.