Tag Archives: Congress

IoT security will set innovation free: Azure Sphere general availability scheduled for February 2020

Today, at the IoT Solutions World Congress, we announced that Azure Sphere will be generally available in February of 2020. General availability will mark our readiness to fulfill our security promise at scale, and to put the power of Microsoft’s expertise to work for our customers every day—by delivering over a decade of ongoing security improvements and OS updates delivered directly to each device.

Since we first introduced Azure Sphere in 2018, the IoT landscape has quickly expanded. Today, there are more connected things than people in the world: 14.2 billion in 2019, according to Gartner, and this number is expected to hit 20 billion by 2020. Although this number appears large, we expect IoT adoption to accelerate to provide connectivity to hundreds of billions of devices. This massive growth will only increase the stakes for devices that are not secured.

Recent research by Bain & Co. lists security as the leading barrier to IoT adoption. In fact, enterprise customers would buy at least 70 percent more IoT devices if a product addresses their concerns about cybersecurity. According to Bain & Co., enterprise executives, with an innate understanding of the risk that connectivity opens their brands and customers to, are willing to pay a 22 percent premium for secured devices.

Azure Sphere’s mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices. We believe that for innovation to deliver durable value, it must be built on a foundation of security. Our customers need and expect reliable, consistent security that will set innovation free. To deliver on this, we’ve made several strategic investments and partnerships that make it possible to meet our customers wherever they are on their IoT journey.

Delivering silicon choice to enable heterogeneity at the edge

By partnering with silicon leaders, we can combine our expertise in security with their unique capabilities to best serve a diverse set of customer needs.

MediaTek’s MT3620, the first Azure Sphere certified chip produced, is designed to meet the needs of the more traditional MCU space, including Wi-Fi-enabled scenarios. Today, our customers across industries are adopting the MT3620 to design and produce everything from consumer appliances to retail and manufacturing equipment—these chips are also being used to power a series of guardian modules to securely connect and protect mission-critical equipment.

In June, we announced our collaboration with NXP to deliver a new Azure Sphere certified chip. This new chip will be an extension of their popular i.MX 8 high-performance applications processor series and be optimized for performance and power. This will bring greater compute capabilities to our line-up to support advanced workloads, including artificial intelligence (AI), graphics, and richer UI experiences.

Earlier this month, we announced our collaboration with Qualcomm to deliver the first cellular-enabled Azure Sphere chip. With ultra-low-power capabilities this new chip will light up a broad new set of scenarios and give our customers the freedom to securely connect anytime, anywhere.

Streamlining prototyping and production with a diverse hardware ecosystem

Manufacturers are looking for ways to reduce cost, complexity, and time to market when designing new devices and equipment. Azure Sphere development kits from our partners at Seeed Studios and Avnet are designed to streamline the prototyping and planning when building Azure Sphere devices. When you’re ready to shift gears into production mode, there are a variety of modules by partners including AI-Link, USI, and Avnet to help you reduce costs and accelerate production so you can get to market faster.

Adding secured connectivity to existing mission-critical equipment

Many enterprises are looking to unlock new value from existing equipment through connectivity. Guardian modules are designed to help our customers quickly bring their existing investments online without taking on risk and jeopardizing mission-critical equipment. Guardian modules plug into existing physical interfaces on equipment, can be easily deployed with common technical skillsets, and require no device redesign. The deployment is fast, does not require equipment to be replaced before its end of life, and quickly pays for itself. The first guardian modules are available today from Avnet and AI-Link, with more expected soon.

Empowering developers with the right tools

Developers need tools that are as modern as the experiences they aspire to deliver. In September of 2018, we released our SDK preview for Visual Studio. Since then, we’ve continued to iterate rapidly, making it quicker and simpler to develop, deploy, and debug Azure Sphere apps. We also built out a set of samples and solutions on GitHub, providing easy building blocks for developers to get started. And, as we shared recently, we’ll soon have an SDK for Linux and support for Visual Studio Code. By empowering their developers, we help manufacturers bring innovation to market faster.

Creating a secure environment for running an RTOS or bare-metal code

As manufacturers transform MCU-powered devices by adding connectivity, they want to leverage existing code running on an RTOS or bare-metal. Earlier this year, we provided a secured environment for this code by enabling the M4 core processors embedded in the MediaTek MT3620 chip. Code running on these real-time cores is programmed and debugged using Visual Studio. Using these tools, such code can easily be enhanced to send and receive data via the protection of a partner app running on the Azure Sphere OS, and it can be updated seamlessly in the field to add features or to address issues. Now, manufacturers can confidently secure and service their connected devices, while leveraging existing code for real-time processing operations.

Delivering customer success

Deep partnerships with early customers have helped us understand how IoT can be implemented to propel business, and the critical role security plays in protecting their bottom line, brand, and end users. Today, we’re working with hundreds of customers who are planning Azure Sphere deployments, here are a few highlights from across retail, healthcare, and energy:

  • Starbucks—In-store equipment is the backbone of not just commerce, but their entire customer experience. To reduce disruptions and maintain a quality experience, Starbucks is partnering with Microsoft to deploy Azure Sphere across its existing mission-critical equipment in stores globally using guardian modules.
  • Gojo—Gojo Industries, the inventor of PURELL Hand Sanitizer, has been driving innovation to improve hygiene compliance in health organizations. Deploying motion detectors and connected PURELL dispensers in healthcare facilities made it possible to quantify hand cleaning behavior in a way that made it possible to implement better practices. Now, PURELL SMARTLINK Technology is undergoing an upgrade with Azure Sphere to deploy secure and connected dispensers in hospitals.
  • Leoni—Leoni develops cable systems that are central components within critical application fields that manage energy and data for the automotive sector and other industries. To make cable systems safer, more reliable, and smarter, Leoni uses Azure Sphere with integrated sensors to actively monitor cable conditions, creating intelligent and connected cable systems.

Looking forward

We want to empower every organization on the planet to connect and create secure and trustworthy IoT devices. While Azure Sphere leverages deep and extensive Microsoft heritage that spans hardware, software, cloud, and security, IoT is our opportunity to prove we can deliver in a new space. Our work, our collaborations, and our partnerships are evidence of the commitment we’ve made to our customers—to give them the tools and confidence to transform the world with new experiences. As we close in on the milestone achievement of Azure Sphere general availability, we are already focused on how to give our customers greater opportunities to securely shape the future.

Go to Original Article
Author: Microsoft News Center

New AI laws could impact how HR operates

Legislators in Congress, along with state and local governments, are creating AI laws. This year, California adopted a law regulating chatbots, and Illinois recently approved an AI law affecting video interviewing. Congress is also considering a law requiring firms to fix algorithmic bias. HR will feel the impacts from some of these new laws.

Despite this regulatory uncertainty, businesses are adopting AI technology at a brisk pace, according to a new study by Oracle and Future Workplace LLC. About 53% of all U.S. businesses are using some type of AI technology in the workplace. Globally, the average is about 50%; last year this global average was at 32%.

This is according to a new survey of 8,400 employees, business and HR managers in 10 countries. About 3,000 of the survey respondents are in the U.S.

It’s possible that AI laws could foster adoption of AI by business, said Dan Schawbel, research director at Future Workplace, a New York City-based consultancy. The laws could create better transparency around AI and help provide an ethical framework for its use, he said.

“This is new ground, and it’s going to sort itself out,” Schawbel said. “But I think if there’s a level of transparency within companies about how the data is being used, then people will naturally use it more.”

Businesses may have a lot of work sorting out AI laws that can arrive through Congress, state and even local governments.

This is new ground, and it’s going to sort itself out.
Dan SchwabelResearch director, Future Workplace

For instance, the California law — “Bolstering Online Transparency” or the B.O.T. bill — applies to chatbots that “incentivize a purchase or sale of goods or services in a commercial transaction” or “influence a vote in an election.”

This bill, which became law on July 1, doesn’t appear to impact HR’s use of bots in recruiting, according to AI law attorney K.C. Halm, an attorney at Davis Wright Tremaine LLP in Washington, D.C.

K.C. HalmK.C. Halm

HR bots are only answering questions about the hiring process or facilitating an exchange of information. “It seems unlikely that they would be covered by this law,” Halm said. The exception might be a recruiting chatbot that tries to interest a candidate to also check out the firm’s new product line, he said.

Should HR disclose chatbots, nonetheless?

Another issue for HR is whether, as a matter of course, they should always disclose the use of chatbot technology to candidates.

The use of chatbots is a “great opportunity” for candidate digital marketing, said Elizabeth Mye, global vice president of HR at Intermedia, a business communications provider based in Sunnyvale, Calif. “It’s being done for online shoppers, so why not for candidates?”

But Aye believes that candidates should know when they are interacting with a bot and not a human. “Transparency in informing potential candidates of bot technology use is essential in establishing trust,” Mye said.

“Candidates require an experience where they feel that their future employer will support their best interest and success,” Mye said. “Starting out by hiding or veiling that the candidate is speaking to a computer will not give a candidate assurance that the company is up front, and could set the tone that the only thing that matters is whether they have the right technical skills for the job,” she said. That could sour the candidate on the company, she argues.

But the development of AI laws in states and municipalities is something that businesses will have to pay attention to, Halm said.

San Francisco, for instance, is prohibiting government agencies from using facial recognition technology. New York City has created an Automated Decision Systems Task Force to find a process for reviewing the use of automated decision making systems, which may lead to new AI laws. The task force is due to release a report by year end.

One of the first HR-specific AI laws was recently adopted in Illinois. Starting Jan. 1, businesses that use AI-enabled video to screen job candidates, will be required to let job candidates know that they are using AI, how it works and the characteristics it is examining for.

Federal effort on AI bias 

On the federal level, U.S. Senators Cory Booker (D-NJ) and Ron Wyden (D-Ore.) this year introduced the Algorithmic Accountability Act, which seeks to empower the Federal Trade Commission to write regulations around the use of automated decision making systems. In the House, Rep. Yvette Clarke (D-NY) is also a sponsor.

Specifically, the bill requires firms to assess their use of AI systems “for impacts on accuracy, fairness, bias, discrimination, privacy and security.” The bill, introduced in April, has not made any legislative progress.

“I think we’re collectively all exploring how AI is going to play out in the workplace,” said Emily He, senior vice president of human capital management in the cloud business group at Oracle. There are guidelines that need to be put in place around security and privacy as well as making sure these systems aren’t perpetuating some of the biases made by humans, He said.

But AI technology “is also starting to mimic, in small ways, the way humans think,” He said. “And that for me is huge, because this technology has the possibility of making the workplace more human.”

Go to Original Article
Author:

5G services to headline Mobile World Congress Americas 2018

If it’s September, it’s time for Mobile World Congress Americas. And this year’s conference, scheduled for next week in Los Angeles, will be all about 5G services, wrote Kathryn Weldon, an analyst at GlobalData, based in London.

“Clearly we are closer to actual 5G rollouts, so all vendors and operators that participate in the 5G value chain will be touting their wares, anticipating and touting possible use cases, and amping up the excitement,” she wrote.

Weldon said she does not believe next week’s Mobile World Congress will yield any major product announcements. Instead, she categorized education as the show’s biggest benefit, especially around 5G services.

“Enterprises know little about 5G at this point because they can’t yet see it or buy it. [The conference] should help them envision the kinds of things these new technologies can do for their businesses.”

Among those new capabilities will be enhanced video broadcasting, advanced interactive gaming systems and anything that can benefit from low latency, Weldon said.

5G services won’t be the only technology discussed at Mobile World Congress Americas. The event will also showcase other wireless trends, including low-power WANs, internet of things and, of course, business transformation. What’s a show without some mention of transformation, after all?

Find out what else — beyond 5G services — Weldon said attendees should look for at next week’s Mobile World Congress Americas.

VMware loves the cloud — now

VMware wasn’t always a fan of the cloud, but it sure is now, said Drew Conry-Murray, in a Packet Pushers post.

The vendor pitched its virtual cloud network architecture at last month’s VMworld, with executives telling attendees to make VMware software the foundation for all of their enterprises’ multi-cloud operational requirements — from security to management.

The reason why? The vendor does not want to be cast aside as more applications rely on a public cloud infrastructure that does not require VMware, Conry-Murray said.

VMware’s approach could work, but it won’t be inexpensive. Or easy, Conry-Murray said.

Read Conry-Murray’s other observations about VMware’s embrace of multi-cloud.

Platform wars: The next phase of enterprise security?

Jon Oltsik, an analyst at Enterprise Strategy Group in Milford, Mass., said CISOs are increasingly looking for a single vendor to provide the tools they need to secure their networks.

That may be an efficient way to go, but most enterprises have a dizzying list of security needs they must meet, and finding a security platform capable of supporting all those requirements is not easy.

But that’s where Oltsik and his colleague, Doug Cahill, come in.

The two developed a list of eight attributes they said every cybersecurity platform must offer. Then they interviewed more than 200 cybersecurity professionals to identify the three attributes they consider most important.

Among the attributes cited: ease of management and coverage that includes major threat vectors such as email and web security. Almost 40% of those surveyed said email and web security is a must, while 33% said they needed a platform that offered central management across all products and services.

Find out what else survey respondents had to say about cybersecurity platforms.

Something extraordinary happened in Washington, D.C., yesterday – Microsoft on the Issues

Something extraordinary happened in Washington, D.C., yesterday.

Members of Congress took the same position as members of the European Parliament. The U.S. Chamber of Commerce approvingly quoted a statement by the European Commission. Business groups and big companies agreed with consumer and privacy advocates. Faculty from Harvard joined with professors from Princeton. Professors from Duke joined rivals from the University of North Carolina, while those at Berkeley sided with Stanford. And Fox News agreed with the American Civil Liberties Union.

What’s the occasion for such agreement between so many people with different points of view? It was the filing of amicus briefs with the U.S. Supreme Court in the landmark Microsoft case that will decide whether the U.S. government can use a search warrant to force a company to seize a customer’s private emails stored in Ireland and import them to the United States. On Thursday, 289 different groups and individuals from 37 countries signed 23 different legal briefs supporting Microsoft’s position that Congress never gave law enforcement the power to ignore treaties and breach Ireland’s sovereignty in this way. How could it? The government relies on a law that was enacted in 1986, before anyone conceived of cloud computing.

This is not to say that law enforcement never needs to access emails in other countries. Since we filed this lawsuit in 2013, we’ve said repeatedly that there are times when this is necessary to protect public safety.

But as 51 prominent computer scientists explained in their legal brief yesterday, emails are stored in known physical locations, on hard drives, in datacenter facilities. When the U.S. government requires a tech company to execute a warrant for emails stored overseas, the provider must search a foreign datacenter and make a copy abroad, and then import that copy to the United States. This creates a complex issue with huge international consequences. It shouldn’t be resolved by taking the law to a place it was never intended to go.

If anyone had doubts that this case has international ramifications, they were laid to rest by the list of governments that last month or this week either joined amicus briefs or made public statements supporting key parts of Microsoft’s position. The list includes Ireland, France, the European Commission, European privacy regulators and members of the European Parliament, to name just some of those involved. Supreme Court cases almost never garner this level of engagement from foreign governments and officials.

As these officials have explained, the U.S. Department of Justice’s attempt to seize foreign customers’ emails from other countries ignores borders, treaties and international law, as well as the laws those countries have in place to protect the privacy of their own citizens. As the French government stated on Monday, it’s a path that creates “a significant risk of conflict of laws.” And as the tech sector appreciates all too well, that’s a conflict that will leave tech companies and consumers caught in the middle.

It’s also a path that will lead to the doorsteps of American homes by putting the privacy of U.S. citizens’ emails at risk. If the U.S. government obtains the power to search and seize foreign citizens’ private communications physically stored in other countries, it will invite other governments to do the same thing. If we ignore other countries’ laws, how can we demand that they respect our laws? That’s part of why public interest groups, such as the Brennan Center for Justice and the Reporters Committee for Freedom of the Press, are watching this case so closely.

The DOJ’s position also bodes ill for the U.S. economy and American jobs. Right now, U.S. companies are world leaders in providing cloud services. That leadership position is based on trust. But if the U.S. government can assert this type of unilateral power to reach into datacenters that are operated by U.S. companies in other countries, foreign countries and foreign customers will question their ability to trust American companies.

Ultimately the courts – including the Supreme Court – can decide only whether the DOJ’s approach passes muster under current law. That’s a blunt instrument. The courts are not able to write a new law. Under our Constitution, only Congress can do that, using its tools to craft a nuanced solution that balances all the competing concerns by enacting a statute for the 21st century.

Everyone on both sides of this case agrees that these are real problems that need real solutions. But they need to be crafted with a scalpel, not a meat cleaver.

And as so many groups across the political spectrum and countries now agree, let’s hope the Supreme Court leaves it to Congress to do just that.

Find all 23 amicus briefs here.

Find the full list of signatories here.

Microsoft’s brief can be viewed here.

Tags: data privacy, datacenters, U.S. Supreme Court, warrant