How Microsoft is taking cloud-powered innovation beyond Earth with Azure Space

The space community is growing rapidly and Microsoft’s Space team is developing capabilities and services to meet its needs for extended connectivity across the world, simulated digital space environments, and ways for dealing with the huge amount of data generated from satellites.

Stephen Kitay – the Former Deputy Assistant Secretary of Defense for Space Policy and now Senior Director at Microsoft Azure Space – shared with Help Net Security how the company is helping drive innovation both on the ground and in orbit.

To a certain extent, space cybersecurity is unexplored territory because we’re implementing some things for the first time. How is Microsoft leveraging its decades of experience to help build a foundation for information security in this area?

With the enormous challenges space presents, there also comes great opportunity. The space community is growing rapidly, and innovation is lowering the barriers of access for public and private sector organizations.

Microsoft has a unique optic into emerging threats based on analysis of over 8 trillion threat signals daily by a team of more than 3,500 global security experts. Microsoft’s unparalleled threat vantage point provides our customers with world-class threat detection technologies including those built into Azure, Windows, and Microsoft 365.

We continue to explore innovative ways to apply these solutions toward protecting space systems. This level of investment and expertise from Microsoft will help support the mission of the Space ISAC to enhance the space community’s ability to detect threats, bolster protections, and develop defense strategies.

Recently, the Space Information Sharing and Analysis Center (ISAC) announced Microsoft has become a founding member. What are your long term goals?

The goal of the Space ISAC is to enhance the community’s ability to prepare for and respond to vulnerabilities, incidents, and threats; disseminate timely information, and serve as the primary communications channel for the space sector. Microsoft joins this organization as a member with the same goal of advancing the protection of space-based critical assets vital to government agencies and the global economy.

As the first hyperscale cloud service provider to join this member organization, we will share our unique global threat insights to protect critical infrastructure and strengthen cybersecurity expertise in the space community.

Satellite diagram for Microsoft Azure Space

What is Azure Space and why was it created? How did you envision never-before-seen security challenges when building it?

Space makes connectivity and compute increasingly attainable across industries like agriculture, energy, telecommunications as well as across the public sector. At Microsoft, we share this ambition to grow the community, which is the basis for Azure Space.

We are diligently working to make Azure the platform of choice for the mission needs of the space community, bringing our unique global threats insights to protect critical infrastructure and strengthen cybersecurity expertise in the space industry.

Azure Space is a set of innovative offerings, a partner ecosystem and a global strategy focused on specific core areas to addresses never-before-seen security challenges. These areas include:

• Innovation in our product offerings: Microsoft also offers a diverse set of security solutions designed to shrink the attack surface for hosted solutions that are constantly updated to reflect our threat intelligence insights. This includes numerous cloud-native security solutions such as zero trust and security event information management solutions. Microsoft also offers threat experts for monitoring, analysis, and hunting.
• Innovation through partnerships: We are building an ecosystem of top space companies to provide a multi-orbit (low earth orbit, medium earth orbit, and geosynchronous orbit), multi-band, multi-vendor, cloud-enabled capability to bring comprehensive and resilient satellite connectivity solutions to meet the needs of our customers.
• Innovation in our investments in people: It is said that a company is only as good as its people. In our space efforts, we’ve brought together a team of diverse experts who’ve worked across major space initiatives in both the private and public sectors to work through evolving challenges and opportunities in space.

Azure Orbital

Azure Orbital is a Ground Station As-a-Service that provides communication and control of a satellite. What are its main features? What types of satellites can it communicate with?

The new ground station service enables satellite operators to communicate to and control their satellites, process data, and scale operations directly with Microsoft Azure.

With Azure Orbital, the ground segment, including the ground stations, network, and procedures, becomes a digital platform now integrated into Azure and complemented by many partners, such as Amergint, Kratos, KSAT, Kubos, Viasat, SES, and US Electrodynamics among them – each bringing their own unique value and expertise.

Azure Orbital brings satellite data directly into Azure, where it can immediately be processed with market-leading data analytics, geospatial tools, machine learning, and Azure AI services. Additionally, we offer interconnection of existing ground stations and colocation of dedicated antennas close to our network PoPs or Datacenters. Orbital enables our customers to take full advantage of the Microsoft global network and services infrastructure to build new product offerings and service chains with the edge, 5G, SD-WAN, and AI while continuously optimizing your operations and footprint.

Azure Virtual Networks are isolated, highly secure, and governed by Microsoft’s more than 90 compliance certifications covering applications and datasets.

Artist rendering of Azure Modular Datacenter, a self-contained unit featuring all critical infrastructure required to run high-performance compute applications

Azure Modular Datacenter is a complete, rugged datacenter solution. How does it tackle modern security challenges?

We designed the Azure Modular Datacenter (MDC) for customers who need cloud computing capabilities in hybrid or challenging environments, including remote areas.

A major differentiator for MDC is that customers can run the unit with full network connectivity, occasionally connected or fully disconnected. The connectivity for these customers is achieved through a network high availability module which continuously evaluates network performance.

In the event of a network disruption, the network high availability module will move traffic from the impacted network to a backup satellite connection. This resiliency ensures continued delivery of essential hyperscale services through Azure, backed by Microsoft’s compliance and security standards. Alternatively, MDC can use satellite communications as the primary connection where no other network is available.