Learning a new language, creating safer protocols, and designing new software summarizes an internship for BYU student, Logan Thorneloe. A Computer Engineering student, Thorneloe recently finished an internship at Microsoft this summer. He worked on the Cloud and AI security team.
One of Microsoft’s largest products is called Azure. Azure is a cloud platform that provides software and infrastructure as a service to consumers. Azure is a complex platform that requires security protocols. Thorneloe spent his internship working on securing Azure.
Thorneloe explained this platform and the security measures: “There’s a lot that goes into [security]. The cloud has a lot of layers of abstraction; it starts at the cloud—it’s like a very large, geographically-distributed computer. It’s the computer that runs things and stores things. Then it goes all the way up to the user interface—how the user interacts with the cloud. And at each step, there are security measures taken so hackers can’t compromise anything.”
Hackers can be a large issue for Azure. If hackers break into the cloud, they can change basic and important controls on it.
Thorneloe said, “It’s really important that hackers don’t get all the way down to the lowest level of the cloud, or the rack as it’s called, because once they’ve gotten down to that level, they can take control of anything within Azure. For instance, if they were to get all the way to the rack, they can turn off the computer fans and the computer would overheat and be lost.”
To prevent this loss, Thorneloe had many responsibilities. In order to create safer protocols, Microsoft is working on switching some security components from C++ to a newer language called Rust, which is significantly more memory-safe. Thorneloe was tasked with helping make this transition.
He explained, “I’m developing a software component in Rust that will help security engineers monitor the rack. It will allow them to take output from the code that checks the status of the rack and put it into a monitoring database. Then a security engineer can monitor the database to see if something’s wrong. If there’s something wrong, they can fix it.”
Discovering these issues and learning the new language proved to be beneficial to the project as a whole. Thorneloe was the only one on his team who knew the language. He expressed that it required self-motivation and persistence: “being given the responsibility of learning a new language and to implement it into production code, that’s really taught me to be self-motivated, to be driven, and to be able to troubleshoot things on my own and use the resources that have been provided to me.”
Wrapping up the internship, Thorneloe is happy with the experience and all he has learned from it.
He said, “I’ve really enjoyed it. It’s a job where I’m not looking at the clock all day waiting until it’s time to go home. It’s showed me that I’m able to learn and it’s intellectually enlarging. It’s something I enjoy.”