It's estimated that by 2025, there will be more than 41 billion connected IoT devices, or "things," in the world generating 79.4 zettabytes (ZB) of data. That’s a dizzying amount of data sent to both public and private IoT clouds, to ultimately help people make better decisions. However, for the information to be truly valuable, all that data needs to be strongly protected.
Trust in IoT data is vital to the success of the IoT ecosystem
Leveraging digital security expertise that comes from delivering more than three billion secure devices every year, the Thales Secure Services offer is the only solution of its kind to safeguard the complete data-to-cloud journey for the lifetime of devices. The zero-touch, four-part offer ensures devices remain protected and data remain secure on the journey to remote platforms.
The four elements of our offer
1. Thales generates and embeds unique device IDs during manufacturing
Before customers even begin to think about security strategy, Thales has already laid the foundation for secure devices and data exchange. This is achieved by embedding trusted digital IDs and credentials into the root of Cinterion cellular connectivity modules during manufacturing. The secure Cinterion modules are used to connect future IoT devices which eliminates the need for IoT solution developers to deploy their own secure production facilities while simultaneously defending against device cloning or ID theft in unsecure environments.
Securely embedded digital device IDs and credentials provide a solid security foundation for future device authentication, secure data exchange and remote device updates.
2. Thales simplifies and secures device activation and cloud platform onboarding
With a strong security foundation already built-in, devices are securely and quickly activated remotely when they are installed in the field. Embedded keys and credentials are used to greatly simplify enrollment in any IoT cloud platform by leveraging the Thales Trusted Key Manager.
The TKM solution ensures that IoT devices and pre-embedded IDs and credentials are recognized by legitimate partners as trustful elements. This means devices are automatically recognized by external platforms at first activation, allowing immediate and efficient operations. From that point on, mutual authentication and trust are established for all future data exchange.
Device authentication and seamless onboarding to cloud platforms
3. Thales ensures data confidentiality and integrity
Pre-embedded device IDs and encryption keys are used to encrypt and digitally sign any data generated and sent by connected devices. This ensures data confidentiality – that data is protected against unauthorized access and always remains in legitimate hands. It also confirms data integrity – that data is accurate and has not been manipulated.
4. Thales manages secure over-the-air updates
Many IoT devices are built for longevity and should be able to operate reliably for a decade or more. Just like smartphones and laptops, IoT devices require software upgrades, feature additions, and security updates to cope with emerging cyber threats as well as new security regulations. Our Trusted Key Manager platform leverages encryption and digital signature schemes to make sure that these updates are performed securely, over-the-air.
Secure remote updates eliminate the need for onsite support by maintenance teams, which tremendously reduces costs, particularly for large, geographically dispersed fleets. However, when physical maintenance cannot be avoided, the Trusted Key Manager provisions temporary credentials enabling access for repairs and maintenance for a limited time period. When the time limit is up, credentials are automatically revoked.
By leveraging embedded device IDs and credentials, Thales helps protect customer devices and their data sent to external platforms. By delivering inherent device features out-of-the-box, Thales dramatically reduces TCO for customers while securing the ecosystem from end-to-end.