It's estimated that by 2025, there will be more than 41 billion connected IoT devices, or "things" in the world generating 79.4 zettabytes (ZB) of data. That’s a dizzying amount of data sent to both public and private IoT clouds, to help people make better decisions ultimately.
However, for the information to be truly valuable, all that data needs to be strongly protected.
Device authentication and seamless onboarding to cloud platforms
Leveraging digital security expertise that comes from delivering more than three billion secure devices every year, the Thales Secure Services offer, part of a broader array of IoT services.
It is the only solution of its kind to safeguard the complete data-to-cloud journey for the lifetime of devices.
The result?
The zero-touch, four-part offer ensures devices remain protected, and data remain secure on the journey to remote platforms.
The four elements of our offer
1. Thales generates and embeds unique device IDs during manufacturing
Before customers even begin to think about security strategy, Thales has already laid the foundation for secure devices and data exchange.
This foundational step is achieved by embedding trusted digital IDs and credentials into the root of Cinterion cellular connectivity modules during manufacturing.
The secure Cinterion modules are used to connect future IoT devices. This eliminates the need for IoT solution developers to deploy their secure production facilities while simultaneously defending against device cloning or ID theft in unsecured environments.
Securely embedded digital device IDs and credentials provide a robust security foundation for future device authentication, secure data exchange and remote device updates.
2. Thales simplifies and secures device activation and cloud platform onboarding
With a strong security foundation already built-in, devices are securely and quickly activated remotely when in the field.
Embedded keys and credentials are used to simplify enrollment significantly in any IoT cloud platform by leveraging the Thales Trusted Key Manager.
The TKM solution ensures that IoT devices and pre-embedded IDs and credentials are recognized as trustful elements by legitimate partners.
What does this mean?
Devices are automatically recognized by external platforms at first activation, allowing immediate and efficient operations.
From that point on, mutual authentication and trust are established for all future data exchange.
3. Thales ensures data confidentiality and integrity
Pre-embedded device IDs and encryption keys are used to encrypt and digitally sign any data generated and sent by connected devices.
This process ensures data confidentiality – that data is protected against unauthorized access and always remains in legitimate hands.
There's more.
It also confirms data integrity – that data is accurate and has not been manipulated.
4. Thales manages secure over-the-air updates
Many IoT devices are built for longevity and should be able to operate reliably for a decade or more.
Just like smartphones and laptops, IoT devices require software upgrades, feature additions, and security updates to cope with emerging cyber threats as well as new security regulations.
Our Trusted Key Manager platform leverages encryption and digital signature schemes to make sure that these updates are performed securely, over-the-air.
Secure remote updates eliminate the need for onsite support by maintenance teams, which tremendously reduces costs, particularly for large, geographically dispersed fleets.
However, when physical maintenance cannot be avoided, the Trusted Key Manager provisions temporary credentials enabling access for repairs and support for a limited period. When the time limit is up, credentials are automatically revoked.