Thales, a leader in critical information systems, cybersecurity and data security, announces solutions that deliver security and trust for the Internet of Things (IoT). Designed to authenticate IoT devices and protect IoT data from the point of collection through to aggregated data repositories, Thales’s digital birth certificate, code signing and transparent encryption solutions allow organizations to manage device security and protect data efficiently. Using these foundational elements, organizations can ensure the lifecycle integrity of IoT data and greatly enhance overall trust in their IoT business processes.
The Rise of Digital Birth Certificates
Internet-connected devices, such as implantable defibrillators, industrial control valves and fitness trackers are increasingly making their way onto the market. Business Insider Intelligence projects there will be 34 billion devices connected to the internet by 2020, up from 10 billion in 2015. While a boon for businesses and a convenience for consumers, this connectivity comes with potential security challenges – a concern Thales addresses by providing cryptographic credentials that establish a unique identity for each device. These “digital birth certificates”, based on keys generated within the certified secure confines of the company’s flagship, tamper-resistent nShield HSMs, provide a means to authenticate devices as well as manage their security configuration on an ongoing basis.
Code-Signing: The Antidote to Software Tampering
High-profile malware and APT attacks, such as the Mirai botnet, have drawn attention to the need for a secure process to update firmware on devices in the field. Built on the nShield HSM, the Thales Code Signing solution helps software producers of all types protect their organizations from risks associated with software tampering. By signing code with an HSM-protected key, the authenticity and integrity of firmware updates that deliver new functionality or security patches can be ensured, significantly reducing the risks associated with introduction of malicious code and similar attacks.
Encryption of IoT Backend Data
The Vormetric Data Security Platform also strengthened Thales’s IoT solution set. Customers utilizing Vormetric Transparent Encryption (VTE) technology can protect data-at-rest across a wide range of platforms and environments. Additional unique capabilities including Live Data Transformation provide scalability and transparency that eliminate the pain associated with managing encryption keys on an ongoing basis.
Enterprises such as Samsung, Polycom and Microsemi currently leverage our security solutions for the IoT. We expect this demand will continue to grow, especially as we advance our IoT solutions and services to address security and integrity for a wide range of IoT device types and platforms. Thales solutions will enable organizations to best leverage the capabilities of specific devices to establish and subsequently maintain the level of trust they need – as part of their infrastructure or by partnering with Thales to provide to them in a service model. As we evolve to provide these capabilities as a cloud service, enterprises will have the flexibility to scale their IoT projects securely and adapt to changing requirements.
John Grimm, senior director of IoT security strategy at Thales e-Security
About Thales e-Security
Thales e-Security is the leader in advanced data security solutions and services that deliver trust wherever information is created, shared or stored. We ensure that the data belonging to companies and government entities is both secure and trusted in any environment – on-premise, in the cloud, in data centers or big data environments – without sacrificing business agility. Security doesn’t just reduce risk, it’s an enabler of the digital initiatives that now permeate our daily lives – digital money, e-identities, healthcare, connected cars and with the internet of things (IoT) even household devices. Thales provides everything an organization needs to protect and manage its data, identities and intellectual property and meet regulatory compliance – through encryption, advanced key management, tokenization, privileged user control and high assurance solutions. Security professionals around the globe rely on Thales to confidently accelerate their organization’s digital transformation. Thales e-Security is part of Thales Group.