I recently bought a new laser printer for my home. I got it out of the box, connected the USB cable and plugged it into my PC. A few minutes later the driver software had automatically installed, and I was up and running. I was struck by how different this “plug & play” experience was from that of most Internet of Things (IOT) devices in which deployment can be time consuming, expensive and insecure. But it doesn’t have to be this way.
At Intel, we work closely with the industry to find new ways to solve common challenges. Today we are joining the FIDO Alliance in announcing a new, open IoT protocol to simply and securely onboard any IoT device. With IoT spending expected to reach $1.2 trillion in 2022, this new standard could save the industry from a lot of frustration and unnecessary security risks. It’s an important first step in addressing the security gaps that currently exist in IoT deployment within enterprise and industrial environments.
Currently, IoT device deployment involves the installation of the physical device and the setup of credentials or passwords so that it can securely communicate with its target cloud or platform. This onboarding process is usually done manually by a technician – a process that is slow, expensive, and insecure. In fact, it is not uncommon for the cost of installation and setup to exceed the cost of the device itself.
This is widely recognized as a problem. A recent survey of both providers and enterprise users found that infrastructure breaches are a serious concern, with 85% reporting that security concerns remain a major barrier to IoT adoption. Nearly two-thirds (64%) of respondents stated that end-to-end IoT security is their top short-term priority.
Although multiple companies have worked to automate the onboarding process, until now, there has not been a widely accepted industry standard. Many solutions that do exist require that the end customer be known at the time of the device manufacture so that the device can be pre-configured. This creates unnecessary friction and cost in the supply chain.
To address these security challenges, Intel and over 30 companies from around the world came together two years ago to form the FIDO Alliance IOT Working Group. The FIDO Device Onboard (FDO) protocol is a new, open IoT protocol that will enable industrial IoT devices to leverage public key cryptography to help simply and securely onboard IoT devices to any cloud or on-premises management platform without the need for human intervention. The business benefits of the FDO standard include:
- Simplicity – Fast and more secure zero touch onboarding that integrates readily with existing onboarding solutions. Businesses no longer must pay for complex, manual technical installations.
- Flexibility – Can be used with almost any hardware. A single device SKU can be onboarded to almost any cloud platform, thereby greatly simplifying the device supply chain.
- Security – Leverages an “untrusted installer” approach, which means the installer no longer needs to have access to any sensitive credential or password information to onboard the device.
Through this industry-led effort, we will continue to refine the FIDO open standard to help ensure that it is low-friction and easy to deploy. As a founding member of the FIDO Alliance, we’re proud to help lead the way to reduce the world’s reliance on passwords and replace it with simple, scalable and automated methods that make our collective IoT ecosystem more safe and secure as deployments scale worldwide.
Richard Kerslake is general manager of Industrial Controls and Robotics in the IoT Group at Intel Corporation. He is also co-chair of the FIDO Alliance’s IoT Technical Working Group.