The new IoT Identify Platform from GlobalSign can generate 3,000 certificates per second, which the vendor boasts is the fastest on the market. Most IoT-based public key infrastructure (PKI) applications won’t need anywhere near that throughput, but rapid manufacturing of electronic components such as trusted platform modules can demand hundreds of certificates per second. As IoT adoption increases, the headroom will come in handy. “[The capacity] is not something that’s required right now, but we are thinking about the future, as well,” said Nisarg Desai, director of product management at GlobalSign.
Catering primarily to Fortune 500 companies, PKI infrastructure specialist GlobalSign has a growing number of manufacturing customers interested in integrating security into products during manufacturing. “We have a couple of large customers who are integrating our technology right into the secure elements in the fab,” Desai said. “We have seen a change over the last year or so.”
A central feature of the platform is a feature known as IoT Edge Enroll, which supports mutual authentication between devices and systems and protects against eavesdropping and data manipulation. For applications needing a device identity issuance engine, there’s IoT CA Direct. Finally, a feature known as IoT CA Connect is suited for environments using a third-party tool and identity management platform.
GlobalSign’s IoT Identity Platform can support billions of identities for IoT devices across verticals and both new and legacy deployments. The IoT-focused PKI infrastructure platform also has provisions for lifetime maintenance, certificate renewal, decommissioning and transfer of ownership.
Because many enterprise companies with IoT proofs-of-concept don’t focus on security initially, GlobalSign is also committed to educating its customer base. “Most people do not think of security from the get-go,” Desai said. “They don’t even think of security in the middle. They think of security at the very end.” But bolt-on security approaches or, worse, a reactive strategy tend to be ineffective and inefficient. “It is tough to try and convince companies to adopt a security-by-design approach, which is why education is important. We participate in various initiatives to promote security standards and best practices,” he added. “But we’re slowly seeing the market move towards a ‘let’s-think-of-security-before-we-release’ mindset.”
To help incentivize that transition, GlobalSign has a developer program dedicated to helping incentivize integration of PKI certificates into proof-of-concept IoT projects. “We are going to launch a 2.0 version of this program later this year where you’re allowing developers to come to our website, sign up for software services free of cost, and start using a limited number of certificates from GlobalSign within their products,” Dessai said.
The approach requires patience. IoT PoCs can drag on for months or even years. “If people start implementing it in a PoC today and then decide to go into deployment, we are maybe 12 to 24 months away from seeing some of the benefits in secure deployments,” Dessai said.
GlobalSign also observed a general increase in interest in cybersecurity from its enterprise customers. “More companies are either differentiating [themselves on the market] based on security or need to follow a compliance requirement for security — either because of self-regulation or as a result of a standard,” Desai explained. “Or they are simply becoming more security aware and more security mature.”