FIDO’s new open IoT standard for device onboarding helps tackle security issues

A new open IoT standard called FIDO Device Onboard (FDO) aims to address the security issues with adding devices to both cloud and on-premise management platforms.

FDO was announced by the FIDO Alliance today to address “challenges of security, cost, and complexity tied to IoT device deployment at scale”.

Touted benefits of the FIDO Device Onboard standard include:

  • Simplicity – Businesses no longer have to pay more for the lengthy and highly technical installation process than they do for the devices themselves. The highly automated FDO process can be carried out by people of any level of experience quickly and efficiently.
  • Flexibility – Businesses can decide which cloud platforms they want to onboard devices to at the point of installation (as opposed to manufacture). A single device SKU can be onboarded to any platform, thereby greatly simplifying the device supply chain.
  • Security – FDO leverages an “untrusted installer” approach, which means the installer no longer needs – nor do they have access to – any sensitive infrastructure/access control information to add a device to a network.

Andrew Shikiar, Executive Director and CMO of the FIDO Alliance, said:

“The FIDO Device Onboard standard released today builds on the Alliance’s ongoing efforts to help close the security gaps that currently exist on the web, by expanding this work into IoT applications.

Businesses recognise the huge potential of the IoT and the enormous benefits it can bring to manufacturing, retail, healthcare, transportation, logistics and more. The paradigm needs to shift immediately so we can move IoT technologies ahead with safer, stronger and more secure means of authentication for these important uses in industrial and commercial environments.”

The FIDO Alliance now features over 250 of the most innovative companies and government agencies around the world.

Dr Mohammad Zoualfaghari, Research Manager and IoT Architect at BT, said: “FDO is a revolutionary standard, leveraged by BT’s Zero Touch Onboarding (ZTO), which can address a critical need for the IoT, Edge Compute and 5G industries and help them to scale up securely and fully automated, from the manufacturer to the consumer, from the device to edge, and from edge to the cloud.”

Dave Kleidermacher, VP of Android Security & Privacy at Google, added: “The work the FIDO Alliance is doing to address phishing by closing security gaps on the web would not be possible without industry collaboration and standardisation. It’s a natural fit for the FIDO Alliance to use these same tools to address the threats against IoT infrastructure.

“As a board member of the FIDO Alliance since its earliest days, Google is proud to have contributed to this new standardisation effort to better secure IoT.”

A recent Omdia survey of 170 IoT leaders found that 85 percent believe security concerns are still a major barrier to adoption. 64 percent say end-to-end IoT security is their main short-term priority.

Christine Boles, VP of the Internet of Things Group and GM of the Industrial Solutions Division at Intel, said: “Implementation of the FDO standard will enable businesses to truly take advantage of the full IoT opportunity by replacing the current manual onboarding process with an automated, highly secure industry solution.”

The FDO standard is initially targeted at industrial and commercial applications.

Developers can view and download the FDO specification here.

(Image Credit: Gerd Altmann via Pixabay)

Interested in hearing industry leaders discuss subjects like this? Attend the co-located 5G Expo, IoT Tech Expo, Blockchain Expo, AI & Big Data Expo, and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London, and Amsterdam.

Tags: cybersecurity, fdo, featured, fido, fido alliance, infosec, internet of things, IoT, security, standard

Source link