Intel and the Fido Alliance have announced an open IoT protocol to onboard any IoT device simply and securely.

With IoT spending expected to reach $1.2tn in 2022, this standard could save the industry from a lot of frustration and unnecessary security risks. It’s a first step in addressing the security gaps that exist in IoT deployment within enterprise and industrial environments.

“I recently bought a new laser printer for my home,” said Richard Kerslake, general manager of Intel’s industrial controls and robotics and co-chair of the Fido Alliance’s IoT technical working group. “I got it out of the box, connected the USB cable and plugged it into my PC. A few minutes later the driver software had automatically installed, and I was up and running. I was struck by how different this plug-and-play experience was from that of most IoT devices in which deployment can be time consuming, expensive and insecure. But it doesn’t have to be this way.”

Currently, IoT device deployment involves the installation of the physical device and the setup of credentials or passwords so it can securely communicate with its target cloud or platform. This onboarding process is usually done manually by a technician – a process that is slow, expensive and insecure. It is not uncommon for the cost of installation and setup to exceed the cost of the device itself.

This is widely recognised as a problem. A recent survey of providers and enterprise users found infrastructure breaches were a serious concern, with 85% reporting that security concerns remain a major barrier to IoT adoption. Nearly two-thirds (64%) of respondents said end-to-end IoT security was their top short-term priority.

Although multiple companies have worked to automate the onboarding process, until now there has not been a widely accepted industry standard. Most technology that does exist requires the end user be known at the time of the device manufacture so the device can be pre-configured.

“This creates unnecessary friction and cost in the supply chain,” said Kerslake.

To address these security problems, Intel and more than 30 companies from around the world came together two years ago to form the Fido Alliance IoT working group. The Fido Device Onboard (FDO) protocol is a new, open IoT protocol that will enable industrial IoT devices to leverage public key cryptography to help simply and securely onboard IoT devices to any cloud or on-premises management platform without the need for human intervention.

The business benefits of the FDO standard include:

• Simplicity – Fast and more secure zero touch onboarding that integrates readily with existing onboarding. Businesses no longer must pay for complex, manual technical installations.
• Flexibility – Can be used with almost any hardware. A single device SKU can be onboarded to almost any cloud platform, thereby simplifying the device supply chain.
• Security – Leverages an untrusted installer approach, which means the installer no longer needs to have access to any sensitive credential or password information to onboard the device.

“Through this industry-led effort, we will continue to refine the Fido open standard to help ensure that it is low-friction and easy to deploy,” said Kerslake. “As a founding member of the Fido Alliance, we’re proud to help lead the way to reduce the world’s reliance on passwords and replace it with simple, scalable and automated methods that make our collective IoT ecosystem more safe and secure as deployments scale worldwide.”