Security Provisioning Moves Out Of The Factory
By: Bryon Moyer
Programmable options could have big impact on supply chain readiness.
“The IT approach to provisioning IoT devices has primarily been manual, or required multiple human touches,” said Simon Rance, head of marketing at ClioSoft. “But multi-touch on-boarding isn’t getting us to the promised 50 billion connected devices by 2020, which has come and gone. Looking at why, retrospectively, it screams the need for a secure and privacy-driven zero-touch on-boarding methodology for IoT devices.”
[...]
“There needs to be some type of verification of code prior to deployment,” said John Hallman, product manager for trust and security at OneSpin Solutions. “What’s common practice is to put the update into some type of sandbox environment and let users test out the new updates and run it in that isolated environment prior to releasing it into a real-time environment. With SolarWinds, there was a two-week period it was there. There is no standard time frame for how long that should last, and it varies from company to company. But being able to do that transparent, independent assessment prior to deployment is very key.”