Securing a smooth device-to-cloud journey

Every company wants a smooth IoT device-to-cloud journey, as one of the pillars to support their digital transformation, but that is easier said than done. And when you add the security needs, it becomes even harder

By Francis D’Souza on 04 September 2019

Securing a smooth device-to-cloud journey

This article was originally published in the Summer 2019 issue of The Record. Subscribe for FREE here to get the next issue delivered directly to your inbox.

The modern decision chain extends from capturing data at the edge, moving it to where it matters, analysing it – at the edge or in the cloud – to having a feedback loop back to the device in the field. To achieve this, companies need reliable connectivity, cybersecurity and analytics capabilities. That’s why Thales recently acquired digital security company Gemalto, the expert in cellular connectivity, in encrypting data and providing secure authorised access.

Thanks to Thales´s expertise, internet of things (IoT) service providers can secure the complete data-to-cloud journey for the long lifespan of their IoT devices. They get access to a unique offer of its kind, covering four major IoT areas: a wide range of cellular modules (from high-speed long term evolution (LTE) to narrow-band IoT), SIM cards and e-SIMs, providing remote subscription provisioning, security and device lifecycle management services and big data analytics.

Trust in the data generated and exchanged by IoT devices is crucial. Our new connected world means taking benefit from new data access that can be analysed in order to take better informed decisions. But for this to work, the device that is generating data and the data itself need to be trusted. To ensure trust, every device has to have its own unique identification (ID) and credentials, and this should be known to the system that the device is sending data to. The Microsoft Azure IoT cloud will only accept data from trusted IoT devices.

Thales makes over three billion secure unique devices a year in terms of SIM cards, banking cards, passports and digital identities. This secure infrastructure is being extended to being able to put unique, trusted identities into IoT: our Cinterion connectivity modules – which go into IoT devices – embed such identities that will be recognised and trusted by Microsoft Azure IoT. That is a secure foundation for future data exchange, enabling ecosystem partners to digitally authenticate and trust themselves.

On top of cellular modules, specific SIM cards are used, depending on where they are intended for. For example, a SIM card for a phone could not be used in a manufacturing environment with lots of machine vibrations and long operating lifecycles. In such case, we provide industrial-grade e-SIMs, soldered into the machine, which also tremendously simplify manufacturers’ logistics. Our suite of on-demand connectivity services enables manufacturers to download the chosen mobile operator subscription over the air, once the machine has been shipped to its country of operation. This long-life resilience and flexibility of subscription is strongly needed in evolving manufacturing environment.

Once IoT devices are spread in the field and IoT connectivity has been established, IoT devices equipped with our modules are ready-to-connect to the cloud. Pre-embedded IDs and certificates ensure a seamless and secure on boarding to Microsoft Azure IoT: devices sending data are recognised as legitimate ones and advanced encryption mechanisms ensure data has not been manipulated on the way to authorised partners. By doing all this out-of-the-box, Thales dramatically brings down the total cost of ownership for customers connecting their cellular devices to Azure IoT.

IoT devices in the field need to be managed during their lifecycle, which often lasts for years. They require software upgrades and feature additions, all of which are done over-the-air and securely from the Thales Device Management Platform.

Finally, once the device is connected, is sending data to the cloud and the lifecycle is being managed, there is a huge amount of data that is accumulating. In fact, the business case for, and the value of IoT, lies in the data. This is where Thales has an entire business around predictive analytics by a company we have acquired called Guavus. By running these big data analytics, we find out any problems before they occur and also generate monetisable insights for customers using our solutions.

Francis D’Souza is vice president of Strategy Analytics and IoT Solutions at Thales Group