IIC publishes best practices whitepaper on automated device onboarding and provisioning

The Industry IoT Consortium (IIC) has published the Automated Onboarding and Device Provisioning Best Practices whitepaper.

The paper aims at helping system integrators, service providers and those who implement industrial IoT solutions. It offers security best practices and standards for automated device onboarding and provisioning.

“Endpoint security protection is a challenging area for the industrial IoT,” said Keao Caindec, chair of the IIC’s security working group and CEO and principal analyst at Farallon Technology Group. “Devices deployed in the field may not have the necessary computing power or hardware compared to their counterparts sitting in the central office. Organizations must vet any equipment added to the network when onboarded through device or equipment provisioning.”

IIC explains that IoT devices are deployed on the remote edge of the service area and are more vulnerable due to their visibility, limited hardware and software capabilities. The devices require services to ensure end-to-end security protection to mitigate risks and defend against malicious attacks.

“Security-by-design is the best and most straightforward approach to secure a system because organizations can embed security at the beginning of the concept, architecture, and design process. We hope this paper will serve as a guide in the area of life cycle management of secure identities, especially provisioning from device production through owner change and into service, all while doing this at scale,” said John Fornehed, lead author of the IIC whitepaper, Expert IoT Technologies, Ericsson.