DigiCert: Scalable, Trusted Security for IoT Systems

Jason Sabin, Chief Security Officer
The exponential growth of devices and objects connected to the web, known as the Internet of Things (IoT), brings with it new business opportunities and lifestyle enhancements, not only for organizations and consumers but also for hackers looking to take advantage of poor security. With large amounts of sensitive data being generated and shared by IoT devices, the need for scalable, trustworthy security has never been greater. One answer comes from a solution that has been working quietly to protect data for a long-time—Public Key Infrastructure (PKI).

DigiCert, the Lehi, Utah-based firm is in the forefront, as the world’s second-largest issuer of high-assurance SSL/TLS certificates for enterprises and emerging markets. As a leader in advancing best practices and innovation for the authentication and encryption markets, DigiCert provides end-to-end security and large-scale certificate management for the IoT.

“DigiCert offers the proven security of PKI at the scale that the IoT ecosystem requires,” says Jason Sabin, Chief Security Officer, DigiCert. “Together with our reputation for excellence and customer focus, we’re seeing many firms approach us for deployments of large quantities of digital certificates to secure their IoT products.”

The IoT market is booming. According to recent reports, by 2020, an estimated 25 billion devices will be connected to the IoT. As these devices become more integrated into everyday living, innovative security solutions are needed to protect end-users from eavesdropping or malicious attacks.

“If correctly implemented, PKI can support security and trust at the enormous scale that IoT ecosystems and networked devices require,” adds Sabin. “PKI provides strong identity authentication and creates the foundation of trust that systems, devices, applications, and users need to safely interact and exchange sensitive data.”

DigiCert’s IoT solutions work for organizations across a wide spectrum of vertical markets, whether those be manufacturing, healthcare, industrial infrastructure, wearables, automobiles.

DigiCert’s all-in-one Managed PKI, cloud-based platform, named CertCentral™, and simplifies certificate management throughout all phases of the certificate lifecycle. The platform also allows users to request and renew certificates in just a few clicks of a mouse and in matter of a few minutes or lesser to save administrators time.
CertCentral also provides real-time monitoring of all digital certificates issued for an organization’s domains to detect fraud and mis-issuance and help assure compliance across the organization. CertCentral’s inspection functions help organizations identify weak configurations to close potential security gaps, and administrators are able to track spending by allocating each certificate to a specific business unit.

If correctly implemented, PKI can support security and trust at the enormous scale that IoT ecosystems and networked devices require

DigiCert’s validation team works round the clock to ensure that customer identities can be thoroughly vetted while issuing certificates faster than any other public CA. Geo locating its data centers around the world helps DigiCert provide the fastest OCSP times, which is the check made by an Internet browser when determining if a digital certificate is legitimate, which improves page load time to keep end-users from abandoning a page.

“DigiCert helps save our customers’ time and manpower, and potentially avoid the devastating consequences of improper configuration of digital certificates,” says DigiCert Vice President of Operations Flavio Martins. “Our expert teams help provide guidance for our customers and simplify IoT certificate management,” adds Martins.

Recently, Plex, one of the leading personal media streaming solutions, collaborated with DigiCert to provide publicly trusted certificates for all Plex media streaming and cloud services. DigiCert’s certificate-based IoT solution allows Plex to provide end-to-end security for tens of millions of Plex media servers and clients, through automated, PKI-based deployments.

“The IoT landscape is quickly advancing, evolving, and more organizations are shifting to DigiCert because we are agile and responsive, and able to innovate with the certificate management solutions that meet their needs,” concludes Sabin. “We’re excited about the future ahead.”

DigiCert News

DigiCert Helps Drive 5G Network Transformation with New IoT Device Manager Features

SINGAPORE - DigiCert, Inc., the worlds leading provider of TLS/SSL, IoT and other PKI solutions, has announced a robust set of features and capabilities in DigiCert“‡ IoT Device Manager that enable telecommunications providers to deploy 5G network services to cloud environments while maintaining security, compliance and performance. Hosted on the DigiCert ONE platform, IoT Device Manager provides support for strong authentication in dynamic, cloud-native environments, as well as scalability and operational integrity.

Todays telecommunication organizations face a variety of similar transformation challenges as they migrate to 5G using cloud data centers. Many are moving from primarily physical environments with primitive authentication techniques, minimal use of cryptography and pre-shared keys. These traditional infrastructures are capital-intensive to scale, inefficient and inflexible, slowing delivery of new services and time to market. Increasingly, they are moving toward more dynamic business models built around a DevOps mindset. These 5G and cloud environments are virtualized, dynamically scalable and enable unparalleled business agility and smooth scalability.

To support their transformation and enable more rapid time-to-market for products, telecommunication providers require a platform designed for todays highly dynamic, cloud-native, modern business models. The platform must provide strong authentication across on-premises and cloud environments, and the ability to perform at scale on the worlds largest networks. It needs to ensure operational integrity to help organizations meet compliance requirements and legal mandates.

IoT Device Manager on DigiCert ONE is built from the ground up to support transformative new models. It delivers:

Robust IoT security, establishing a root of trust through PKI for authentication, encryption and data integrity. A simple identity management tool, it lets organizations assign and manage device identity in large or small volumes at any stage of the lifecycle, operating with total visibility over certificates issued to devices.

Scalability for 5G and cloud environments, with support for a variety of certificate management protocols, including RESTful API, EST, CMPv2 and EST.

Support for broad operational integrity to meet compliance requirements and legal mandates. Utilizing metadata, IoT Device Manager enables a broader integration of tools that previously had been unable to share information and integrate smoothly with one another. By bringing together a diverse array of data from a variety of sources, it enables organizations to gain additional insight and value to support device management.

As telecommunications, manufacturers and other organizations move to increasingly dynamic models, the IoT Device Manager provides the flexibility and rapid scalability they need to support 5G and cloud migration, said DigiCert Senior Vice President of Product Brian Trzupek. DigiCert ONE delivers the features, compatibility and performance our customers need to accelerate their digital transformation and take advantage of compelling new business models.

IoT Device Manager uses a container-based, cloud-agnostic implementation and allows organizations to provision and embed device identity at any stage of the device lifecycle, from the factory to device deployment in a variety of environments. It lets customers simplify device identity, authentication, encryption and integrity with a single click, and marry device data visualization with cryptographic, manufacturing and factory process data. IoT Device Manager supports standards-based interoperability with many third-party manufacturing and provisioning systems.

IoT Device Manager is built on DigiCert ONE, a PKI management platform architected and released in 2020 to be the PKI infrastructure service for today's modern cloud-native challenges. DigiCert ONE offers multiple management solutions and is designed for all forms of PKI. It is flexible enough to be deployed on-premises, in-country or in the cloud to meet stringent requirements, custom integrations and airgap needs. It also deploys extremely high volumes of certificates quickly using robust and highly scalable infrastructure. DigiCert ONE delivers end-to-end centralized user and device certificate management, a modern approach to PKI.


Lehi, UT

Jason Sabin, Chief Security Officer and Flavio Martins, VP of Operations

Leading global certificate authority and provider of managed PKI, SSL and identity authentication services.