Internet of Things 06-09-2021

Why Use PKI to Secure IoT Devices to The Cloud

Mike Nelson

More and more companies are adopting cloud solutions for their internet of things (IoT) devices. The IDC estimates there will be more than 55 billion connected devices by 2025. While the benefits of connecting IoT devices to the cloud are promising, managing and securing a growing web of connected devices is no easy feat.

Recognizing this, President Biden included IoT security in a recent executive order, tasking the Secretary of Commerce, the director of NIST, the chair of the Federal Trade Commission (FTC) and representatives of other agencies as the director of NIST deems appropriate, to identify IoT cybersecurity criteria for a consumer labeling program within the next 270 days.

The majority of these devices will be connected to cloud services like Microsoft Azure, Google IoT, AWS IoT, etc., where large amounts of data are easily stored and managed. However, implementing strong security measures at this scale is challenging and if the challenges are not met, it could lead to disaster.

Why the cloud for IoT?

With a growing network of connected devices, companies are adopting cloud solutions because it is faster, easier and lower cost to track devices and maintain interoperability between systems.

Using cloud services is ideal for managing devices because the cloud offers:

  • Storage and analysis for large amounts of data
  • Remote access and operation
  • Scalability
  • Ability to compare data across different areas
  • Decreased cost
  • Data mobility
  • Interoperability

However, with the growth of IoT devices connecting to the cloud, the attack surface has increased exponentially so that companies need to secure the devices at every potential point of attack.

Security threats to IoT devices in the cloud

Traditional networks have a physical parameter that virtual deployments do not, so implementing a method for verifying authenticity and establishing encrypted sessions is even more important in cloud environments. Connected devices and systems have to be secured properly, so that hackers, hostile governments and competitors cannot gain access to sensitive information or disrupt operations. Specifically, we notice the following three most common threats to the security of the cloud.

Need for strong authentication

Operating in a cloud environment means the devices and users are no longer contained within segmented protected networks which are under direct control of the enterprise, therefore, they need strong authentication to balance this.

Protect operational Integrity

Breaches in the cloud are most often due to poor authentication, weak passwords and/or poor certificate management. Additionally, the cloud opens up many attack vectors that companies need to be prepared for.

Maintaining security at scale

Finally, as their usage grows, companies need solutions that will scale with them and provide the same level of ease with a few dozen to a few million devices.

One of the most common and trusted solutions to solve these challenges is public key infrastructure (PKI).

PKI can secure the cloud

PKI has secured websites for decades, and it can also secure cloud connections. PKI provides integrity and can authenticate devices, services and users and can encrypt connections to the cloud. Additionally, PKI is flexible enough to keep up with the expanding infrastructure as organizations scale their cloud usage.

At DigiCert, we have a proven track record of providing PKI solutions to secure digital trust. We have employed our vast experience in PKI to provide solutions to security challenges common to adopting cloud deployments. We have PKI-based solutions for cloud migrations that enable strong security for communications with the cloud, cloud storage, containerization, orchestration and DevOps. We can support a dynamic cloud environment from a strong authentication perspective through digital certificates, while supporting operational integrity, and all at scale.

DigiCert ONE™ can help organizations manage their PKI all in one place, and with DigiCert® DigiCert® IoT Trust Manager, enterprises can manage device security with ease and will be able to integrate with a variety of cloud providers including Microsoft Azure, Google IoT, AWS IoT and more.

About DigiCert IoT Trust Manager

DigiCert IoT Trust Manager provides flexible and scalable certificate management for device identity that can connect to any cloud provider. DigiCert IoT Trust Manager is a comprehensive, automated workflow for companies to manage certificate-based security for their IoT devices, during manufacturing and at the edge. It offers the control and efficiency required for a network of connected devices. Administrators can monitor the entire certificate lifecycle, store and report on device metadata, and facilitate secure updates.

Rather than building and maintaining a self-managed PKI, companies can take advantage of the solutions DigiCert has built into DigiCert IoT Trust Manager to automate PKI deployment, making it easy to manage any scale of devices. Because DigiCert IoT Trust Manager is part of DigiCert ONE, it has the flexibility to be deployed on-premises, in-country or in the cloud to meet stringent requirements, custom integrations and airgap needs.

Learn more about DigiCert IoT Trust Manager and how to integrate it with cloud services like Microsoft Azure for stronger authentication, encryption and data integrity at


3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories


Pioneering the next wave of secure digital solutions 


4 best practices for bulk email senders



Driving digital trust with SOC 2-compliant DNS