CRN Exclusive: Comodo Doubles Down On IoT With New Partner Program, IoT PKI Security Platform

Comodo on Tuesday unveiled a new IoT security platform that will help manufacturers manage their connected devices better, and they want to create buzz for this new offering via a new partner program.

The Clifton, N.J.-based company announced a new public key infrastructure (PKI) platform for IoT devices and networks that will allow device manufacturers and network providers to issue and manage PKI and SSK certificates for private IoT ecosystems.

"I really want Comodo's security offerings to grow, I want them to be easy to use and I want to invest in the user experience so we know how they want to manage things," Damon Kachur, head of IoT solutions at Comodo, told CRN. "We want to leverage partners' technologies and marketing promotions … I welcome partners to come in and bring their technology that is beneficial to ecosystems. We're off to a good start."

[Related: IoT Channel Chronicles: Avid Solutions Wants To Help Manufacturers Quickly -- And Safely -- Connect Their Systems To The Network]

The company is issuing device certificates that can protect devices from the moment they are manufactured until they are pulled offline, said Kachur. The new platform will allow manufacturers to rotate the public key infrastructure on devices, rather than the traditional process of issuing one PKI certificate to a device for its entire life.

"I've seen customers left in the wild after they find vulnerabilities on their devices because it's too expensive for manufacturers to go to the device and revoke the PKI," said Kachur. "We wanted to enable a full lifecycle management platform for the device from a single console … and we want to go out and partner around this platform."

Comodo will continue to flesh out its IoT security platform by integrating with its C-Watch technology, which enables companies to check for malware and viruses through analytics, and then quarantine infected devices. This technology will be ready to demo as part of the platform in December, according to the company.

Comodo has partnered with several companies, including Device Authority, enabling the company to interact with and manage device certificates for their entire lifecycle, creating a new level of consistent, IoT device security.

The company will also look for silicon partners – including silicon manufacturers and SIM providers to "get customers the security they need along with the embedded world," said Kachur.

Comodo has increased its investments into securing connected devices through building up its portfolio of mutual-authentication solutions for IoT devices and networks. The company last year introduced the Comodo Certificate Manager, a full-lifecycle digital certificate management platform that helps enterprises can better manage their IoT devices.

Kachur stressed that Comodo would continue to involve partners in its strategy as the company extends its IoT security capabilities, particularly around channel deals in the aviation and medical field.

’Comodo’s platform will help to ensure that only authenticated and approved devices are connecting to the correct, corresponding and private network. This reduces the risk that IoT devices can be compromised and endanger people’s lives or privacy, or be used in DDoS or hacking attacks," said Kachur.