Question
What are device certificates and why are they important?
Applies To
- Device Certificates
- Third-Party Devices
Answer
A device certificate is a unique, one-of-a-kind identifier used to authenticate a phone or other device. They are factory installed by the phone vendors during the manufacturing process. Since 8x8 service is delivered over the Internet, it is important that the communication and credentials of users are kept secure, as the threat of a service being intercepted or spoofed is very real. It is also crucial that the phone certificates are factory-installed—not added later.
To learn how check for device certificates on the phones 8x8 allows third-party provisioning for, see How to Check Phone for a Valid Device Certificate.
What do Device Certificates actually do?
Device certificates perform three main functions:
- Ensure that the 8x8 8x8 Work service is communicating with your specific, unique endpoint over the Internet so no other fraudulent endpoint can use your account—that is, someone cannot hack into your account to make unauthorized calls.
- Ensure that the communication to your device is secure at both ends, and a hacker cannot intercept passwords or customer account identity information.
- Make activating your device easier with automated provisioning and simple activation.
The primary reason a device certificate is of value to a hosted user (versus a PBX user) is that the end-user device is directly connected to the Internet. In a company with an on-premise PBX solution, the end-user device is connected to the PBX using a local area network, not the Internet. In that case, the PBX has its own security provisions.
Putting the Device Certificate in Perspective
Let's relate it to something more tangible: Would you buy a new car that had no door locks? It might not be a problem right away, but someone will eventually get in and take the car. You would then not only have to replace it, but deal with all the other items that may have been stolen as well. Further, what happens if someone steals your car, then gets in an accident?
Now think about this: What would you say of a car salesman who would even think of selling you a car without door locks?
The point is that IP attacks are very real and very common, and 8x8 will not put its users at risk. It is important to understand that any provider that would run your phones over the public Internet is not actually looking out for the best interest of their users and protecting them. They are leaving you vulnerable, and when an attack happens, you may be stuck with thousands of dollars in unauthorized international fees that will dwarf the cost of purchasing a new system.
8x8, on the other hand, has built a solid network with security and reliability for today’s businesses. With robust network redundancy, full HIPAA and FISMA compliance, and the employment of measures such as secure device certificates, you can be assured of the best protection from would-be hackers for your 8x8 Work system.