Overview
In existing cloud environments, IT is limited in how they can approach managed device identities. A device ID is not always persistent through a unit’s lifecycle due to the common strategy of hashing platform components. Soft IDs are prone to change throughout the device’s lifecycle, making asset management even more difficult in wipe-and-replace or refurbish scenarios. The gaps for IT become clear when you combine these factors with the difficulty to prove a device's user or discern a duplicated device ID.
Common IT Concerns
- The device being provisioned is the device that was ordered.
- The returned asset is the same device that was deployed.
- The device is proven to be eligible for service and warranty.
- Ensure that only the assigned user can access the device.
- Critical data and proprietary information is protected from unauthorized access.
A Comprehensive Solution for PC Lifecycle Management
The Intel® Unique Platform ID (Intel® UPID) solution addresses gaps in PC lifecycle management by providing a globally unique and persistent identity, which includes an Intel issued IDevID certificate and an interface for attestation. This is defined by the IEEE 802_1AR 2018 industry standard for identifying a device throughout its lifecycle. The device ID can be verified via an Intel UPID challenge signing interface.
Intel UPID remains immutable and static over the device lifecycle, with privacy controls to enable or disable if needed. It cannot be spoofed or overwritten, thus providing the utmost integrity protection. It can also be updated when the unit is refurbished by the original equipment manufacturer (OEM), providing more options for asset management. Intel UPID is included in the Intel vPro Platform, and is beneficial as more and more businesses continue the work-from-anywhere trend.