IoT Security and Identity Access Management


With all the emphasis lately being placed on securing the edge of the IoT and IIoT, secure network connectivity is often considered more of a “downstream” requirement. In fact, given the fundamental nature of smart products being valuable because they can be connected to the cloud, data and analytics, and increasingly real-time closed-loop systems, securing network infrastructure and the sessions moving over that infrastructure should be more than a second thought.

As more attacks through botnets are being announced, and particularly as IoT moves beyond consumer mainstream wearables and into massive enterprise deployments, IT and OT teams are paying more and more attention to securing access to the networks that connect more valuable things, including factory equipment, smart grid hardware, and more. Regulators are paying attention, and legislation is being drafted, particularly associated with critical infrastructure to ensure that the networks IIoT systems rely on are at least as secure as the end-points getting all the attention of late.

IoT is focused on the interaction between connected things, people, tools, and apps. Gartner called out the future need for Identity Access Management back in 2015, noting that “IAM” and Privileged Access Management (PAM) will be mainstays in ensuring IoT/IIoT networks cannot be hacked into by unauthorized administrators. We’ve learned recently that more than half of attacks on corporate networks have come from the inside – and when we envision a “corporate network” supporting, for example, dozens of chemical plants, we can also envision a dark situation where an employee can control the release of deadly chemical agents into the environment, for example.

IAM and PAM demands will become much more complicated in the world of IoT, with harder problems to solve, and exponentially more endpoints.

The security industry is seeing a paradigm shift whereby IAM is not only individually concerned with managing people but also managing the hundreds of thousands of “things” that are connected to a network.

IoT for IAM will require:

Enforcement of Security Best Practices: IoT solutions mingle the physical and digital worlds and results in more serious impacts from IoT-related data that includes intrusion of privacy and harm to physical property. Identity management solutions will need to be designed to address these concerns. IoT IAM platforms will need to offer end-to-end data encryption, DOS /overload detection, adaptive authentication, and automatic load balancing to provide the robust security capabilities needed to unlock the full potential of the IIoT in particular.

Privacy and Preference Management: End customers are concerned that as devices gain the ability to collect large volumes of personal data, the potential for privacy violations grows. This happens especially when this data is shared and used, which is part of the cloud and API nature of the IIoT. IAM solutions permit customers to self-manage preferences such as opting in or out of communications and granting their approval for data sharing. When a company sells an enterprise a solution connecting smart products purchased by consumers, they will insist upon the ability to reassure customers that by installing a smart doorbell, images of visitors to their homes will not become public. This is just one of many scenarios where a criminal inside an enterprise with access to the network could extract images and other information from an end-point the system designed to protect their customer, not expose them to identity theft.

Policy-Based Data Access Governance: IoT IAM requires extreme governance capabilities to manage data access across things, applications, people, and devices. Data access should be granted or denied as per the IP address, industry or geographic regulatory constraints, time frames, and individual customer consent. IAM solutions that centralize governance policies and execute them across multiple channels and collection points will be “table stakes” for identity management on the massive IoT and IIoT in the near future.

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of practices to help ensure a secure cloud computing environment, has released a summary guidance report titled “Identity and Access Management for the Internet of Things.”

Identity and access management (IAM) will be vital to effective IoT solutions, says Saniye Burcu Alaybeyi, research director at Gartner. Ms. Alaybeyi further adds that IAM will soon become, if not already, an integral part of each and every IoT solution.

While we are starting to see early offerings in IAM and PAM specifically designed to protect the IoT and IIoT, we expect to see many more in 2018. 

Edited by Ken Briodagh

Contributing Writer

Related Articles

MachineMetrics Announces $20M Series B Funding Round

By: Arti Loftus    6/17/2021

The growth of applications designed to further automate and optimize manufacturing operations continues unabated given the success of modernization pr…

Read More

New Statistics from The Eclipse Foundation Indicate that Edge Computing Adoption Continues to Boom

By: Matthew Vulpis    6/14/2021

The Eclipse Foundation, one of the world's largest open-source foundations, recently announced the availability of its 2021 IoT and Edge Commercial Ad…

Read More

An Edge Computing Breakup: Out with the Old, and In with the New

By: Special Guest    6/9/2021

When COVID-19 arrived in early 2020, enterprises' first priority was to patch together a communications and information-sharing infrastructure that co…

Read More

Cloud-Based Cellular Network Platform Challenger Monogoto Lands $11M in Funding

By: Arti Loftus    6/9/2021

Today, Monogoto, innovator, and developer of a secure, global cloud-based cellular network platform, announced they have closed a round including vent…

Read More

As Linux Foundation's Zephyr Project Turns Five, Addressing Constrained Device Challenges is More Important Than Ever

By: Arti Loftus    6/7/2021

Noting nearly 1,000 contributors, 50,000 commits building advanced support for multiple architectures including ARC, Arm, Intel, Nios, RISC-V, SPARC a…

Read More