Welcome!

Related Topics: @ThingsExpo, Microservices Expo, @CloudExpo, Cloud Security, @BigDataExpo, SDN Journal

@ThingsExpo: Article

'Internet Of Things' and Identity

As the Internet of Things continues its march to the mainstream, organizations have more opportunities to expand relationships

Over the past few years, enterprises have been moving to the cloud to streamline processes and operations. A study last year by TheInfoPro indicated that there is no sign of cloud investment slowing down - predicting an average growth rate of cloud spending of 36 percent from this year until 2016. As the Internet of Things continues its march to the mainstream, organizations have more opportunities to expand relationships with customers and partners by building and offering new services. These services have the potential to exponentially drive revenue and create business value.

The question is, what do CIOs need to do to make sure that their companies can take advantage of this potential? The first step is to look at their existing technical infrastructure to ensure that it can truly enable companies to drive change. One crucial component: security, including identity and access management.

IRM and the Cloud: The Move Toward Supporting a Dynamic Environment
Traditionally, identity and access management (IAM) was used to defend a company from security breaches and protect data by providing the right level of access to the right people, who were typically employees of the company. But in a cloud-based world, where organizations need to break down the walls to increase their interaction with customers and partners, a traditional IAM solution just doesn't work - it won't be able to cope with the varying devices and environments at Internet scale.

Looking at all the differences between what is needed now and what traditional identity management offers, I think that "identity relationship management" (IRM) is the best way to describe the new lightweight and agile solution that companies will adopt. A term coined by Kantara Initiative in October 2013, I think it is a perfect way to describe the changes that are needed - moving from managing access and identities to managing relationships.

In a cloud-based world, organizations need to ensure that their IAM system - a critical security component - is able to handle dynamic requests. What do CIOs and CSOs need to look for in an IRM solution to drive revenue through the cloud, while still ensuring a secure experience? Here are some ideas:

  1. Scalability: In a world running on the cloud and the Internet, scalability is a key factor - it's no longer about managing employees who access information from their desks. Customers, partners and employees are accessing information from devices across a variety of locations and the number of users grows exponentially over time, so identity systems need to manage millions of identities instantaneously.
  2. Intelligent and adaptable: Now that everyone has a mobile device, they expect access to information across different environments and geographies. But, that doesn't mean that IT needs to compromise on security. That's why identity and access systems need to be flexible, so that if a user tries to access a secure portal from a new device or location, it will allow access, granted they have the proper credentials.
  3. Modular structure: Modern identity demands are at an entirely new level of complexity that an old, traditional system is not able to handle. Systems need to respond quickly to a plethora of varying factors - devices, circumstances, and access privileges - to ensure that systems continue to run seamlessly. Now that companies are opening up access to partners and customers, user experience becomes that much more complex and critical, and traditional IAM struggles to respond to these varying factors.
  4. Borderless: Not long ago, information was stored on premises and that's where employees accessed it from - their desktop from the network in their office. Now that companies have adopted new technologies like cloud and SaaS, information is likely stored across all three environments, but users still expect the same fast and easy access. A good IRM solution is borderless so that stakeholders have the flexibility to securely and seamlessly access information stored in any environment from anywhere.

Making the Transition Easy
There are also some detailed technical features that organizations can keep in mind when choosing an IRM solution. These include emerging standards like OpenID Connect and OAuth 2.0, which enable cloud and mobile-ready features like device agnostic single-sign on (SSO) across environments. A system that uses REST APIs also makes it more developer friendly, and is a lightweight and flexible alternative to traditional SOAP-based Web services.

When considering implementation, it is essential to ensure the deployment is as quick and easy as possible. Oftentimes, organizations are using different IAM systems across their company, making management difficult. Deploying a central IRM solution gives users the ability to quickly create and deploy new revenue-generating services.  Additionally, the IT team is able to manage and scale the system much easier from one centralized location.

IAM has always been seen as a necessity for employees and company systems, and therefore a business cost, but with the cloud, organizations are in the unique position to adjust their focus from simple identity and access management to leveraging the value of unique relationships to drive business' top-line revenue.

More Stories By John Barco

John Barco is currently vice president of product management at ForgeRock. He has more than 20 years of experience building innovative products for enterprise customers with focus on identity and access management for the last 12 years. Prior to joining ForgeRock, he served as senior director of product management for the Identity Management group at Sun Microsystems. John has also held leadership positions at iPlanet, Silicon Graphics, NComputing, and IronKey. He holds a degree in industrial engineering from Missouri State University.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Latest Stories
In his session at @ThingsExpo, Greg Gorman is the Director, IoT Developer Ecosystem, Watson IoT, will provide a short tutorial on Node-RED, a Node.js-based programming tool for wiring together hardware devices, APIs and online services in new and interesting ways. It provides a browser-based editor that makes it easy to wire together flows using a wide range of nodes in the palette that can be deployed to its runtime in a single-click. There is a large library of contributed nodes that help so...
SYS-CON Events announced today that Ryobi Systems will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ryobi Systems Co., Ltd., as an information service company, specialized in business support for local governments and medical industry. We are challenging to achive the precision farming with AI. For more information, visit http:...
SYS-CON Events announced today that SIGMA Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. uLaser flow inspection device from the Japanese top share to Global Standard! Then, make the best use of data to flip to next page. For more information, visit http://www.sigma-k.co.jp/en/.
SYS-CON Events announced today that Daiya Industry will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Daiya Industry specializes in orthotic support systems and assistive devices with pneumatic artificial muscles in order to contribute to an extended healthy life expectancy. For more information, please visit https://www.daiyak...
Today traditional IT approaches leverage well-architected compute/networking domains to control what applications can access what data, and how. DevOps includes rapid application development/deployment leveraging concepts like containerization, third-party sourced applications and databases. Such applications need access to production data for its test and iteration cycles. Data Security? That sounds like a roadblock to DevOps vs. protecting the crown jewels to those in IT.
SYS-CON Events announced today that B2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. B2Cloud specializes in IoT devices for preventive and predictive maintenance in any kind of equipment retrieving data like Energy consumption, working time, temperature, humidity, pressure, etc.
Automation is enabling enterprises to design, deploy, and manage more complex, hybrid cloud environments. Yet the people who manage these environments must be trained in and understanding these environments better than ever before. A new era of analytics and cognitive computing is adding intelligence, but also more complexity, to these cloud environments. How smart is your cloud? How smart should it be? In this power panel at 20th Cloud Expo, moderated by Conference Chair Roger Strukhoff, paneli...
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp em...
Most of the time there is a lot of work involved to move to the cloud, and most of that isn't really related to AWS or Azure or Google Cloud. Before we talk about public cloud vendors and DevOps tools, there are usually several technical and non-technical challenges that are connected to it and that every company needs to solve to move to the cloud. In his session at 21st Cloud Expo, Stefano Bellasio, CEO and founder of Cloud Academy Inc., will discuss what the tools, disciplines, and cultural...
What is the best strategy for selecting the right offshore company for your business? In his session at 21st Cloud Expo, Alan Winters, U.S. Head of Business Development at MobiDev, will discuss the things to look for - positive and negative - in evaluating your options. He will also discuss how to maximize productivity with your offshore developers. Before you start your search, clearly understand your business needs and how that impacts software choices.
SYS-CON Events announced today that Interface Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Interface Corporation is a company developing, manufacturing and marketing high quality and wide variety of industrial computers and interface modules such as PCIs and PCI express. For more information, visit http://www.i...
SYS-CON Events announced today that Keisoku Research Consultant Co. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Keisoku Research Consultant, Co. offers research and consulting in a wide range of civil engineering-related fields from information construction to preservation of cultural properties. For more information, vi...
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
SYS-CON Events announced today that Fusic will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Fusic Co. provides mocks as virtual IoT devices. You can customize mocks, and get any amount of data at any time in your test. For more information, visit https://fusic.co.jp/english/.
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...