Technology | Media | Telecommunications

Tuesday, February 17, 2015

Managing the Identity of Things in the Emerging IoT

Security is top of mind for most CIOs, and for good reason. Moreover, the emergence of new and pervasive technologies will present unique security challenges. A case in point: managing identities and access is going to become very important in the evolving Internet of Things (IoT).

However, the current form of Identity and Access Management (IAM) cannot provide the scale or manage the complexity that the IoT brings to the enterprise, according to the latest market study by Gartner.

"IAM leaders must reconsider how traditional approaches to cyber-security and IAM work in a world where devices and services are so abundant, in so many different forms and positioned at so many different points within the IT ecosystem," said Earl Perkins, research vice president at Gartner.

The growth of these technologies means that today's digital businesses must now require a way of defining and managing the identities of entities -- people, services and things -- within a single, secure framework.

Gartner believes that the IoT is not only about the introduction of different forms of networked devices into digital business moments -- it's a transformational approach to viewing and implementing processing, analytics, storage and communications.

The Identity of Things (IDoT) is a new extension to identity management that encompasses all entity identities, whatever form those entities take. These identities are then used to define relationships among the entities -- between a device and a human, a device and another device, a device and an application or service, a human and an application or service.

Since devices have not traditionally been part of IAM systems in this way, Gartner says that the IDoT must draw upon other existing management systems to aid in developing the single-system view for the IoT.

IT Asset Management (ITAM) and Software Asset Management (SAM) systems have traditionally managed IT and software assets of all types. The IDoT will assume some functional characteristics of ITAM and SAM within or integrated with IAM architecture, or be linked to ITAM as attribute stores.

"Existing identity data and policy planning give IAM leaders and technology service providers a narrow view of entities leading to a static approach that does not consider the dynamic relationships between them," concludes Perkins.

However, the concept of dynamic relationships is vital to the success of future IAM solutions. In fact, the concept of the relationship will become as important as the concept of identity is for IAM in the IDoT. It allows the IDoT to exist and become part of new responsibilities for IAM within the enterprise.