Welcome!

@ThingsExpo Authors: Liz McMillan, Zakia Bouachraoui, Elizabeth White, Pat Romanski, Yeshim Deniz

Related Topics: @ThingsExpo, Microservices Expo, @CloudExpo, Cloud Security, @DXWorldExpo, SDN Journal

@ThingsExpo: Article

'Internet Of Things' and Identity

As the Internet of Things continues its march to the mainstream, organizations have more opportunities to expand relationships

Over the past few years, enterprises have been moving to the cloud to streamline processes and operations. A study last year by TheInfoPro indicated that there is no sign of cloud investment slowing down - predicting an average growth rate of cloud spending of 36 percent from this year until 2016. As the Internet of Things continues its march to the mainstream, organizations have more opportunities to expand relationships with customers and partners by building and offering new services. These services have the potential to exponentially drive revenue and create business value.

The question is, what do CIOs need to do to make sure that their companies can take advantage of this potential? The first step is to look at their existing technical infrastructure to ensure that it can truly enable companies to drive change. One crucial component: security, including identity and access management.

IRM and the Cloud: The Move Toward Supporting a Dynamic Environment
Traditionally, identity and access management (IAM) was used to defend a company from security breaches and protect data by providing the right level of access to the right people, who were typically employees of the company. But in a cloud-based world, where organizations need to break down the walls to increase their interaction with customers and partners, a traditional IAM solution just doesn't work - it won't be able to cope with the varying devices and environments at Internet scale.

Looking at all the differences between what is needed now and what traditional identity management offers, I think that "identity relationship management" (IRM) is the best way to describe the new lightweight and agile solution that companies will adopt. A term coined by Kantara Initiative in October 2013, I think it is a perfect way to describe the changes that are needed - moving from managing access and identities to managing relationships.

In a cloud-based world, organizations need to ensure that their IAM system - a critical security component - is able to handle dynamic requests. What do CIOs and CSOs need to look for in an IRM solution to drive revenue through the cloud, while still ensuring a secure experience? Here are some ideas:

  1. Scalability: In a world running on the cloud and the Internet, scalability is a key factor - it's no longer about managing employees who access information from their desks. Customers, partners and employees are accessing information from devices across a variety of locations and the number of users grows exponentially over time, so identity systems need to manage millions of identities instantaneously.
  2. Intelligent and adaptable: Now that everyone has a mobile device, they expect access to information across different environments and geographies. But, that doesn't mean that IT needs to compromise on security. That's why identity and access systems need to be flexible, so that if a user tries to access a secure portal from a new device or location, it will allow access, granted they have the proper credentials.
  3. Modular structure: Modern identity demands are at an entirely new level of complexity that an old, traditional system is not able to handle. Systems need to respond quickly to a plethora of varying factors - devices, circumstances, and access privileges - to ensure that systems continue to run seamlessly. Now that companies are opening up access to partners and customers, user experience becomes that much more complex and critical, and traditional IAM struggles to respond to these varying factors.
  4. Borderless: Not long ago, information was stored on premises and that's where employees accessed it from - their desktop from the network in their office. Now that companies have adopted new technologies like cloud and SaaS, information is likely stored across all three environments, but users still expect the same fast and easy access. A good IRM solution is borderless so that stakeholders have the flexibility to securely and seamlessly access information stored in any environment from anywhere.

Making the Transition Easy
There are also some detailed technical features that organizations can keep in mind when choosing an IRM solution. These include emerging standards like OpenID Connect and OAuth 2.0, which enable cloud and mobile-ready features like device agnostic single-sign on (SSO) across environments. A system that uses REST APIs also makes it more developer friendly, and is a lightweight and flexible alternative to traditional SOAP-based Web services.

When considering implementation, it is essential to ensure the deployment is as quick and easy as possible. Oftentimes, organizations are using different IAM systems across their company, making management difficult. Deploying a central IRM solution gives users the ability to quickly create and deploy new revenue-generating services.  Additionally, the IT team is able to manage and scale the system much easier from one centralized location.

IAM has always been seen as a necessity for employees and company systems, and therefore a business cost, but with the cloud, organizations are in the unique position to adjust their focus from simple identity and access management to leveraging the value of unique relationships to drive business' top-line revenue.

More Stories By John Barco

John Barco is currently vice president of product management at ForgeRock. He has more than 20 years of experience building innovative products for enterprise customers with focus on identity and access management for the last 12 years. Prior to joining ForgeRock, he served as senior director of product management for the Identity Management group at Sun Microsystems. John has also held leadership positions at iPlanet, Silicon Graphics, NComputing, and IronKey. He holds a degree in industrial engineering from Missouri State University.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Early Bird Registration Discount Expires on August 31, 2018 Conference Registration Link ▸ HERE. Pick from all 200 sessions in all 10 tracks, plus 22 Keynotes & General Sessions! Lunch is served two days. EXPIRES AUGUST 31, 2018. Ticket prices: ($1,295-Aug 31) ($1,495-Oct 31) ($1,995-Nov 12) ($2,500-Walk-in)
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...