“IoT security is now a matter of homeland security”.
That’s from a recent report released by the U.S. Department of Homeland Security, “Strategic Principles for Securing the Internet of Things”. The DHS acknowledges that the IoT offers great opportunities for innovation, but doesn’t shy away from warning of the great risk that we face from unsecured connected devices and things. Disruptions to utilities, transportation, and other critical components of our infrastructure could have catastrophic consequences. Recent Internet outages caused by distributed denial-of service (DDoS) attacks powered by botnets of compromised IoT devices and hacks of connected cars and medical devices show that IoT security cannot be ignored. The threat to national security is clear.
The report outlines several best practices for improving IoT security but what stood out to me the most was the need to “identify and authenticate the devices connected to the network”. That’s what we’re all about at ForgeRock. We’ve been securing the identity of things for years, helping leading digital organizations like TomTom, Toyota, and the BBC with their innovative IoT projects.
The DHS also had an important warning: “Our nation cannot afford a generation of IoT devices deployed with little consideration for security. The consequences are too high given the potential for harm to our critical infrastructure, our personal privacy, and our economy.” As a leading digital organization, it’s your responsibility (and opportunity) to secure the IoT. Not only will prioritizing security and privacy keep you out of the headlines, protecting brand reputation and avoiding serious loss of revenue, it can also be a competitive differentiator from organizations that neglect these important areas. Don’t let a desire to innovate drive you to overlook the role of security in your IoT initiatives.
With ForgeRock, organizations can leverage the IoT to improve customer experience and increase efficiency, while simultaneously respecting user privacy, a significant challenge as IoT devices are constantly collecting and sharing personal data. Can your digital identity platform handle the IoT? Check out our primer on the Top 12 Requirements for an IoT-Ready IAM Platform to see if your solution measures up. If you want to dive deeper into the key components of the identity of things, our IoT Reference Architecture white paper outlines the role of identity in supporting customer and industrial IoT use cases.