IoT Identity Edge Controller

Why IoT Needs Identity

Organizations are transforming into digital businesses, with goods and services available online and via devices. Both the private sector and the public sector are now realizing that the ability to manage the digital identities of millions of people and billions of devices is a fundamental requirement for success. While legacy identity and access management (IAM) was designed for enterprises and their employees, IAM for the Internet of Things (IoT) needs to be designed for customers, devices, connected things, and the relationships between them. This is known as identity relationship management (IRM).

Faced with the prospect of managing millions of connected devices in their digital ecosystems, organizations must adjust their approach to identity management and security. Any company producing IoT-connected devices should take the October 2016 Dyn distributed-denial-of-service (DDoS) attack as a warning.

In this attack, the onslaught was apparently caused by millions of internet-connected devices, such as thermostats, webcams, and refrigerators infected with malware — primarily because they were connected to the internet without necessary digital identity security protocols in place. These devices were commandeered by hackers and directed to attack servers that hosted many of the internet’s websites, temporarily taking down large portions of the web. 

Security experts say this is just the tip of the iceberg. IoT presents a massive security vulnerability, especially if the companies that produce, use, or sell these devices do not take identity management and security for IoT into account upfront and make it a top priority. To date, there has been no security model for IoT.

Leer más »