Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Securing digital identities amongst the Internet of Everything

ForgeRock : 11 February, 2015  (Special Report)
Neil Chapman, Senior Vice President & Managing Director EMEA at ForgeRock delves into identity management and security in connected home and lifestyle electronics
Securing digital identities amongst the Internet of Everything

At the almighty annual consumer electronics trade show that is CES, last week it became very clear that the one overarching theme connecting everything from the latest wearable devices to home and lifestyle electronics is the Internet of Everything (IoE).  

IoE has become a generic term used to describe introducing connectivity and intelligence to pretty much any inanimate object you can think of in order to give it added functionality. At the show, everything from a slow-cooker that connects to the internet, to connected cars, to a smart bed that monitors sleep patterns, was HOT.

Smart gadgets are big business, but to use each one to its full potential, each gadget needs access to your ‘digital identity.’ A digital identity is the data that uniquely describes you and contains personal information about you.  For instance, it can comprise preferences, friendships, bank details, health information, shopping habits, and relationships—all very personal information.

Businesses are beginning to use identity to transform and personalise users’ experience so that, for instance, a connected car remembers the preferences of each driver or a financial services portal offers customers a convenient overview of all their activities and accounts in one place.  Digital identity is becoming vital for wearable technology too.  Fitness trackers, or healthcare monitors, offer personalised functionality to support the user’s individual goals.
 
As we continue to witness day to day items connecting to IoE, the importance of digital identities is becoming increasingly clear.

Future-Proofing Digital Identities

Identity is increasingly critical to the digital economy, protecting consumer privacy and providing enterprises with greater visibility into customer preferences.  Historically, most businesses focused on managing the identities of their own staff.  However, businesses and organisations can’t properly take advantage of mobile, cloud, or Internet of Things (IoT) technologies without a scalable and repeatable customer-facing identity strategy. Without it, they have no ability to identify and engage with their customers in a meaningful way — whether it be through a laptop, mobile phone, tablet, connected car, healthcare wearable, connected home device or the next great connected innovation.

In its simplest form, Identity Management (IM) is the creation and administration of users and things and the rules that govern what they can do online. It answers the questions: Who (or what) are you? What can you (or it) do online?

This may sound simple, but the number of applications, devices, and things involved in making these types of decisions are often quite complex.  It involves taking every application (on premises and off) and externalising the identity management capabilities in order to centrally manage users and things and their sign-on and authorisation policies. For some enterprises, this often comprises hundreds or thousands of apps interacting online that must be Identity Management-enabled.

As businesses transition to a digital marketplace where their goods and services are available online and via devices, companies and governments alike are realising that their ability to secure and manage the digital identities of every customer, every prospect, and every member of the public is a fundamental requirement.

Legacy identity management (IM) was based on monolithic platforms that used static rules to make decisions. It was not designed to easily integrate with any application (on premises or off), to provide device-agnostic access, to handle large-scale populations, or to make decisions based on consumer context. In short, traditional IM is struggling to meet today’s business demands.

To connect customers and citizens to relevant goods and services in the digital age, businesses and governments instead require customer-focused identity management. The evolution from identity management to customer-focused identity management has a name: Identity Relationship Management (IRM). IRM is equipped with unique capabilities that differ from traditional identity management requirements.

To protect customer identities, businesses need to implement a more robust, multi-layered security model, which uses context clues to decide whether to give access, and how much. Even with correct credentials, a login attempt from an unrecognised IP address or at an atypical time of day can trigger additional security precautions, asking security questions or texting verification codes to a user’s mobile phone, for example.

In order to protect an organisation managing increasing digital identities, security officers should:

* Think externally – authenticate external contacts and customers.  As each user accesses systems with multiple devices they expect an experience that is tailored to how, when, and where they access services.

* Use a unified identity platform – which will allow a repeatable way to protect a growing number of devices.

* Use open standards and technologies, supported by your identity platform – the platform must be reachable in a standardised way, whether the communication comes through a human or machine.

* Analyse real-time behaviour and context – ensure data is encrypted and authenticated when it’s communicated between IoT devices. Check the location, time, and device to ensure requests to connect are valid, warranted by legitimate business need, and consistent with past behavior.

Whilst the purveyors of smart gadgets at CES jostle to be the first or the best-connected item in their field, the real winners and losers in today’s digital world will be determined by how they approach the issue of identity as they develop new offerings.  Those that use the right identity platform can quickly respond to the needs of their business, reinventing themselves to roll out new services to any device or thing more quickly than their competitors—and seize a distinct advantage.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo