3 Market Forces Drive Adoption of Identity and Access Management in IoT

All “things” need identities.

The Internet of Things (IoT) is estimated to reach $2 trillion in revenue by 2020, with more than 20.4 billion connected ‘things’ in use. While IoT is creating a variety of economic opportunities, the diversity of things makes IoT hard to architect and manage for IoT solutions architects.

IAM will soon become, if not already, an integral part of each and every IoT solution.

Users, devices, IoT gateways, applications and services all have a role to play in IoT solutions, and they all need identities to form a secure and trusted IoT.

Saniye Burcu Alaybeyi, research director at Gartner, says identity and access management (IAM) will be vital to effective IoT solutions. Ms. Alaybeyi further adds that IAM will soon become, if not already, an integral part of each and every IoT solution, and this is why.

Gartner IT Symposium/ Xpo®

Objective insights, strategic advice and practical tools to help CIOs and IT executives achieve their most critical priorities

Learn More

Three market forces have converged to drive identity, access and attribute correlation in IoT.

IoT Platforms Need to Support IAM

As opposed to IAM vendors, IoT platform vendors, in general, focus less on maintaining privacy and providing required authentication, and lack the concept of managing user identities.

“However, this trend is changing,” says Ms. Alaybeyi. “Several IoT platform product managers at technology and service providers have started to incorporate various device identity and access technologies into IoT platforms to simplify security designs in IoT deployments. This situation accelerates the adoption of IAM in a diverse set of IoT market segments.”

Traditional IAM Will Not Suffice for IoT

To support IoT, IAM platforms will need to deal with billions of devices and associated identities, policies, and the relationships that they all need to have. To accomplish this, many vendors already have provided scalable runtime access to ensure secure authentication and authorization at high transaction rates with subsecond latencies.

Going forward, vendors will have to consider the ability to reduce the storage footprint, manage both structured and unstructured data and its attributes, and continue to improve support for deployment in the cloud as well as on premises. Vendors have to also consider utilizing data that is generated by the IoT devices because this data can also be used as a basis for authorization decisions.

IoT Needs Device-Embedded Authentication

Most IoT device manufacturers and platform providers are ill-equipped to serve the authentication needs (design and embed security controls, including device authentication, to the device firmware), and the sheer number of diverse IoT authentication use cases with internal technology, skills, dedicated resources and services. As a result, they are engaging with niche authentication providers or product specialists based on stable partnerships or case-by-case deals.

While it will take a few years for the industry-specific authentication standards to firm up and find acceptability in the market, authentication providers and IoT device manufacturers must emphasize on promoting industry-specific standards by limiting opportunities of proprietary customizations for the benefit of the industry and the consumer.



For further information, Gartner clients can read more in the research note: Market Trends: Rise of Identity and Access Management in the IoT Era, by Saniye Burcu Alaybeyi.

Visit Gartner’s IoT Hub for complimentary research, webinars and Smarter With Gartner articles all focused on the business benefits of the IoT.

Get Smarter

Follow #Gartner

Attend a Gartner event

Explore Gartner Conferences

Gartner IT Roadmap for Cybersecurity: A Resilient Strategy

Gartner IT roadmap for cybersecurity based on unbiased research and...

Learn More


Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching