The growth of the Internet of Things (IoT) requires businesses to evolve the way they define and manage the relationships between "entities" to ensure secure, efficient processes. More robust identity management plays a key role in managing the complex web of relationships.
IoT adoption in the enterprise has reached an inflection point causing many of today’s approaches to identity management to become ineffective or cumbersome. Identity and access management (IAM) leaders require an evolved way of defining and managing the identities of all “entities” within a single framework.
During the Gartner Identity & Access Management Summit taking place this week in Las Vegas, we asked Earl Perkins, research vice president at Gartner, how IAM leaders can rethink and re-architect to be successful.
Q: What IAM challenges does IoT create today for digital businesses?
A: Historically, the relationship has been between the human and the device. Now, devices and services are abundant in many different forms within the enterprise IT ecosystem. All of the IoT entities (people, applications/services and devices) within any given business moment need an identity.
The issue today is that IAM in its current form cannot provide the scale or manage the complexity that IoT presents to businesses today, impacting everything from endpoint security and network architecture to application development and data management.
Q: How can an enterprises successfully implement a successful IAM strategy for IoT?
A: IoT is not just the introduction of networked devices into digital business moments. It is a new approach to viewing and implementing processing, analytics, storage and communications. Begin by identifying devices as you do people. IoT requires identification for each and every participant in an IT ecosystem - people, software that makes up systems, applications and services, and devices - and all entities will have the same requirements to interact. In networks, these identities may be IP addresses; in devices they may be embedded keys or electronic tags; and in people they are user IDs of some kind.
The Identity of Things (IDoT) is a new component to identity management that encompasses all entity identities. These identities allows you to define relationships among the entities — between a device and a human, a device and another device, a device and an application/service, or a human and an application/service.
IAM leaders and technology service providers (TSPs) should incorporate IDoT’s relationship concepts into identity data and policy planning to support the scale and flexibility required by business moments using the IoT. In fact, the concept of dynamic relationships is critical to the success of future IAM solutions because it allows the IDoT to exist and become part of new responsibilities for IAM in the enterprise.