What does the Internet of Things have to do with Identity & Access Management?
Many companies focus their identity and access management projects primarily on the administration of employees and the corresponding roles and rights. The goal here is to give employees access to precisely the resources they need for their daily work, and to be able to check and prove this at the push of a button. This part of identity and access management is undoubtedly very important, but it is by far no more sufficient.
Internet of Things & Identity & Access Management
In the past, the main focus was on preventing external access to internal company resources. In the meantime, this has changed quite a bit. Today, precisely those companies that integrate business partners, external employees and customers into their service and business processes in the best possible way are growing.
In this context, it only makes limited sense to shield internal company applications and systems from the outside world with a firewall. Instead, solutions are needed to better integrate business partners, external employees, and customers and thus bind them more firmly to the company. Companies must be able to integrate the digital identities of these “external resources” as well, manage them securely, and control access authorizations.
Conventional Identity & Access Management has its limits
In the above example, it is evident that customers log in to the provider’s web portal in the “traditional” way using a username and password. However, there is an ever-increasing number of use cases where an app on a dedicated smart device needs access to corporate applications and backend services on behalf of the user in order to upload documents and files directly to the company’s electronic file and trigger follow-up processes.
For the access management it becomes increasingly important to know not only the users, but also their devices. Certainly, most companies have already dealt with how to identify and authorize customers and employees via their smart devices in recent years.
Mobile users, devices and connected things
The authorization of smart devices is only one part of the task. Around the topics of smart homes and the networking of manufacturing and supplier processes (Industry 4.0), more and more networked things are constantly being added that require a digital identity: Telemetry systems in vehicles, activity trackers, smart health watches and much more.
And the same applies to all of them: It has to be possible to centrally define, control and monitor who or what gets access to which applications, systems and data.
Identity and Access Management for the Internet of Things – that’s what it’s all about:
It must be possible to manage a huge number of identities on a consistent platform.
Identity and access management should be standardized throughout the company and across company boundaries.
Management of relationships between all entities
Companies that integrate their business partners, external employees and customers into their service and business processes grow faster and are more profitable.
Respond dynamically and flexibly to changing circumstances and take proactive protective measures.
The key to increased security in access to data, digital communication and business processes is secure identities that are centrally managed in an enterprise-wide identity and access management system. Secure access to information, applications and systems for the right identity at the right time.
The identity and access management system must be able to map these complex structures and securely grant the required access rights. Devices and other “things” can be borrowed temporarily – the IAM system must be able to keep up with this high dynamic.
Roles and rights on the Internet of Things
Who knows who I am?
The fundamental question has not changed: Who or what should have access to what and when? However, the above examples have made it clear that singular solutions will not get you anywhere. While there are a number of technical details and specifications to consider when integrating “things,” ultimately “things” – just like people – are given an identity that must be centrally created, managed and monitored. Ultimately, a machine identity accesses an IAM system just as a user does.
This is one of the core tasks of central identity and access management solutions, whose scope must be extended to “things”. Modern IAM solutions are capable of managing digital machine identities (identities, access rights, etc.). The same applies to logging and auditing.
To meet these requirements, the IAM platform must be highly reliable, scalable, and highly available. Business models and services of an enterprise will not work without an IAM platform.
Our Identity and Access Management Services
Our profound know-how form the basis of our comprehensive portfolio of Consulting Services.