A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
Transcript of A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.3
Internet of Things What “things” and how did we get there?
Goldman Sachs, What is the Internet of Things?, September 2014
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.4
Two Critical Components
Things People behindthe “Things”
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.18
• The Internet of Things
will change the way we
use and interact with
technology.
• Devices will constantly
monitor and respond
both to us and to
each other.
• We must learn to
manage this interaction.
“Another evolving area of risk lies in
physical objects—industrial components,
automobiles, home automation products,
and consumer devices, to name a few—that
are being integrated into the information
network, a trend typically referred to as the
‘Internet of Things.’
The interconnection of billions of devices
with IT and operational systems will
introduce a new world of security risks for
businesses, consumers, and governments.”2014 PwC State of Cybercrime Survey
“The development towards an IoT is likely to
give rise to a number of ethical issues and
debates in society, many of which have
already surfaced in connection with the
current Internet and ICT in general, such as
loss of trust, violations of privacy, misuse of
data, ambiguity of copyright, digital divide,
identity theft, problems of control and of
access to information and freedom of
speech and expression. However, in IoT,
many of these problems gain a new
dimension in light of the increased
complexity.”2013 European Commission Report on the IoT
31
The answer is
NOT more data
• Security teams already have too
much data to deal with
• New tools and new
infrastructures compound the
problem
We must adopt identity-centric
thinking if we want to have any
chance of maintaining control
over the world we are building
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.38
The Identity of Everything allows the creation of a unique set of attributes
• Who or what every connected item or person is
• What permissions those objects and people have
• What they do with those entitlements
• Who granted the permissions
• How other people and devices may interact
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.39
• Google Nest, a home
automation hub
• Collects data from other
appliances & sensors
• But there is a homeowner
identity behind it that Google
wants to market to
• And that owner will have
relationships to many other
things
The Identity of Everything will be both Hierarchical and Matrixed
© 2014 NetIQ Corporation. All rights reserved.40
NetIQ provides a unique combination of
Identity, Access and Security solutions
that will scale to address the future
demands on identity
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.41
Actions for Today, Tomorrow, Next Year
• Understand the identity stores you already have
• Examine how identity information is used in your
organization
• Look for ways to integrate identity context into your
product design to protect data collected by IoT sensors
• Start to build a framework to handle more
sophisticated, aggregate identity, that can scale
• Work towards an extensible identity framework that
will encompass people, products, devices and services
+44 (0)1344 [email protected]
NetIQ1 Arlington Square,Downshire Way, Bracknell,Berkshire, RG12 1WA, UK
www.netiq.com/communities
This document could include technical inaccuracies or typographical errors. Changes are
periodically made to the information herein. These changes may be incorporated in new
editions of this document. NetIQ Corporation may make improvements in or changes to the
software described in this document at any time.
Copyright © 2015 NetIQ Corporation. All rights reserved.
ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the
cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration
Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy
Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit,
PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite,
Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ
Corporation or its subsidiaries in the United States and other countries.