Click here to close now.


SDN Journal Authors: Stefan Dietrich, Elizabeth White, Peter Silva, Pat Romanski, Don MacVittie

Related Topics: @ThingsExpo, Microservices Expo, @CloudExpo, Cloud Security, @BigDataExpo, SDN Journal

@ThingsExpo: Article

'Internet Of Things' and Identity

As the Internet of Things continues its march to the mainstream, organizations have more opportunities to expand relationships

Over the past few years, enterprises have been moving to the cloud to streamline processes and operations. A study last year by TheInfoPro indicated that there is no sign of cloud investment slowing down - predicting an average growth rate of cloud spending of 36 percent from this year until 2016. As the Internet of Things continues its march to the mainstream, organizations have more opportunities to expand relationships with customers and partners by building and offering new services. These services have the potential to exponentially drive revenue and create business value.

The question is, what do CIOs need to do to make sure that their companies can take advantage of this potential? The first step is to look at their existing technical infrastructure to ensure that it can truly enable companies to drive change. One crucial component: security, including identity and access management.

IRM and the Cloud: The Move Toward Supporting a Dynamic Environment
Traditionally, identity and access management (IAM) was used to defend a company from security breaches and protect data by providing the right level of access to the right people, who were typically employees of the company. But in a cloud-based world, where organizations need to break down the walls to increase their interaction with customers and partners, a traditional IAM solution just doesn't work - it won't be able to cope with the varying devices and environments at Internet scale.

Looking at all the differences between what is needed now and what traditional identity management offers, I think that "identity relationship management" (IRM) is the best way to describe the new lightweight and agile solution that companies will adopt. A term coined by Kantara Initiative in October 2013, I think it is a perfect way to describe the changes that are needed - moving from managing access and identities to managing relationships.

In a cloud-based world, organizations need to ensure that their IAM system - a critical security component - is able to handle dynamic requests. What do CIOs and CSOs need to look for in an IRM solution to drive revenue through the cloud, while still ensuring a secure experience? Here are some ideas:

  1. Scalability: In a world running on the cloud and the Internet, scalability is a key factor - it's no longer about managing employees who access information from their desks. Customers, partners and employees are accessing information from devices across a variety of locations and the number of users grows exponentially over time, so identity systems need to manage millions of identities instantaneously.
  2. Intelligent and adaptable: Now that everyone has a mobile device, they expect access to information across different environments and geographies. But, that doesn't mean that IT needs to compromise on security. That's why identity and access systems need to be flexible, so that if a user tries to access a secure portal from a new device or location, it will allow access, granted they have the proper credentials.
  3. Modular structure: Modern identity demands are at an entirely new level of complexity that an old, traditional system is not able to handle. Systems need to respond quickly to a plethora of varying factors - devices, circumstances, and access privileges - to ensure that systems continue to run seamlessly. Now that companies are opening up access to partners and customers, user experience becomes that much more complex and critical, and traditional IAM struggles to respond to these varying factors.
  4. Borderless: Not long ago, information was stored on premises and that's where employees accessed it from - their desktop from the network in their office. Now that companies have adopted new technologies like cloud and SaaS, information is likely stored across all three environments, but users still expect the same fast and easy access. A good IRM solution is borderless so that stakeholders have the flexibility to securely and seamlessly access information stored in any environment from anywhere.

Making the Transition Easy
There are also some detailed technical features that organizations can keep in mind when choosing an IRM solution. These include emerging standards like OpenID Connect and OAuth 2.0, which enable cloud and mobile-ready features like device agnostic single-sign on (SSO) across environments. A system that uses REST APIs also makes it more developer friendly, and is a lightweight and flexible alternative to traditional SOAP-based Web services.

When considering implementation, it is essential to ensure the deployment is as quick and easy as possible. Oftentimes, organizations are using different IAM systems across their company, making management difficult. Deploying a central IRM solution gives users the ability to quickly create and deploy new revenue-generating services.  Additionally, the IT team is able to manage and scale the system much easier from one centralized location.

IAM has always been seen as a necessity for employees and company systems, and therefore a business cost, but with the cloud, organizations are in the unique position to adjust their focus from simple identity and access management to leveraging the value of unique relationships to drive business' top-line revenue.

More Stories By John Barco

John Barco is currently vice president of product management at ForgeRock. He has more than 20 years of experience building innovative products for enterprise customers with focus on identity and access management for the last 12 years. Prior to joining ForgeRock, he served as senior director of product management for the Identity Management group at Sun Microsystems. John has also held leadership positions at iPlanet, Silicon Graphics, NComputing, and IronKey. He holds a degree in industrial engineering from Missouri State University.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

@CloudExpo Stories
Microservices are a very exciting architectural approach that many organizations are looking to as a way to accelerate innovation. Microservices promise to allow teams to move away from monolithic "ball of mud" systems, but the reality is that, in the vast majority of organizations, different projects and technologies will continue to be developed at different speeds. How to handle the dependencies between these disparate systems with different iteration cycles? Consider the "canoncial problem"...
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
I recently attended and was a speaker at the 4th International Internet of @ThingsExpo at the Santa Clara Convention Center. I also had the opportunity to attend this event last year and I wrote a blog from that show talking about how the “Enterprise Impact of IoT” was a key theme of last year’s show. I was curious to see if the same theme would still resonate 365 days later and what, if any, changes I would see in the content presented.
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Ben Perlmutter, a Sales Engineer with IBM Cloudant, demonstrated techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user e...
In his General Session at DevOps Summit, Asaf Yigal, Co-Founder & VP of Product at, explored the value of Kibana 4 for log analysis and provided a hands-on tutorial on how to set up Kibana 4 and get the most out of Apache log files. He examined three use cases: IT operations, business intelligence, and security and compliance. Asaf Yigal is co-founder and VP of Product at log analytics software company In the past, he was co-founder of social-trading platform Currensee, which...
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
In recent years, at least 40% of companies using cloud applications have experienced data loss. One of the best prevention against cloud data loss is backing up your cloud data. In his General Session at 17th Cloud Expo, Sam McIntyre, Partner Enablement Specialist at eFolder, presented how organizations can use eFolder Cloudfinder to automate backups of cloud application data. He also demonstrated how easy it is to search and restore cloud application data using Cloudfinder.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York and Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty ...
Internet of @ThingsExpo, taking place June 7-9, 2016 at Javits Center, New York City and Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 18th International @CloudExpo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo New York Call for Papers is now open.
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Day 2 Keynote at 17th Cloud Expo, San...
As organizations shift towards IT-as-a-service models, the need for managing & protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection & E-Discovery of your data - whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise.
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
Today air travel is a minefield of delays, hassles and customer disappointment. Airlines struggle to revitalize the experience. GE and M2Mi will demonstrate practical examples of how IoT solutions are helping airlines bring back personalization, reduce trip time and improve reliability. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Dr. Sarah Cooper, M2Mi’s VP Business Development and Engineering, explored the IoT cloud-based platform technologies driving t...
There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content. Join @ThingsExpo conference chair Roger Strukhoff (@IoT2040), June 7-9, 2016 in New York City, for three days of intense 'Internet of Things' discussion and focus, including Big Data's indespensable role in IoT, Smart Grids and Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) IoT's use in Vertical Markets.
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data...
We all know that data growth is exploding and storage budgets are shrinking. Instead of showing you charts on about how much data there is, in his General Session at 17th Cloud Expo, Scott Cleland, Senior Director of Product Marketing at HGST, showed how to capture all of your data in one place. After you have your data under control, you can then analyze it in one place, saving time and resources.
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
Just over a week ago I received a long and loud sustained applause for a presentation I delivered at this year’s Cloud Expo in Santa Clara. I was extremely pleased with the turnout and had some very good conversations with many of the attendees. Over the next few days I had many more meaningful conversations and was not only happy with the results but also learned a few new things. Here is everything I learned in those three days distilled into three short points.
As organizations realize the scope of the Internet of Things, gaining key insights from Big Data, through the use of advanced analytics, becomes crucial. However, IoT also creates the need for petabyte scale storage of data from millions of devices. A new type of Storage is required which seamlessly integrates robust data analytics with massive scale. These storage systems will act as “smart systems” provide in-place analytics that speed discovery and enable businesses to quickly derive meaningf...