Gartner: Identity Management Critical for the Internet of Things (IoT)

Gartner has gone on the record saying that managing identities will be critical for the success of the Internet of Things, or IoT, according to Pravin Prashant at TeleAnalysis.com. He quotes Earl Perkins, Research VP at Gartner as saying the following:

IAM leaders must reconsider how traditional approaches to cyber security and IAM work in a world where devices and services are so abundant, in so many different forms and positioned at so many different points within the IT ecosystem.

Specifically, organizations will need to reconsider just what an “identity” is, as well as “who” will get one (or several, depending on the need for that matter). Providers of Identity and Access Management (IAM) solutions will also need to come up with effective solutions for the rising IoT. That means being able to integrate different types of entities, such as people, applications, and devices into a single identity framework. Current IAM solutions don’t really do that, according to Gartner Research VP Ant Allen:

Traditional, people-focused IAM systems have been unable to accommodate the propagation of devices and things to give a broad and integrated view for IAM leaders. The Identity of Things (IDoT) requires a new taxonomy for the participants in IAM systems. People, software that makes up systems, applications and services, and devices will all be defined as entities and all entities will have the same requirements to interact.

IAM solutions therefore have to be able to handle all these entities, including Allen’s “Identity of Things.” Rather than build the IDoT from the ground up, though, it makes sense to start with some already existing building blocks, according to Prashant:

IT asset management (ITAM) and software asset management (SAM) systems have traditionally managed IT and software assets of all types. The IDoT will assume some functional characteristics of ITAM and SAM within or integrated with IAM architecture, or be linked to ITAM as attribute stores.

Otherwise we might start to see machines hacking machines, and that would mean more confused and sad faces from Keanu Reeves. More seriously, an unsecured IoT would be a nightmare for everyone. Imagine if hackers gained control over a future network managing a fleet of self-driving cars. That is a future we all want to avoid.