It’s an understatement to say that internet-enabled smart devices and the Internet of Things (IoT) technology has made our lives easier. Now you can order food delivery on your way home from work, lock your car from inside the movie theatre, and ask your digital assistant to play music as you cook dinner. All of these conveniences come with risks, however. With every new device you connect to the internet, there is another opportunity for your personal information to be compromised.
To protect your data while still enjoying the latest technology, identity and access management (IAM) is key. In the context of the IoT, IAM is no longer just about passwords. Now identity management must be able to identify devices, managers, and sensors and manage their access to both sensitive and non-sensitive information. It must be mobile and resilient to match the smart devices we use every day.
Whether you need to prevent security and privacy breaches in your workplace or want to protect your personal information at home, being a part of the connected digital landscape can be complex. Innovators like Vancouver’s Thierry LeVasseur, though, are coming up with new IAM solutions that can help manage and protect identities.
LeVasseur has focused much of his career on digital security and has secured a number of patents in the areas of email security and data protection. He continues to look forward to the changing face of identity management. As we create accounts and profiles on more and more devices, passwords seem to deter hackers less and less. In the future, says Thierry LeVasseur, we may see more secure ways to sign into our smart devices, like fingerprint access and “authentication tools like facial recognition and smartphone proximity.”
Thierry LeVasseur also believes that the future of IAM in regards to IoT will see more two-factor authentication, though not in its usual form. While receiving a code or secondary password via email or text does increase security, it is not foolproof. Instead, LeVasseur thinks that more devices will require physical security keys like Google uses for its employees.
“Those security keys make it so that even if a hacker or bad actor were to possess your password, they still wouldn’t be able to access your information unless they also had in their possession the physical security key,” he says. “It’s incredibly secure.”
Meanwhile, Saniye Burcu Alaybeyi, research director at Gartner, believes that IAM is becoming integral to every IoT solution. The main reason for this, she says, is that IoT platforms need to support IAM. While many IoT platforms don’t put much focus on maintaining privacy, “that trend is changing,” says Alaybeyi. “Several IoT platform product managers at technology and service providers have started to incorporate various device identity and access technologies into IoT platforms to simplify security designs in IoT deployments. This situation accelerates the adoption of IAM in a diverse set of IoT market segments.”
In addition, Alaybeyi believes that traditional IAM isn’t enough for the Internet of Things. With billions of smart devices and their associated identities to manage, IAM innovators must figure out ways to reduce storage footprint and utilize data collected on IoT devices to help with authorization decisions.
Identifying both the user and the device is essential to privacy and security as we embrace the Internet of Things. As we find new ways to stay connected, IAM must keep up by innovating technologies that make it safe for us to do so.
Image Credits: Identity Management from Nata-Lia /Shutterstock