People are throwing around the term “the Internet of Things” these days, but what do they really mean? In case you’ve been meaning to ask, here’s what you need to know: The internet of things (IoT) includes everything that connects to the Internet, encompassing an ever-expanding variety of devices including fitbits, home security systems, biochip transponders on animals, heart monitoring implants, RFID tags on inventory items, and automobiles with built-in sensors.
According to Gartner, there will be nearly 26 billion devices on the Internet of Things by 2020. The connection of these devices with the Internet and their interconnection with each other is likely to enable advanced applications and unforeseen advances in virtually every industry. The IoT can offer new levels of adaptability, new top line revenue, and unprecedented velocity. In short, it’s too good an opportunity for businesses to pass up.
But this opportunity comes wrapped in a huge challenge: the number of identities you need to manage quickly proliferates beyond anything that most identity platforms can handle. Back in the day, a company might have had an identity access management platform (IAM) that could manage 10,000 identities, which totally covered every employee and up to 2,000 partners (one device each, remember?). But now that each employee or partner uses three or more devices—their PCs, tablets, and smartphones—that IAM isn’t performing so well. And it becomes completely obsolete when you consider today’s digital transformation in the age of the customer. To manage millions of identities and dynamically engage users while protecting their privacy and your business, you need something radically different.
To embrace the Internet of Things and leverage it for a competitive edge, approach the challenge of identity services from a new angle. First, with so many external users, you’ll need to drop the classic “castle defense” mentality. Instead of sitting behind the firewall, identity systems need to manage information beyond the wall at Internet scale. And they need to do more than toggle simple yes/no authorization or denial of access. Start looking for identity systems that are business enablers, facilitating relationships between each “thing” and its user, and providing agility, flexibility, and scalability to adjust the services offered in response to context such as geographical location, time of day, and multiple other factors.
Identity Relationship Management (IRM) Is About More than Access—It’s About Relationships
There’s a name for this new type of identity services that helps you benefit from the promise of IoT: Identity relationship management (IRM). IRM is designed to help businesses manage user and thing identities and keep services secure and readily available. It does so by delivering dynamic identity management that’s modular, scalable, borderless, and context-driven.
Modular platform
IRM platforms need to be modular, and preferably designed as an integrated, cohesive stack that is purpose-built to handle the complexity of multiple users, devices, access points, and privileges. At the same time, they need to be able to encompass legacy applications and services. Modular, open platform solutions are well suited to connecting with virtually any device or service—and supporting old and new versions of each device or application.
Internet scalability
Digital businesses work at Internet scale, which means that the number of users can expand exponentially from thousands to millions worldwide. The identity system needs to be scalable and dynamic enough to deal with these changes and serve content regardless of location—while being aware of the difference location might make in the type of services available and the way they’re delivered.
Borderless services
The IoT is connecting everywhere, all the time. IRM needs to provide “borderless” and secure access to applications wherever they are stored—on premises, in the cloud or both—from any Internet-connected device, anywhere.
Context awareness
Context was barely a consideration with traditional IAM, but it’s a critical differentiator for companies delivering digital services. IRM can help you better engage with stakeholders based on context and behavior. As such, it needs to be intelligent enough to evaluate different circumstances and make the best judgment, for example by using adaptive and multi-factor authentication when a user logs in from an atypical device or region.
Thrive in the Internet of Things
Confidently embrace IoT and seek out ways to leverage millions of “things” to offer new revenue-generating services that create customer interactions and drive value for your organization. IRM solves the challenges of identity for digital services to help you take your business to this next level and enjoy rapid growth.
Contributor
Neil Chapman is Senior Vice President & Managing Director EMEA / International, ForgeRock.
