SlideShare ist ein Scribd-Unternehmen logo

An Identity Crisis at the Center of Every IoT Product

Salesforce Developers
Salesforce Developers

The Internet of Things is connecting just about any physical object in our environment with a growing option of users, partners, applications, 3rd party software systems and vendors. Managing and securing the growing number of things, people, and applications shuttling data to and from one another is a massive Identity & Access Management nightmare for most enterprises. In this talk we will discuss real-world scenarios for building more scalable identity management systems and how they will interact with your existing enterprise systems such as Salesforce.com.

Technologie
1 von 19
Downloaden Sie, um offline zu lesen
An Identity Crisis at the Center of Every IoT Product Sean Lorenz Director of IoT Market Strategy Fraser Macdonald Product Owner
2© 2015, LogMeIn, Inc Outline 1.  A brief history of IoT products & platforms 2.  IoT platforms and IAM security demand 3.  Xively’s approach to security & IAM
A DIP INTO THE PAST
4© 2015, LogMeIn, Inc Lessons from the trenches IoT connectivity at scale is REALLY hard Securing IoT data & identities is even harder
5© 2015, LogMeIn, Inc And the press has caught on…
6© 2015, LogMeIn, Inc What was missing? Scalability on all levels flexible efficient quantifiable secure
7© 2015, LogMeIn, Inc Reality sets in. The process of building an IoT product is still unknown to most companies Nothing exists to handle the complexity of managing all aspects of a connected product business 1 2
© 2015 Forrester Research, Inc. Reproduction Prohibited 8 IoT platforms and IAM security demand Research and study results
© 2015 Forrester Research, Inc. Reproduction Prohibited 9 Who did we talk to? ›  100 line of business and IT executives at durable goods manufacturers ›  All respondents are decision makers, influencers or participants in security strategy for connected devices ›  Geographic segmentation •  US: 64 respondents •  UK: 36 respondents ›  Organization Size: •  55%: 1,000+ employees •  45%: 100 to 999 employees Source: A commissioned study conducted by Forrester Consulting on behalf of Xivley, June 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 10 Manufacturers of connected devices are concerned with various security issues Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK (percentages may not total 100 because of rounding) Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015 3% “Which of the follow security threats on your connected devices are you most concerned about?” (Ranked by top 5, with 1 being the most concerning threat) Rank 1 Rank 2 Rank 3 Rank 4 Rank 5 External hackers 32% 11% 9% 6% 7% Leakage of sensitive or confidential data 9% 13% 10% 20% 8% Viruses, network worms, and other malicious software (malware) 7% 9% 18% 10% 13% Lack of authentication and authorization for access to these devices 8% 14% 9% 16% 9% Third-party collection of device usage patterns and data from intelligent devices 7% 15% 9% 8% 13% Physical compromise due to intelligent device failures 4% 9% 12% 10% 13% Internal hackers 11% 10% 12% 6% 8% Denial of service attacks to intelligent devices 8% 11% 8% 11% 7% Compliance fines and penalties over regulatory violations 3% 1% 5% 8% 14% Safety of human life 8% 5% 6% 6% 65% 60% 57% 56% 52% 48% 47% 45% 31% 28% Total % ranked in top 5
© 2015 Forrester Research, Inc. Reproduction Prohibited 11 37% 30% 29% 29% 21% 16% 13% Lack of standard interfaces Diverse device universe makes interoperability challenging Data privacy concerns Lingering concerns about underlying security Lack of compelling business case to support investment No barriers User resistance 67% of respondents are concerned with IAM, but there are barriers to addressing this issue “What are the barriers preventing you from implementing additional identity and access management (IAM) security control” Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 12 IAM importance will continue as the number of parties accessing device data increases Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK (percentages may not total 100 because of rounding) Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015 “Which of the following currently requires access to your connected device data?” “Which of the following could benefit from access to your connected device in the future?” Currently In the future Other connected products 26% 36% Internal business systems and applications 47% 46% Sales 28% 27% Marketing 31% 42% IT 62% 48% Operations 47% 42% Field service reps 28% 33% Finance 20% 22% HR 12% 11% Customers 46% 44% Vendors 37% 42% Distributors 19% 31% Suppliers 18% 33% Average of four parties require access today Average of five parties will require access in the future Business systems and technology Internal business units Third parties
© 2015 Forrester Research, Inc. Reproduction Prohibited 13 Manufacturers seek similar capabilities among vendor partners for IoT and IAM solutions 49% 37% 33% 30% 29% 28% 28% 23% 23% 22% 18% 18% 55% 36% 33% 28% 28% 28% 23% 20% 24% 26% 18% 18% Security expertise Reliable solutions Technical expertise Multinational player End-to-end turnkey solution Solution integration expertise Vertical industry expertise Customer service and help desk support Regional presence Scalable solutions Expertise in my legacy applications Partner ecosystem IoT partners IAM partners “What are the capabilities you are looking for in your Internet of Things (IoT) solution or IAM partners?” Base: 100 Discrete manufacturers (of durable goods) which manufacture connected / IoT products for consumers and/or businesses in the US and UK. Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June, 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 14 Key takeaways to enable your connected product journey ›  Proactive manufacturers are deploying connected devices to differentiate products and transform customer relationships ›  Firms are in the early stages of deploying IoT software platforms •  Key functions: Connect, secure, manage, analyze and engage •  DIY is the main competitor today ›  Identity and access management (IAM) features are emerging as important security elements •  IAM demand will increase as more stakeholders access connected device data ›  Manufacturing firms seek IoT solution and IAM assistance from vendors with security and technical expertise
THE XIVELY APPROACH TO IAM
16© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY Security at the heart of an IoT platform 1.  Secure by design Ø  Xively was built FOR IoT and was built secure 2.  Device security Ø  Requirements: Very strict requirements for device itself – hardware requirements include having a real- time clock, crypto random number generator etc. and software requirements include time synchronization etc. Ø  Up-to-date client library Ø  Device-level rate limiting 3.  Secure in transit Ø  Xively mandates use of secure and strong TLS over all communications protocols (and supports HTTP, WebSockets and MQTT) 4.  Securing data at rest Ø  Storage encryption with Amazon Web Services 5.  Identity Access Management Ø  Blueprint manages identity of users/customers/ devices Ø  Uses OpenID Connect protocol for to identify/ authenticate vendor’s users/customers Let’s take a look at threats in the IoT realm and discuss what an IoT platform must do in order to mitigate risk. Below is a STRIDE-based IoT Platform Security Checklist covering the following threat areas: • Spoofing – Pretending to be something or someone you’re not • Tampering – Modifying something you’re Lastly, in order to develop a comprehensive IoT threat landscape with STRIDE, Xively has dedicated a lot of time to helping its customers account for all the various actors within an IoT ecosystem during the design stage of development: • Devices – Physical products connected to the Internet via the Xively platform; XIVELY’S APPROACH TO SECURITY Encryption Crypto on
17© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY Introducing BlueprintTM Master Directory of Your Connected Business Objects Attributes Rules •  Main directory of all your users, products and organizations •  Catalog of things that will interact with your connected products •  Describes and stores useful information about all your objects •  Examples: name, setting, status, serial number, location •  Connected businesses policies and relationships •  Defines and manages security, trust and relationships among objects •  Interaction with other business systems (CRM/ ERP)
18© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY What Blueprint now enables Identity Management Let a customer create and invite new users Authentication Allow existing users to sign in, return an ID that is used across all microservices. Provisioning Securely orchestrate the distribution of credentials to new devices, and their association with end users. Authorization Define the roles and permissions that govern how entities message and manage each other.
Thanks. @XivelyIoT | xively.com

Empfohlen

The Best of Times & the Worst of Times for the Internet of Things
The Best of Times & the Worst of Times for the Internet of ThingsThe Best of Times & the Worst of Times for the Internet of Things
The Best of Times & the Worst of Times for the Internet of Thingskehrman
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?Lumension
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and AnalysisLumension
 
Mobile Security Trends in the Workplace
Mobile Security Trends in the WorkplaceMobile Security Trends in the Workplace
Mobile Security Trends in the WorkplaceBlueboxer2014
 
Preparing an Effective BYOD or Mobility Strategy
Preparing an Effective BYOD or Mobility StrategyPreparing an Effective BYOD or Mobility Strategy
Preparing an Effective BYOD or Mobility StrategyLogicalis Australia
 
Cloud Identity
Cloud IdentityCloud Identity
Cloud IdentityNetIQ
 
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationWeb Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationEryk Budi Pratama
 
G05.2013 gartner top security trends
G05.2013 gartner top security trendsG05.2013 gartner top security trends
G05.2013 gartner top security trendsSatya Harish
 

Empfohlen

The Best of Times & the Worst of Times for the Internet of Things
The Best of Times & the Worst of Times for the Internet of ThingsThe Best of Times & the Worst of Times for the Internet of Things
The Best of Times & the Worst of Times for the Internet of Thingskehrman
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?Lumension
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and AnalysisLumension
 
Mobile Security Trends in the Workplace
Mobile Security Trends in the WorkplaceMobile Security Trends in the Workplace
Mobile Security Trends in the WorkplaceBlueboxer2014
 
Preparing an Effective BYOD or Mobility Strategy
Preparing an Effective BYOD or Mobility StrategyPreparing an Effective BYOD or Mobility Strategy
Preparing an Effective BYOD or Mobility StrategyLogicalis Australia
 
Cloud Identity
Cloud IdentityCloud Identity
Cloud IdentityNetIQ
 
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationWeb Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationEryk Budi Pratama
 
G05.2013 gartner top security trends
G05.2013 gartner top security trendsG05.2013 gartner top security trends
G05.2013 gartner top security trendsSatya Harish
 
The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)Kirsty Donovan
 
White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...Samsung Biz Mobile
 
Legal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesLegal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesPriyanka Aash
 
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefInternet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefBill Chamberlin
 
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityIoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityDeniseFerniza
 
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...Enterprise Management Associates
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaLuca Moroni ✔✔
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir
 
Impact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + BotImpact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + BotVinod Kashyap
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...InnoTech
 
CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel CompTIA
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security BattlegroundWatchful Software
 
Fortinet broch
Fortinet brochFortinet broch
Fortinet brochRonaldo Cesar Espíndola Ferreira
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy QuizDruva
 
Challenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsChallenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsRobert 'Bob' Reyes
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...Inductive Automation
 
Security - A Digital Transformation Enabler
Security - A Digital Transformation EnablerSecurity - A Digital Transformation Enabler
Security - A Digital Transformation EnablerAlexander Akinjayeju. MSc, CISM, Prince2
 
CRUD chains
CRUD chainsCRUD chains
CRUD chainsDavid Birch
 
Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain David Birch
 

Weitere ähnliche Inhalte

Was ist angesagt?

The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)Kirsty Donovan
 
White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...Samsung Biz Mobile
 
Legal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesLegal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesPriyanka Aash
 
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefInternet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefBill Chamberlin
 
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityIoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityDeniseFerniza
 
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...Enterprise Management Associates
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaLuca Moroni ✔✔
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir
 
Impact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + BotImpact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + BotVinod Kashyap
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...InnoTech
 
CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel CompTIA
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security BattlegroundWatchful Software
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy QuizDruva
 
Challenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsChallenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsRobert 'Bob' Reyes
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...Inductive Automation
 

Was ist angesagt? (20)

The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)
 
White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...
 
Legal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesLegal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity Vulnerabilities
 
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefInternet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
 
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityIoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and security
 
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
 
Impact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + BotImpact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + Bot
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
 
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
 
CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security Battleground
 
Fortinet broch
Fortinet brochFortinet broch
Fortinet broch
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy Quiz
 
Challenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsChallenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act Brings
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12
 
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
 
Security - A Digital Transformation Enabler
Security - A Digital Transformation EnablerSecurity - A Digital Transformation Enabler
Security - A Digital Transformation Enabler
 

Andere mochten auch

Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain David Birch
 
Smart Contracts and Identity
Smart Contracts and IdentitySmart Contracts and Identity
Smart Contracts and IdentityPascal Van Hecke
 
Identity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and PromiseIdentity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and PromiseChristopher Allen
 
Blockchain Consensus Protocols
Blockchain Consensus ProtocolsBlockchain Consensus Protocols
Blockchain Consensus ProtocolsMelanie Swan
 
Blockchain_ver0.5_MIT_security_and Privacy_am_final_upload
Blockchain_ver0.5_MIT_security_and Privacy_am_final_uploadBlockchain_ver0.5_MIT_security_and Privacy_am_final_upload
Blockchain_ver0.5_MIT_security_and Privacy_am_final_uploadAnish Mohammed
 

Andere mochten auch (6)

CRUD chains
CRUD chainsCRUD chains
CRUD chains
 
Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain
 
Smart Contracts and Identity
Smart Contracts and IdentitySmart Contracts and Identity
Smart Contracts and Identity
 
Identity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and PromiseIdentity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and Promise
 
Blockchain Consensus Protocols
Blockchain Consensus ProtocolsBlockchain Consensus Protocols
Blockchain Consensus Protocols
 
Blockchain_ver0.5_MIT_security_and Privacy_am_final_upload
Blockchain_ver0.5_MIT_security_and Privacy_am_final_uploadBlockchain_ver0.5_MIT_security_and Privacy_am_final_upload
Blockchain_ver0.5_MIT_security_and Privacy_am_final_upload
 

Ähnlich wie An Identity Crisis at the Center of Every IoT Product

The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?Cognizant
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsIRJET Journal
 
Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacksAppSense
 
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...Mindbowser Inc
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-securityskumartarget
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18japijapi
 
Securing the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOSecuring the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOThe Economist Media Businesses
 
Boosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk ImperativeBoosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk ImperativeNational Retail Federation
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecurityCigniti Technologies Ltd
 
Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2FitCEO, Inc. (FCI)
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
Proposed T-Model to cover 4S quality metrics based on empirical study of root...
Proposed T-Model to cover 4S quality metrics based on empirical study of root...Proposed T-Model to cover 4S quality metrics based on empirical study of root...
Proposed T-Model to cover 4S quality metrics based on empirical study of root...IJECEIAES
 
Why Interop & Security are major issues in IOT?
Why Interop & Security are major issues in IOT?Why Interop & Security are major issues in IOT?
Why Interop & Security are major issues in IOT?Mobodexter
 
What are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docxWhat are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docxalanfhall8953
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?CA Technologies
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionPrecisely
 
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Clouditalia Telecomunicazioni
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 

Ähnlich wie An Identity Crisis at the Center of Every IoT Product (20)

The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of things
 
Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacks
 
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18
 
Securing the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOSecuring the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEO
 
Boosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk ImperativeBoosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk Imperative
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application Security
 
Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and Solutions
 
Proposed T-Model to cover 4S quality metrics based on empirical study of root...
Proposed T-Model to cover 4S quality metrics based on empirical study of root...Proposed T-Model to cover 4S quality metrics based on empirical study of root...
Proposed T-Model to cover 4S quality metrics based on empirical study of root...
 
Why Interop & Security are major issues in IOT?
Why Interop & Security are major issues in IOT?Why Interop & Security are major issues in IOT?
Why Interop & Security are major issues in IOT?
 
What are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docxWhat are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docx
 
IoT-Use-Case-eBook
IoT-Use-Case-eBookIoT-Use-Case-eBook
IoT-Use-Case-eBook
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 

Mehr von Salesforce Developers

Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSalesforce Developers
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceSalesforce Developers
 
Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base ComponentsSalesforce Developers
 
TrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsTrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsSalesforce Developers
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaSalesforce Developers
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentSalesforce Developers
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsSalesforce Developers
 
Enterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsEnterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsSalesforce Developers
 
TrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsTrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsSalesforce Developers
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingSalesforce Developers
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilitySalesforce Developers
 
Lightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataLightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataSalesforce Developers
 
Lightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionLightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionSalesforce Developers
 
Migrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPMigrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPSalesforce Developers
 
Scale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceScale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceSalesforce Developers
 
Replicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureReplicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureSalesforce Developers
 
Modern Development with Salesforce DX
Modern Development with Salesforce DXModern Development with Salesforce DX
Modern Development with Salesforce DXSalesforce Developers
 
Integrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectIntegrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectSalesforce Developers
 

Mehr von Salesforce Developers (20)

Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component Performance
 
Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base Components
 
TrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsTrailheaDX India : Developer Highlights
TrailheaDX India : Developer Highlights
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX India
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local Development
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web Components
 
Enterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsEnterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web Components
 
TrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsTrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer Highlights
 
Live coding with LWC
Live coding with LWCLive coding with LWC
Live coding with LWC
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and Testing
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura Interoperability
 
Lightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataLightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce data
 
Lightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionLightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An Introduction
 
Migrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPMigrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCP
 
Scale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceScale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in Salesforce
 
Replicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureReplicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data Capture
 
Modern Development with Salesforce DX
Modern Development with Salesforce DXModern Development with Salesforce DX
Modern Development with Salesforce DX
 
Get Into Lightning Flow Development
Get Into Lightning Flow DevelopmentGet Into Lightning Flow Development
Get Into Lightning Flow Development
 
Integrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectIntegrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS Connect
 

Kürzlich hochgeladen

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Kürzlich hochgeladen (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

An Identity Crisis at the Center of Every IoT Product

  • 1. An Identity Crisis at the Center of Every IoT Product Sean Lorenz Director of IoT Market Strategy Fraser Macdonald Product Owner
  • 2. 2© 2015, LogMeIn, Inc Outline 1.  A brief history of IoT products & platforms 2.  IoT platforms and IAM security demand 3.  Xively’s approach to security & IAM
  • 3. A DIP INTO THE PAST
  • 4. 4© 2015, LogMeIn, Inc Lessons from the trenches IoT connectivity at scale is REALLY hard Securing IoT data & identities is even harder
  • 5. 5© 2015, LogMeIn, Inc And the press has caught on…
  • 6. 6© 2015, LogMeIn, Inc What was missing? Scalability on all levels flexible efficient quantifiable secure
  • 7. 7© 2015, LogMeIn, Inc Reality sets in. The process of building an IoT product is still unknown to most companies Nothing exists to handle the complexity of managing all aspects of a connected product business 1 2
  • 8. © 2015 Forrester Research, Inc. Reproduction Prohibited 8 IoT platforms and IAM security demand Research and study results
  • 9. © 2015 Forrester Research, Inc. Reproduction Prohibited 9 Who did we talk to? ›  100 line of business and IT executives at durable goods manufacturers ›  All respondents are decision makers, influencers or participants in security strategy for connected devices ›  Geographic segmentation •  US: 64 respondents •  UK: 36 respondents ›  Organization Size: •  55%: 1,000+ employees •  45%: 100 to 999 employees Source: A commissioned study conducted by Forrester Consulting on behalf of Xivley, June 2015
  • 10. © 2015 Forrester Research, Inc. Reproduction Prohibited 10 Manufacturers of connected devices are concerned with various security issues Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK (percentages may not total 100 because of rounding) Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015 3% “Which of the follow security threats on your connected devices are you most concerned about?” (Ranked by top 5, with 1 being the most concerning threat) Rank 1 Rank 2 Rank 3 Rank 4 Rank 5 External hackers 32% 11% 9% 6% 7% Leakage of sensitive or confidential data 9% 13% 10% 20% 8% Viruses, network worms, and other malicious software (malware) 7% 9% 18% 10% 13% Lack of authentication and authorization for access to these devices 8% 14% 9% 16% 9% Third-party collection of device usage patterns and data from intelligent devices 7% 15% 9% 8% 13% Physical compromise due to intelligent device failures 4% 9% 12% 10% 13% Internal hackers 11% 10% 12% 6% 8% Denial of service attacks to intelligent devices 8% 11% 8% 11% 7% Compliance fines and penalties over regulatory violations 3% 1% 5% 8% 14% Safety of human life 8% 5% 6% 6% 65% 60% 57% 56% 52% 48% 47% 45% 31% 28% Total % ranked in top 5
  • 11. © 2015 Forrester Research, Inc. Reproduction Prohibited 11 37% 30% 29% 29% 21% 16% 13% Lack of standard interfaces Diverse device universe makes interoperability challenging Data privacy concerns Lingering concerns about underlying security Lack of compelling business case to support investment No barriers User resistance 67% of respondents are concerned with IAM, but there are barriers to addressing this issue “What are the barriers preventing you from implementing additional identity and access management (IAM) security control” Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015
  • 12. © 2015 Forrester Research, Inc. Reproduction Prohibited 12 IAM importance will continue as the number of parties accessing device data increases Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK (percentages may not total 100 because of rounding) Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015 “Which of the following currently requires access to your connected device data?” “Which of the following could benefit from access to your connected device in the future?” Currently In the future Other connected products 26% 36% Internal business systems and applications 47% 46% Sales 28% 27% Marketing 31% 42% IT 62% 48% Operations 47% 42% Field service reps 28% 33% Finance 20% 22% HR 12% 11% Customers 46% 44% Vendors 37% 42% Distributors 19% 31% Suppliers 18% 33% Average of four parties require access today Average of five parties will require access in the future Business systems and technology Internal business units Third parties
  • 13. © 2015 Forrester Research, Inc. Reproduction Prohibited 13 Manufacturers seek similar capabilities among vendor partners for IoT and IAM solutions 49% 37% 33% 30% 29% 28% 28% 23% 23% 22% 18% 18% 55% 36% 33% 28% 28% 28% 23% 20% 24% 26% 18% 18% Security expertise Reliable solutions Technical expertise Multinational player End-to-end turnkey solution Solution integration expertise Vertical industry expertise Customer service and help desk support Regional presence Scalable solutions Expertise in my legacy applications Partner ecosystem IoT partners IAM partners “What are the capabilities you are looking for in your Internet of Things (IoT) solution or IAM partners?” Base: 100 Discrete manufacturers (of durable goods) which manufacture connected / IoT products for consumers and/or businesses in the US and UK. Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June, 2015
  • 14. © 2015 Forrester Research, Inc. Reproduction Prohibited 14 Key takeaways to enable your connected product journey ›  Proactive manufacturers are deploying connected devices to differentiate products and transform customer relationships ›  Firms are in the early stages of deploying IoT software platforms •  Key functions: Connect, secure, manage, analyze and engage •  DIY is the main competitor today ›  Identity and access management (IAM) features are emerging as important security elements •  IAM demand will increase as more stakeholders access connected device data ›  Manufacturing firms seek IoT solution and IAM assistance from vendors with security and technical expertise
  • 16. 16© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY Security at the heart of an IoT platform 1.  Secure by design Ø  Xively was built FOR IoT and was built secure 2.  Device security Ø  Requirements: Very strict requirements for device itself – hardware requirements include having a real- time clock, crypto random number generator etc. and software requirements include time synchronization etc. Ø  Up-to-date client library Ø  Device-level rate limiting 3.  Secure in transit Ø  Xively mandates use of secure and strong TLS over all communications protocols (and supports HTTP, WebSockets and MQTT) 4.  Securing data at rest Ø  Storage encryption with Amazon Web Services 5.  Identity Access Management Ø  Blueprint manages identity of users/customers/ devices Ø  Uses OpenID Connect protocol for to identify/ authenticate vendor’s users/customers Let’s take a look at threats in the IoT realm and discuss what an IoT platform must do in order to mitigate risk. Below is a STRIDE-based IoT Platform Security Checklist covering the following threat areas: • Spoofing – Pretending to be something or someone you’re not • Tampering – Modifying something you’re Lastly, in order to develop a comprehensive IoT threat landscape with STRIDE, Xively has dedicated a lot of time to helping its customers account for all the various actors within an IoT ecosystem during the design stage of development: • Devices – Physical products connected to the Internet via the Xively platform; XIVELY’S APPROACH TO SECURITY Encryption Crypto on
  • 17. 17© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY Introducing BlueprintTM Master Directory of Your Connected Business Objects Attributes Rules •  Main directory of all your users, products and organizations •  Catalog of things that will interact with your connected products •  Describes and stores useful information about all your objects •  Examples: name, setting, status, serial number, location •  Connected businesses policies and relationships •  Defines and manages security, trust and relationships among objects •  Interaction with other business systems (CRM/ ERP)
  • 18. 18© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY What Blueprint now enables Identity Management Let a customer create and invite new users Authentication Allow existing users to sign in, return an ID that is used across all microservices. Provisioning Securely orchestrate the distribution of credentials to new devices, and their association with end users. Authorization Define the roles and permissions that govern how entities message and manage each other.