SlideShare a Scribd company logo

An Identity Crisis at the Center of Every IoT Product

Salesforce Developers
Salesforce Developers

The Internet of Things is connecting just about any physical object in our environment with a growing option of users, partners, applications, 3rd party software systems and vendors. Managing and securing the growing number of things, people, and applications shuttling data to and from one another is a massive Identity & Access Management nightmare for most enterprises. In this talk we will discuss real-world scenarios for building more scalable identity management systems and how they will interact with your existing enterprise systems such as Salesforce.com.

Technology
1 of 19
Download to read offline
An Identity Crisis at the Center of Every IoT Product Sean Lorenz Director of IoT Market Strategy Fraser Macdonald Product Owner
2© 2015, LogMeIn, Inc Outline 1.  A brief history of IoT products & platforms 2.  IoT platforms and IAM security demand 3.  Xively’s approach to security & IAM
A DIP INTO THE PAST
4© 2015, LogMeIn, Inc Lessons from the trenches IoT connectivity at scale is REALLY hard Securing IoT data & identities is even harder
5© 2015, LogMeIn, Inc And the press has caught on…
6© 2015, LogMeIn, Inc What was missing? Scalability on all levels flexible efficient quantifiable secure
7© 2015, LogMeIn, Inc Reality sets in. The process of building an IoT product is still unknown to most companies Nothing exists to handle the complexity of managing all aspects of a connected product business 1 2
© 2015 Forrester Research, Inc. Reproduction Prohibited 8 IoT platforms and IAM security demand Research and study results
© 2015 Forrester Research, Inc. Reproduction Prohibited 9 Who did we talk to? ›  100 line of business and IT executives at durable goods manufacturers ›  All respondents are decision makers, influencers or participants in security strategy for connected devices ›  Geographic segmentation •  US: 64 respondents •  UK: 36 respondents ›  Organization Size: •  55%: 1,000+ employees •  45%: 100 to 999 employees Source: A commissioned study conducted by Forrester Consulting on behalf of Xivley, June 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 10 Manufacturers of connected devices are concerned with various security issues Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK (percentages may not total 100 because of rounding) Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015 3% “Which of the follow security threats on your connected devices are you most concerned about?” (Ranked by top 5, with 1 being the most concerning threat) Rank 1 Rank 2 Rank 3 Rank 4 Rank 5 External hackers 32% 11% 9% 6% 7% Leakage of sensitive or confidential data 9% 13% 10% 20% 8% Viruses, network worms, and other malicious software (malware) 7% 9% 18% 10% 13% Lack of authentication and authorization for access to these devices 8% 14% 9% 16% 9% Third-party collection of device usage patterns and data from intelligent devices 7% 15% 9% 8% 13% Physical compromise due to intelligent device failures 4% 9% 12% 10% 13% Internal hackers 11% 10% 12% 6% 8% Denial of service attacks to intelligent devices 8% 11% 8% 11% 7% Compliance fines and penalties over regulatory violations 3% 1% 5% 8% 14% Safety of human life 8% 5% 6% 6% 65% 60% 57% 56% 52% 48% 47% 45% 31% 28% Total % ranked in top 5
© 2015 Forrester Research, Inc. Reproduction Prohibited 11 37% 30% 29% 29% 21% 16% 13% Lack of standard interfaces Diverse device universe makes interoperability challenging Data privacy concerns Lingering concerns about underlying security Lack of compelling business case to support investment No barriers User resistance 67% of respondents are concerned with IAM, but there are barriers to addressing this issue “What are the barriers preventing you from implementing additional identity and access management (IAM) security control” Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 12 IAM importance will continue as the number of parties accessing device data increases Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK (percentages may not total 100 because of rounding) Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015 “Which of the following currently requires access to your connected device data?” “Which of the following could benefit from access to your connected device in the future?” Currently In the future Other connected products 26% 36% Internal business systems and applications 47% 46% Sales 28% 27% Marketing 31% 42% IT 62% 48% Operations 47% 42% Field service reps 28% 33% Finance 20% 22% HR 12% 11% Customers 46% 44% Vendors 37% 42% Distributors 19% 31% Suppliers 18% 33% Average of four parties require access today Average of five parties will require access in the future Business systems and technology Internal business units Third parties
© 2015 Forrester Research, Inc. Reproduction Prohibited 13 Manufacturers seek similar capabilities among vendor partners for IoT and IAM solutions 49% 37% 33% 30% 29% 28% 28% 23% 23% 22% 18% 18% 55% 36% 33% 28% 28% 28% 23% 20% 24% 26% 18% 18% Security expertise Reliable solutions Technical expertise Multinational player End-to-end turnkey solution Solution integration expertise Vertical industry expertise Customer service and help desk support Regional presence Scalable solutions Expertise in my legacy applications Partner ecosystem IoT partners IAM partners “What are the capabilities you are looking for in your Internet of Things (IoT) solution or IAM partners?” Base: 100 Discrete manufacturers (of durable goods) which manufacture connected / IoT products for consumers and/or businesses in the US and UK. Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June, 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 14 Key takeaways to enable your connected product journey ›  Proactive manufacturers are deploying connected devices to differentiate products and transform customer relationships ›  Firms are in the early stages of deploying IoT software platforms •  Key functions: Connect, secure, manage, analyze and engage •  DIY is the main competitor today ›  Identity and access management (IAM) features are emerging as important security elements •  IAM demand will increase as more stakeholders access connected device data ›  Manufacturing firms seek IoT solution and IAM assistance from vendors with security and technical expertise
THE XIVELY APPROACH TO IAM
16© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY Security at the heart of an IoT platform 1.  Secure by design Ø  Xively was built FOR IoT and was built secure 2.  Device security Ø  Requirements: Very strict requirements for device itself – hardware requirements include having a real- time clock, crypto random number generator etc. and software requirements include time synchronization etc. Ø  Up-to-date client library Ø  Device-level rate limiting 3.  Secure in transit Ø  Xively mandates use of secure and strong TLS over all communications protocols (and supports HTTP, WebSockets and MQTT) 4.  Securing data at rest Ø  Storage encryption with Amazon Web Services 5.  Identity Access Management Ø  Blueprint manages identity of users/customers/ devices Ø  Uses OpenID Connect protocol for to identify/ authenticate vendor’s users/customers Let’s take a look at threats in the IoT realm and discuss what an IoT platform must do in order to mitigate risk. Below is a STRIDE-based IoT Platform Security Checklist covering the following threat areas: • Spoofing – Pretending to be something or someone you’re not • Tampering – Modifying something you’re Lastly, in order to develop a comprehensive IoT threat landscape with STRIDE, Xively has dedicated a lot of time to helping its customers account for all the various actors within an IoT ecosystem during the design stage of development: • Devices – Physical products connected to the Internet via the Xively platform; XIVELY’S APPROACH TO SECURITY Encryption Crypto on
17© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY Introducing BlueprintTM Master Directory of Your Connected Business Objects Attributes Rules •  Main directory of all your users, products and organizations •  Catalog of things that will interact with your connected products •  Describes and stores useful information about all your objects •  Examples: name, setting, status, serial number, location •  Connected businesses policies and relationships •  Defines and manages security, trust and relationships among objects •  Interaction with other business systems (CRM/ ERP)
18© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY What Blueprint now enables Identity Management Let a customer create and invite new users Authentication Allow existing users to sign in, return an ID that is used across all microservices. Provisioning Securely orchestrate the distribution of credentials to new devices, and their association with end users. Authorization Define the roles and permissions that govern how entities message and manage each other.
Thanks. @XivelyIoT | xively.com

Recommended

The Best of Times & the Worst of Times for the Internet of Things
The Best of Times & the Worst of Times for the Internet of ThingsThe Best of Times & the Worst of Times for the Internet of Things
The Best of Times & the Worst of Times for the Internet of Thingskehrman
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?Lumension
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and AnalysisLumension
 
Mobile Security Trends in the Workplace
Mobile Security Trends in the WorkplaceMobile Security Trends in the Workplace
Mobile Security Trends in the WorkplaceBlueboxer2014
 
Preparing an Effective BYOD or Mobility Strategy
Preparing an Effective BYOD or Mobility StrategyPreparing an Effective BYOD or Mobility Strategy
Preparing an Effective BYOD or Mobility StrategyLogicalis Australia
 
Cloud Identity
Cloud IdentityCloud Identity
Cloud IdentityNetIQ
 
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationWeb Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationEryk Budi Pratama
 
G05.2013 gartner top security trends
G05.2013 gartner top security trendsG05.2013 gartner top security trends
G05.2013 gartner top security trendsSatya Harish
 

Recommended

The Best of Times & the Worst of Times for the Internet of Things
The Best of Times & the Worst of Times for the Internet of ThingsThe Best of Times & the Worst of Times for the Internet of Things
The Best of Times & the Worst of Times for the Internet of Thingskehrman
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?Lumension
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and AnalysisLumension
 
Mobile Security Trends in the Workplace
Mobile Security Trends in the WorkplaceMobile Security Trends in the Workplace
Mobile Security Trends in the WorkplaceBlueboxer2014
 
Preparing an Effective BYOD or Mobility Strategy
Preparing an Effective BYOD or Mobility StrategyPreparing an Effective BYOD or Mobility Strategy
Preparing an Effective BYOD or Mobility StrategyLogicalis Australia
 
Cloud Identity
Cloud IdentityCloud Identity
Cloud IdentityNetIQ
 
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationWeb Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationEryk Budi Pratama
 
G05.2013 gartner top security trends
G05.2013 gartner top security trendsG05.2013 gartner top security trends
G05.2013 gartner top security trendsSatya Harish
 
The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)Kirsty Donovan
 
White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...Samsung Biz Mobile
 
Legal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesLegal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesPriyanka Aash
 
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefInternet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefBill Chamberlin
 
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityIoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityDeniseFerniza
 
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...Enterprise Management Associates
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaLuca Moroni ✔✔
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir
 
Impact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + BotImpact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + BotVinod Kashyap
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...InnoTech
 
CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel CompTIA
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security BattlegroundWatchful Software
 
Fortinet broch
Fortinet brochFortinet broch
Fortinet brochRonaldo Cesar Espíndola Ferreira
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy QuizDruva
 
Challenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsChallenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsRobert 'Bob' Reyes
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...Inductive Automation
 
Security - A Digital Transformation Enabler
Security - A Digital Transformation EnablerSecurity - A Digital Transformation Enabler
Security - A Digital Transformation EnablerAlexander Akinjayeju. MSc, CISM, Prince2
 
CRUD chains
CRUD chainsCRUD chains
CRUD chainsDavid Birch
 
Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain David Birch
 

More Related Content

What's hot

The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)Kirsty Donovan
 
White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...Samsung Biz Mobile
 
Legal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesLegal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesPriyanka Aash
 
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefInternet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefBill Chamberlin
 
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityIoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityDeniseFerniza
 
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...Enterprise Management Associates
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaLuca Moroni ✔✔
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir
 
Impact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + BotImpact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + BotVinod Kashyap
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...InnoTech
 
CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel CompTIA
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security BattlegroundWatchful Software
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy QuizDruva
 
Challenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsChallenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsRobert 'Bob' Reyes
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...Inductive Automation
 

What's hot (20)

The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)
 
White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...White Paper: Balance Between Embedded Operating System Security Features and ...
White Paper: Balance Between Embedded Operating System Security Features and ...
 
Legal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesLegal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity Vulnerabilities
 
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend BriefInternet of Things Security: IBM HorizonWatch 2016 Trend Brief
Internet of Things Security: IBM HorizonWatch 2016 Trend Brief
 
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityIoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and security
 
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
The Internet of Things and Enterprise Networks: Planning, Engineering, and Op...
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
 
Impact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + BotImpact of Technology on Profession: Human Vs. AI + Bot
Impact of Technology on Profession: Human Vs. AI + Bot
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
 
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
Building Bridges: Security Metrics to Narrow the Chasm Between Perception and...
 
CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel CompTIA - IT Security Sales Practices in the Channel
CompTIA - IT Security Sales Practices in the Channel
 
The BYOD Security Battleground
The BYOD Security BattlegroundThe BYOD Security Battleground
The BYOD Security Battleground
 
Fortinet broch
Fortinet brochFortinet broch
Fortinet broch
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy Quiz
 
Challenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsChallenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act Brings
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12
 
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
Integrator Evolution: Discussing Current Challenges & Future Trends in Indust...
 
Security - A Digital Transformation Enabler
Security - A Digital Transformation EnablerSecurity - A Digital Transformation Enabler
Security - A Digital Transformation Enabler
 

Viewers also liked

Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain David Birch
 
Smart Contracts and Identity
Smart Contracts and IdentitySmart Contracts and Identity
Smart Contracts and IdentityPascal Van Hecke
 
Identity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and PromiseIdentity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and PromiseChristopher Allen
 
Blockchain Consensus Protocols
Blockchain Consensus ProtocolsBlockchain Consensus Protocols
Blockchain Consensus ProtocolsMelanie Swan
 
Blockchain_ver0.5_MIT_security_and Privacy_am_final_upload
Blockchain_ver0.5_MIT_security_and Privacy_am_final_uploadBlockchain_ver0.5_MIT_security_and Privacy_am_final_upload
Blockchain_ver0.5_MIT_security_and Privacy_am_final_uploadAnish Mohammed
 

Viewers also liked (6)

CRUD chains
CRUD chainsCRUD chains
CRUD chains
 
Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain Identity, the Internet of Things and the Blockchain
Identity, the Internet of Things and the Blockchain
 
Smart Contracts and Identity
Smart Contracts and IdentitySmart Contracts and Identity
Smart Contracts and Identity
 
Identity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and PromiseIdentity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and Promise
 
Blockchain Consensus Protocols
Blockchain Consensus ProtocolsBlockchain Consensus Protocols
Blockchain Consensus Protocols
 
Blockchain_ver0.5_MIT_security_and Privacy_am_final_upload
Blockchain_ver0.5_MIT_security_and Privacy_am_final_uploadBlockchain_ver0.5_MIT_security_and Privacy_am_final_upload
Blockchain_ver0.5_MIT_security_and Privacy_am_final_upload
 

Similar to An Identity Crisis at the Center of Every IoT Product

The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?Cognizant
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsIRJET Journal
 
Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacksAppSense
 
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...Mindbowser Inc
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-securityskumartarget
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18japijapi
 
Securing the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOSecuring the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOThe Economist Media Businesses
 
Boosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk ImperativeBoosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk ImperativeNational Retail Federation
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecurityCigniti Technologies Ltd
 
Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2FitCEO, Inc. (FCI)
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
Proposed T-Model to cover 4S quality metrics based on empirical study of root...
Proposed T-Model to cover 4S quality metrics based on empirical study of root...Proposed T-Model to cover 4S quality metrics based on empirical study of root...
Proposed T-Model to cover 4S quality metrics based on empirical study of root...IJECEIAES
 
Why Interop & Security are major issues in IOT?
Why Interop & Security are major issues in IOT?Why Interop & Security are major issues in IOT?
Why Interop & Security are major issues in IOT?Mobodexter
 
What are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docxWhat are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docxalanfhall8953
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?CA Technologies
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionPrecisely
 
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Clouditalia Telecomunicazioni
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 

Similar to An Identity Crisis at the Center of Every IoT Product (20)

The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of things
 
Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacks
 
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...
94% enterprises will use IoT by end of 2021: Microsoft announces IoT Signals ...
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18
 
Securing the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOSecuring the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEO
 
Boosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk ImperativeBoosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk Imperative
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application Security
 
Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and Solutions
 
Proposed T-Model to cover 4S quality metrics based on empirical study of root...
Proposed T-Model to cover 4S quality metrics based on empirical study of root...Proposed T-Model to cover 4S quality metrics based on empirical study of root...
Proposed T-Model to cover 4S quality metrics based on empirical study of root...
 
Why Interop & Security are major issues in IOT?
Why Interop & Security are major issues in IOT?Why Interop & Security are major issues in IOT?
Why Interop & Security are major issues in IOT?
 
What are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docxWhat are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docx
 
IoT-Use-Case-eBook
IoT-Use-Case-eBookIoT-Use-Case-eBook
IoT-Use-Case-eBook
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 

More from Salesforce Developers

Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSalesforce Developers
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceSalesforce Developers
 
Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base ComponentsSalesforce Developers
 
TrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsTrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsSalesforce Developers
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaSalesforce Developers
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentSalesforce Developers
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsSalesforce Developers
 
Enterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsEnterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsSalesforce Developers
 
TrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsTrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsSalesforce Developers
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingSalesforce Developers
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilitySalesforce Developers
 
Lightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataLightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataSalesforce Developers
 
Lightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionLightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionSalesforce Developers
 
Migrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPMigrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPSalesforce Developers
 
Scale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceScale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceSalesforce Developers
 
Replicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureReplicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureSalesforce Developers
 
Modern Development with Salesforce DX
Modern Development with Salesforce DXModern Development with Salesforce DX
Modern Development with Salesforce DXSalesforce Developers
 
Integrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectIntegrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectSalesforce Developers
 

More from Salesforce Developers (20)

Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component Performance
 
Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base Components
 
TrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsTrailheaDX India : Developer Highlights
TrailheaDX India : Developer Highlights
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX India
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local Development
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web Components
 
Enterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsEnterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web Components
 
TrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsTrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer Highlights
 
Live coding with LWC
Live coding with LWCLive coding with LWC
Live coding with LWC
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and Testing
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura Interoperability
 
Lightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataLightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce data
 
Lightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionLightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An Introduction
 
Migrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPMigrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCP
 
Scale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceScale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in Salesforce
 
Replicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureReplicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data Capture
 
Modern Development with Salesforce DX
Modern Development with Salesforce DXModern Development with Salesforce DX
Modern Development with Salesforce DX
 
Get Into Lightning Flow Development
Get Into Lightning Flow DevelopmentGet Into Lightning Flow Development
Get Into Lightning Flow Development
 
Integrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectIntegrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS Connect
 

Recently uploaded

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 

Recently uploaded (20)

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 

An Identity Crisis at the Center of Every IoT Product

  • 1. An Identity Crisis at the Center of Every IoT Product Sean Lorenz Director of IoT Market Strategy Fraser Macdonald Product Owner
  • 2. 2© 2015, LogMeIn, Inc Outline 1.  A brief history of IoT products & platforms 2.  IoT platforms and IAM security demand 3.  Xively’s approach to security & IAM
  • 3. A DIP INTO THE PAST
  • 4. 4© 2015, LogMeIn, Inc Lessons from the trenches IoT connectivity at scale is REALLY hard Securing IoT data & identities is even harder
  • 5. 5© 2015, LogMeIn, Inc And the press has caught on…
  • 6. 6© 2015, LogMeIn, Inc What was missing? Scalability on all levels flexible efficient quantifiable secure
  • 7. 7© 2015, LogMeIn, Inc Reality sets in. The process of building an IoT product is still unknown to most companies Nothing exists to handle the complexity of managing all aspects of a connected product business 1 2
  • 8. © 2015 Forrester Research, Inc. Reproduction Prohibited 8 IoT platforms and IAM security demand Research and study results
  • 9. © 2015 Forrester Research, Inc. Reproduction Prohibited 9 Who did we talk to? ›  100 line of business and IT executives at durable goods manufacturers ›  All respondents are decision makers, influencers or participants in security strategy for connected devices ›  Geographic segmentation •  US: 64 respondents •  UK: 36 respondents ›  Organization Size: •  55%: 1,000+ employees •  45%: 100 to 999 employees Source: A commissioned study conducted by Forrester Consulting on behalf of Xivley, June 2015
  • 10. © 2015 Forrester Research, Inc. Reproduction Prohibited 10 Manufacturers of connected devices are concerned with various security issues Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK (percentages may not total 100 because of rounding) Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015 3% “Which of the follow security threats on your connected devices are you most concerned about?” (Ranked by top 5, with 1 being the most concerning threat) Rank 1 Rank 2 Rank 3 Rank 4 Rank 5 External hackers 32% 11% 9% 6% 7% Leakage of sensitive or confidential data 9% 13% 10% 20% 8% Viruses, network worms, and other malicious software (malware) 7% 9% 18% 10% 13% Lack of authentication and authorization for access to these devices 8% 14% 9% 16% 9% Third-party collection of device usage patterns and data from intelligent devices 7% 15% 9% 8% 13% Physical compromise due to intelligent device failures 4% 9% 12% 10% 13% Internal hackers 11% 10% 12% 6% 8% Denial of service attacks to intelligent devices 8% 11% 8% 11% 7% Compliance fines and penalties over regulatory violations 3% 1% 5% 8% 14% Safety of human life 8% 5% 6% 6% 65% 60% 57% 56% 52% 48% 47% 45% 31% 28% Total % ranked in top 5
  • 11. © 2015 Forrester Research, Inc. Reproduction Prohibited 11 37% 30% 29% 29% 21% 16% 13% Lack of standard interfaces Diverse device universe makes interoperability challenging Data privacy concerns Lingering concerns about underlying security Lack of compelling business case to support investment No barriers User resistance 67% of respondents are concerned with IAM, but there are barriers to addressing this issue “What are the barriers preventing you from implementing additional identity and access management (IAM) security control” Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015
  • 12. © 2015 Forrester Research, Inc. Reproduction Prohibited 12 IAM importance will continue as the number of parties accessing device data increases Base: 100 discrete manufacturers (of durable goods) that manufacture connected products for consumers and / or businesses in the US and UK (percentages may not total 100 because of rounding) Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June 2015 “Which of the following currently requires access to your connected device data?” “Which of the following could benefit from access to your connected device in the future?” Currently In the future Other connected products 26% 36% Internal business systems and applications 47% 46% Sales 28% 27% Marketing 31% 42% IT 62% 48% Operations 47% 42% Field service reps 28% 33% Finance 20% 22% HR 12% 11% Customers 46% 44% Vendors 37% 42% Distributors 19% 31% Suppliers 18% 33% Average of four parties require access today Average of five parties will require access in the future Business systems and technology Internal business units Third parties
  • 13. © 2015 Forrester Research, Inc. Reproduction Prohibited 13 Manufacturers seek similar capabilities among vendor partners for IoT and IAM solutions 49% 37% 33% 30% 29% 28% 28% 23% 23% 22% 18% 18% 55% 36% 33% 28% 28% 28% 23% 20% 24% 26% 18% 18% Security expertise Reliable solutions Technical expertise Multinational player End-to-end turnkey solution Solution integration expertise Vertical industry expertise Customer service and help desk support Regional presence Scalable solutions Expertise in my legacy applications Partner ecosystem IoT partners IAM partners “What are the capabilities you are looking for in your Internet of Things (IoT) solution or IAM partners?” Base: 100 Discrete manufacturers (of durable goods) which manufacture connected / IoT products for consumers and/or businesses in the US and UK. Source: A commissioned study conducted by Forrester Consulting on behalf of Xively, June, 2015
  • 14. © 2015 Forrester Research, Inc. Reproduction Prohibited 14 Key takeaways to enable your connected product journey ›  Proactive manufacturers are deploying connected devices to differentiate products and transform customer relationships ›  Firms are in the early stages of deploying IoT software platforms •  Key functions: Connect, secure, manage, analyze and engage •  DIY is the main competitor today ›  Identity and access management (IAM) features are emerging as important security elements •  IAM demand will increase as more stakeholders access connected device data ›  Manufacturing firms seek IoT solution and IAM assistance from vendors with security and technical expertise
  • 16. 16© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY Security at the heart of an IoT platform 1.  Secure by design Ø  Xively was built FOR IoT and was built secure 2.  Device security Ø  Requirements: Very strict requirements for device itself – hardware requirements include having a real- time clock, crypto random number generator etc. and software requirements include time synchronization etc. Ø  Up-to-date client library Ø  Device-level rate limiting 3.  Secure in transit Ø  Xively mandates use of secure and strong TLS over all communications protocols (and supports HTTP, WebSockets and MQTT) 4.  Securing data at rest Ø  Storage encryption with Amazon Web Services 5.  Identity Access Management Ø  Blueprint manages identity of users/customers/ devices Ø  Uses OpenID Connect protocol for to identify/ authenticate vendor’s users/customers Let’s take a look at threats in the IoT realm and discuss what an IoT platform must do in order to mitigate risk. Below is a STRIDE-based IoT Platform Security Checklist covering the following threat areas: • Spoofing – Pretending to be something or someone you’re not • Tampering – Modifying something you’re Lastly, in order to develop a comprehensive IoT threat landscape with STRIDE, Xively has dedicated a lot of time to helping its customers account for all the various actors within an IoT ecosystem during the design stage of development: • Devices – Physical products connected to the Internet via the Xively platform; XIVELY’S APPROACH TO SECURITY Encryption Crypto on
  • 17. 17© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY Introducing BlueprintTM Master Directory of Your Connected Business Objects Attributes Rules •  Main directory of all your users, products and organizations •  Catalog of things that will interact with your connected products •  Describes and stores useful information about all your objects •  Examples: name, setting, status, serial number, location •  Connected businesses policies and relationships •  Defines and manages security, trust and relationships among objects •  Interaction with other business systems (CRM/ ERP)
  • 18. 18© 2015, LogMeIn, Inc. | CONFIDENTIAL – FOR INTERNAL USE ONLY What Blueprint now enables Identity Management Let a customer create and invite new users Authentication Allow existing users to sign in, return an ID that is used across all microservices. Provisioning Securely orchestrate the distribution of credentials to new devices, and their association with end users. Authorization Define the roles and permissions that govern how entities message and manage each other.