Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

2018 01 smart city symposium - db


Published on

How do trends around experience impact the way software can be used to extract value from smart city infrastructures? What are the security implications and what should you do?

Published in: Software
  • Additional reading: &
    Are you sure you want to  Yes  No
    Your message goes here

2018 01 smart city symposium - db

  1. 1. Going Native Citizens, Smart Cities, & Security January 2018 David Bressler, VP Industry Solutions, API Management @ CA Technologies Smart City value will be realized through software. More software means more value, but also more complexity. Learn how to frame this complexity in order to prevent security from becoming a barrier to citizen engagement.
  2. 2. This person. This moment. This job.
  3. 3. The generic play: modernize your application architecture 4
  4. 4. 5
  5. 5. 6
  6. 6. Process Data Event More than data is necessary to create an experience 7 Persona Moment Job
  7. 7. The platform informs the experience
  8. 8. Why Native? 9
  9. 9. The Challenge to Secure Smart City Applications: How do I create: • A native security experience that is convenient, frictionless, and makes it fast to add to new security modalities to apps? • Secure enough to meet audits & compliance requirements? • Provides “developer velocity”: maximum value without high costs to develop, operate, or support? Velocity Convenience Security
  10. 10. Decouple Security from the app silo Take as much authentication, data governance, or security architecture decisions out of the application silo. The developers in that silo may not have anything to do with you.
  11. 11. 12
  12. 12. 13
  13. 13. Benefits and Outcomes: 14 Native security experiences, as they evolve Our voice will authenticate us, when it does, it should be as seamless as FaceID was for TouchID developers Many security use cases ”out of the box” Two factor. Token passing. Others. We’ve seen how two-factor has evolved to bypass SMS weakness; how many still haven’t figured it out? Governed in the platform, not the silo How do we use context and identity to reduce risk? Security officers should decide, implement, and govern. App developers? Let them write apps. Faster/Cheaper to develop Not every developer needs to be a security expert; not every project needs a security implementation timeline. Increased security / identity sophistication because not building on the legacy of desktop security My bank app still “times me out after inactivity” in their mobile app, like I’m in a browser session! How many companies still require regularly changed passwords? If that’s so important, why doesn’t Google/Apple?
  14. 14. Can our Smart Cities be Healthier Cities? If 20 minutes of exercise, 3x per week improves health outcomes, could I lower insurance rates for people willing to share their smart-bike activity?
  15. 15. In China people who follow the rules have better credit scores: 16
  16. 16. VP, Industry Solutions David Bressler @djbressler Thank You.