Abstract image of a woman sitting on books and studying on a laptop

A Smarter, More Secure Internet of Things

Download as PPTX, PDF
NetIQ, profile picture
NetIQ

The document discusses the implications of the Internet of Things (IoT) on technology interaction, emphasizing the importance of identity management in securing interconnected devices. It highlights the security risks associated with the explosion of connected devices and calls for a shift towards identity-centric approaches to mitigate these risks. Key actions are suggested for organizations to better understand and manage identity information in the context of IoT.

InternetTechnology
Related topics:
Identity and Access Management Internet of Things IT Security
1 of 42
Downloaded 81 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
A smarter, more secure Internet of Things Travis Greene Identity Solutions Strategist, NetIQ
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.2 Internet of Things
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.3 Internet of Things What “things” and how did we get there? Goldman Sachs, What is the Internet of Things?, September 2014
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.4 Two Critical Components Things People behind the “Things”
The Internet of Things - A Few Examples
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.6
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.7
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.8
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.9
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.10
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.11
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.12
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.13
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.14
The Risk Presented by the Internet of Things
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.16
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.17
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.18 • The Internet of Things will change the way we use and interact with technology. • Devices will constantly monitor and respond both to us and to each other. • We must learn to manage this interaction.
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.19
“Another evolving area of risk lies in physical objects—industrial components, automobiles, home automation products, and consumer devices, to name a few—that are being integrated into the information network, a trend typically referred to as the ‘Internet of Things.’ The interconnection of billions of devices with IT and operational systems will introduce a new world of security risks for businesses, consumers, and governments.” 2014 PwC State of Cybercrime Survey
“The development towards an IoT is likely to give rise to a number of ethical issues and debates in society, many of which have already surfaced in connection with the current Internet and ICT in general, such as loss of trust, violations of privacy, misuse of data, ambiguity of copyright, digital divide, identity theft, problems of control and of access to information and freedom of speech and expression. However, in IoT, many of these problems gain a new dimension in light of the increased complexity.” 2013 European Commission Report on the IoT
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.22 Gartner Hype Cycle
So, how do we do that?
Focus on the identities
Too many users with too much access
Too many users with too much access devices
We can’t leave it to the manufacturers’ plan
We can’t stop attacks, but we can mitigate the damage
Focus on the basics Enforce access controls Monitor user activity Minimize rights
But how do we understand if the activity is appropriate?
31 The answer is NOT more data • Security teams already have too much data to deal with • New tools and new infrastructures compound the problem
Simply put… There’s too much noise and not enough insight
Security needs context… What access? Access okay? Normal? Where? Who? Identity?
35 What is the key? Identity
We must adopt identity-centric thinking if we want to have any chance of maintaining control over the world we are building
Identity of Everything
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.38 The Identity of Everything allows the creation of a unique set of attributes • Who or what every connected item or person is • What permissions those objects and people have • What they do with those entitlements • Who granted the permissions • How other people and devices may interact
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.39 • Google Nest, a home automation hub • Collects data from other appliances & sensors • But there is a homeowner identity behind it that Google wants to market to • And that owner will have relationships to many other things The Identity of Everything will be both Hierarchical and Matrixed
© 2014 NetIQ Corporation. All rights reserved.40 NetIQ provides a unique combination of Identity, Access and Security solutions that will scale to address the future demands on identity
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.41 Actions for Today, Tomorrow, Next Year • Understand the identity stores you already have • Examine how identity information is used in your organization • Look for ways to integrate identity context into your product design to protect data collected by IoT sensors • Start to build a framework to handle more sophisticated, aggregate identity, that can scale • Work towards an extensible identity framework that will encompass people, products, devices and services
+1 713.548.1700 (Worldwide) 888.323.6768 (Toll-free) info@netiq.com NetIQ.com Worldwide Headquarters 515 Post Oak Blvd., Suite 1200 Houston, TX 77027 USA www.netiq.com/communities
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. Copyright © 2015 NetIQ Corporation. All rights reserved. ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States and other countries.

More Related Content

PPTX
From reactive to automated reducing costs through mature security processes i...
NetIQ
 
PPTX
Leveraging Identity to Manage Change and Complexity
NetIQ
 
PDF
Cloud Identity
NetIQ
 
PPTX
Building A Cloud-Ready Security Program
NetIQ
 
PPTX
Scrubbing Your Active Directory Squeaky Clean
NetIQ
 
PDF
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ
 
PDF
Security - A Digital Transformation Enabler
Alexander Akinjayeju. MSc, CISM, Prince2
 
PPTX
SANS Critical Security Controls Summit London 2013
Wolfgang Kandek
 
From reactive to automated reducing costs through mature security processes i...
NetIQ
 
Leveraging Identity to Manage Change and Complexity
NetIQ
 
Cloud Identity
NetIQ
 
Building A Cloud-Ready Security Program
NetIQ
 
Scrubbing Your Active Directory Squeaky Clean
NetIQ
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ
 
Security - A Digital Transformation Enabler
Alexander Akinjayeju. MSc, CISM, Prince2
 
SANS Critical Security Controls Summit London 2013
Wolfgang Kandek
 

What's hot (20)

PDF
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Ivanti
 
PPTX
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
centralohioissa
 
PDF
The Future of Technology Operations
Ivanti
 
PDF
Why Executives Underinvest In Cybersecurity
HackerOne
 
PDF
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Ignyte Assurance Platform
 
PDF
Total Digital Security Introduction 4.2
Brad Deflin
 
PDF
2021 English Part One Anti-phishing Webinar Presentation Slides
Ivanti
 
PPTX
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
centralohioissa
 
PPTX
Are You Being Anti-Social
NetIQ
 
PDF
G05.2013 gartner top security trends
Satya Harish
 
PDF
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identity Defined Security Alliance
 
PPTX
New CISO - The First 90 Days
Resilient Systems
 
PPTX
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Symantec APJ
 
PPTX
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
Raffa Learning Community
 
PDF
IT Service & Asset Management Better Together
Ivanti
 
PDF
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Digital Guardian
 
PDF
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
EnergySec
 
PDF
Energy Industry Organizational Strategies to Increase Cyber Resiliency
EnergySec
 
PPT
How Network Data Loss Prevention is Implemented
Jerry Paul Acosta
 
PPTX
Mobility Security - A Business-Centric Approach
Omar Khawaja
 
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Ivanti
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
centralohioissa
 
The Future of Technology Operations
Ivanti
 
Why Executives Underinvest In Cybersecurity
HackerOne
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Ignyte Assurance Platform
 
Total Digital Security Introduction 4.2
Brad Deflin
 
2021 English Part One Anti-phishing Webinar Presentation Slides
Ivanti
 
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
centralohioissa
 
Are You Being Anti-Social
NetIQ
 
G05.2013 gartner top security trends
Satya Harish
 
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identity Defined Security Alliance
 
New CISO - The First 90 Days
Resilient Systems
 
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Symantec APJ
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
Raffa Learning Community
 
IT Service & Asset Management Better Together
Ivanti
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Digital Guardian
 
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
EnergySec
 
Energy Industry Organizational Strategies to Increase Cyber Resiliency
EnergySec
 
How Network Data Loss Prevention is Implemented
Jerry Paul Acosta
 
Mobility Security - A Business-Centric Approach
Omar Khawaja
 
Ad

Viewers also liked (17)

PPTX
BrainShare 2014
NetIQ
 
PDF
Mobile Apps in Your Business
NetIQ
 
PPTX
Advanced Persistent Threat - Evaluating Effective Responses
NetIQ
 
PPTX
Bring Your Own Identity
NetIQ
 
PDF
Modern Web Developement
peychevi
 
PPT
Identity, Security and Healthcare
NetIQ
 
PPTX
Flaws in Identity Management and How to Avoid Them
NetIQ
 
PPTX
5 insider tips for using it audits to maximize security
NetIQ
 
PDF
Internet of Things Facts and Stats
Intelligentia IT Systems Pvt. Ltd.
 
PDF
Internet of Things forecasts infographic
Emerald Technology
 
PDF
IT Disaster Recovery
NetIQ
 
PDF
The Next Indispensable Tool for Small Business
Field Agent
 
PDF
2014 Cyberthreat Defense Report
NetIQ
 
PDF
Regulating the dark net
Andres Guadamuz
 
PDF
Making Good: Diversity and Equality in the Maker Movement
Leah Buechley
 
PDF
6 Essentials For Parents Of College Students
Regions Bank
 
PDF
21 Most Common Film Genres
Rafael John Acantilado
 
BrainShare 2014
NetIQ
 
Mobile Apps in Your Business
NetIQ
 
Advanced Persistent Threat - Evaluating Effective Responses
NetIQ
 
Bring Your Own Identity
NetIQ
 
Modern Web Developement
peychevi
 
Identity, Security and Healthcare
NetIQ
 
Flaws in Identity Management and How to Avoid Them
NetIQ
 
5 insider tips for using it audits to maximize security
NetIQ
 
Internet of Things Facts and Stats
Intelligentia IT Systems Pvt. Ltd.
 
Internet of Things forecasts infographic
Emerald Technology
 
IT Disaster Recovery
NetIQ
 
The Next Indispensable Tool for Small Business
Field Agent
 
2014 Cyberthreat Defense Report
NetIQ
 
Regulating the dark net
Andres Guadamuz
 
Making Good: Diversity and Equality in the Maker Movement
Leah Buechley
 
6 Essentials For Parents Of College Students
Regions Bank
 
21 Most Common Film Genres
Rafael John Acantilado
 
Ad

Similar to A Smarter, More Secure Internet of Things (20)

PPTX
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
bmcmenemy
 
PPTX
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
bmcmenemy
 
PDF
The Identity of Things: Privacy & Security Concerns
Simon Moffatt
 
PDF
The internet of things..perspectives for the Nigerian legal system
Simon Aderinlola
 
PPTX
Iot privacy vs convenience
Don Lovett
 
PDF
Io t whitepaper_5_15_17
Aravindharamanan S
 
PDF
Simon Harrison RWE - Chain of Things 010616 final
Simon Harrison
 
PPTX
Internet & iot security
Usman Anjum
 
PPTX
National seminar on emergence of internet of things (io t) trends and challe...
Ajay Ohri
 
PPTX
Internet of Things TCLG Oct 23 2014
Lisa Abe-Oldenburg, B.Comm., JD.
 
PDF
Exploring Secure Computing for the Internet of Things, Internet of Everything...
Maurice Dawson
 
PPTX
Internet of Things
Mphasis
 
PDF
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Katedra Informatologii. Wydział Dziennikarstwa, Informacji i Bibliologii, Uniwersytet Warszawski
 
PDF
Developing surveillance challenges in theinternet of things
Dr. Raghavendra GS
 
PPTX
Introduction to IOT security
Priyab Satoshi
 
PDF
IBM Xforce Q4 2014
Patrick Bouillaud
 
DOCX
INTERNET OF THINGS A STUDY ON SECURITY AND PRIVACY THREATSMd .docx
vrickens
 
PDF
All you need to know about SSI for Corporates and IoT – Heather Vescent
Blockchain España
 
PDF
Telefónica security io_t_final
Christopher Wang
 
PDF
IRJET- Enhancing Security Features for IoT Devices Connected to Cloud Service...
IRJET Journal
 
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
bmcmenemy
 
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
bmcmenemy
 
The Identity of Things: Privacy & Security Concerns
Simon Moffatt
 
The internet of things..perspectives for the Nigerian legal system
Simon Aderinlola
 
Iot privacy vs convenience
Don Lovett
 
Io t whitepaper_5_15_17
Aravindharamanan S
 
Simon Harrison RWE - Chain of Things 010616 final
Simon Harrison
 
Internet & iot security
Usman Anjum
 
National seminar on emergence of internet of things (io t) trends and challe...
Ajay Ohri
 
Internet of Things TCLG Oct 23 2014
Lisa Abe-Oldenburg, B.Comm., JD.
 
Exploring Secure Computing for the Internet of Things, Internet of Everything...
Maurice Dawson
 
Internet of Things
Mphasis
 
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Katedra Informatologii. Wydział Dziennikarstwa, Informacji i Bibliologii, Uniwersytet Warszawski
 
Developing surveillance challenges in theinternet of things
Dr. Raghavendra GS
 
Introduction to IOT security
Priyab Satoshi
 
IBM Xforce Q4 2014
Patrick Bouillaud
 
INTERNET OF THINGS A STUDY ON SECURITY AND PRIVACY THREATSMd .docx
vrickens
 
All you need to know about SSI for Corporates and IoT – Heather Vescent
Blockchain España
 
Telefónica security io_t_final
Christopher Wang
 
IRJET- Enhancing Security Features for IoT Devices Connected to Cloud Service...
IRJET Journal
 

More from NetIQ (19)

PDF
Open Enterprise Server With Windows
NetIQ
 
PDF
Big Payoffs With BYOD and Mobility
NetIQ
 
PDF
Paraca Inc.
NetIQ
 
PDF
The University of Westminster Saves Time and Money with Identity Manager
NetIQ
 
PDF
The London School of Hygiene & Tropical Medicine Accelerates and Streamlines ...
NetIQ
 
PDF
Swisscard Saves Time and Effort in Managing User Access
NetIQ
 
PDF
Vodacom Tightens Security with Identity Manager from NetIQ
NetIQ
 
PDF
University of Dayton Ensures Compliance with Sentinel Log Manager
NetIQ
 
PDF
Nippon Light Metal Forges a Disaster Recovery Solution with NetIQ
NetIQ
 
PDF
Nexus Differentiates Itself and Grows Its Capabilities with Operations Center
NetIQ
 
PDF
Netiq css huntington_bank
NetIQ
 
PDF
Professional Services Company Boosts Security, Facilitates Compliance, Automa...
NetIQ
 
PDF
NetIQ Identity Manager Unites Hanshan Normal University
NetIQ
 
PDF
Handelsbanken Takes Control of Identity Management with NetIQ
NetIQ
 
PDF
Millions of People Depend on Datang Xianyi Technology and NetIQ
NetIQ
 
PDF
bluesource Uses NetIQ AppManager to Offer Standout Managed Service
NetIQ
 
PDF
Central Denmark Region Strengthens Administrative Security with Identity Mana...
NetIQ
 
PDF
Identity-Powered Security
NetIQ
 
PDF
Owens Community College adds Single Sign-On and Meets FERPA
NetIQ
 
Open Enterprise Server With Windows
NetIQ
 
Big Payoffs With BYOD and Mobility
NetIQ
 
Paraca Inc.
NetIQ
 
The University of Westminster Saves Time and Money with Identity Manager
NetIQ
 
The London School of Hygiene & Tropical Medicine Accelerates and Streamlines ...
NetIQ
 
Swisscard Saves Time and Effort in Managing User Access
NetIQ
 
Vodacom Tightens Security with Identity Manager from NetIQ
NetIQ
 
University of Dayton Ensures Compliance with Sentinel Log Manager
NetIQ
 
Nippon Light Metal Forges a Disaster Recovery Solution with NetIQ
NetIQ
 
Nexus Differentiates Itself and Grows Its Capabilities with Operations Center
NetIQ
 
Netiq css huntington_bank
NetIQ
 
Professional Services Company Boosts Security, Facilitates Compliance, Automa...
NetIQ
 
NetIQ Identity Manager Unites Hanshan Normal University
NetIQ
 
Handelsbanken Takes Control of Identity Management with NetIQ
NetIQ
 
Millions of People Depend on Datang Xianyi Technology and NetIQ
NetIQ
 
bluesource Uses NetIQ AppManager to Offer Standout Managed Service
NetIQ
 
Central Denmark Region Strengthens Administrative Security with Identity Mana...
NetIQ
 
Identity-Powered Security
NetIQ
 
Owens Community College adds Single Sign-On and Meets FERPA
NetIQ
 

Recently uploaded (20)

PPTX
Top Website Bugs That Hurt User Experience – And How Expert Web Design Fixes
e-Definers Technology
 
PPTX
Networking2-LECTURE2 this is our lessons
MarkAngeloOprido
 
PPTX
Concepts of Object Oriented Programming.
educationonlyukiyo
 
PPTX
module 1-Part 1.pptxdddddddddddddddddddddddddddddddddddd
KevinSeelu
 
DOCX
Powerful Ways AIRCONNECT INFOSYSTEMS Pvt Ltd Enhances IT Infrastructure in In...
Airconnect pvtltd
 
PDF
Buy Cash App Verified Accounts Instantly – Secure Crypto Deal.pdf
pvaonit
 
PPTX
Artificial_Intelligence_Basics use in our daily life
ANUBHABPANIGRAHI3
 
PPTX
curriculumandpedagogyinearlychildhoodcurriculum-171021103104 - Copy.pptx
HeneszaAvenido1
 
PPTX
Reading as a good Form of Recreation
Raj Kumble
 
PPTX
Introduction to networking local area networking
sagar490070
 
PDF
Public for study about wiring to confirm.
wongsa2524
 
PPTX
在线订购名古屋艺术大学毕业证, buy NUA diploma学历认证失败怎么办
学历认证定制霍尔姆斯学院毕业证学位证书编号怎么查【Q微:1954292140】
 
PPTX
COPD_Management_Exacerbation_Detailed_Placeholders.pptx
4mmkp9d8xv
 
PPTX
Basic_of_Computer_System.pptx class-8 com
skaur23305
 
PPTX
Introduction: Living in the IT ERA.pptx
joycecueva07
 
DOCX
Memecoinist Update: Best Meme Coins 2025, Trump Meme Coin Predictions, and th...
memecoinist83
 
PDF
Containerization lab dddddddddddddddmanual.pdf
muler161921
 
PPTX
Basic understanding of cloud computing one need
subhosvims
 
PPTX
Edit gdasgdkhagfhgfgfasdghhdgfhdgfj.pptx
HuyNguynm
 
PPTX
Viva Digitally Software-Defined Wide Area Network.pptx
HubraSEO
 
Top Website Bugs That Hurt User Experience – And How Expert Web Design Fixes
e-Definers Technology
 
Networking2-LECTURE2 this is our lessons
MarkAngeloOprido
 
Concepts of Object Oriented Programming.
educationonlyukiyo
 
module 1-Part 1.pptxdddddddddddddddddddddddddddddddddddd
KevinSeelu
 
Powerful Ways AIRCONNECT INFOSYSTEMS Pvt Ltd Enhances IT Infrastructure in In...
Airconnect pvtltd
 
Buy Cash App Verified Accounts Instantly – Secure Crypto Deal.pdf
pvaonit
 
Artificial_Intelligence_Basics use in our daily life
ANUBHABPANIGRAHI3
 
curriculumandpedagogyinearlychildhoodcurriculum-171021103104 - Copy.pptx
HeneszaAvenido1
 
Reading as a good Form of Recreation
Raj Kumble
 
Introduction to networking local area networking
sagar490070
 
Public for study about wiring to confirm.
wongsa2524
 
在线订购名古屋艺术大学毕业证, buy NUA diploma学历认证失败怎么办
学历认证定制霍尔姆斯学院毕业证学位证书编号怎么查【Q微:1954292140】
 
COPD_Management_Exacerbation_Detailed_Placeholders.pptx
4mmkp9d8xv
 
Basic_of_Computer_System.pptx class-8 com
skaur23305
 
Introduction: Living in the IT ERA.pptx
joycecueva07
 
Memecoinist Update: Best Meme Coins 2025, Trump Meme Coin Predictions, and th...
memecoinist83
 
Containerization lab dddddddddddddddmanual.pdf
muler161921
 
Basic understanding of cloud computing one need
subhosvims
 
Edit gdasgdkhagfhgfgfasdghhdgfhdgfj.pptx
HuyNguynm
 
Viva Digitally Software-Defined Wide Area Network.pptx
HubraSEO
 

A Smarter, More Secure Internet of Things

  • 1. A smarter, more secure Internet of Things Travis Greene Identity Solutions Strategist, NetIQ
  • 2. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.2 Internet of Things
  • 3. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.3 Internet of Things What “things” and how did we get there? Goldman Sachs, What is the Internet of Things?, September 2014
  • 4. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.4 Two Critical Components Things People behind the “Things”
  • 5. The Internet of Things - A Few Examples
  • 6. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.6
  • 7. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.7
  • 8. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.8
  • 9. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.9
  • 10. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.10
  • 11. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.11
  • 12. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.12
  • 13. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.13
  • 14. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.14
  • 15. The Risk Presented by the Internet of Things
  • 16. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.16
  • 17. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.17
  • 18. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.18 • The Internet of Things will change the way we use and interact with technology. • Devices will constantly monitor and respond both to us and to each other. • We must learn to manage this interaction.
  • 19. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.19
  • 20. “Another evolving area of risk lies in physical objects—industrial components, automobiles, home automation products, and consumer devices, to name a few—that are being integrated into the information network, a trend typically referred to as the ‘Internet of Things.’ The interconnection of billions of devices with IT and operational systems will introduce a new world of security risks for businesses, consumers, and governments.” 2014 PwC State of Cybercrime Survey
  • 21. “The development towards an IoT is likely to give rise to a number of ethical issues and debates in society, many of which have already surfaced in connection with the current Internet and ICT in general, such as loss of trust, violations of privacy, misuse of data, ambiguity of copyright, digital divide, identity theft, problems of control and of access to information and freedom of speech and expression. However, in IoT, many of these problems gain a new dimension in light of the increased complexity.” 2013 European Commission Report on the IoT
  • 22. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.22 Gartner Hype Cycle
  • 23. So, how do we do that?
  • 24. Focus on the identities
  • 25. Too many users with too much access
  • 26. Too many users with too much access devices
  • 27. We can’t leave it to the manufacturers’ plan
  • 28. We can’t stop attacks, but we can mitigate the damage
  • 29. Focus on the basics Enforce access controls Monitor user activity Minimize rights
  • 30. But how do we understand if the activity is appropriate?
  • 31. 31 The answer is NOT more data • Security teams already have too much data to deal with • New tools and new infrastructures compound the problem
  • 32. Simply put… There’s too much noise and not enough insight
  • 34. 35 What is the key? Identity
  • 35. We must adopt identity-centric thinking if we want to have any chance of maintaining control over the world we are building
  • 37. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.38 The Identity of Everything allows the creation of a unique set of attributes • Who or what every connected item or person is • What permissions those objects and people have • What they do with those entitlements • Who granted the permissions • How other people and devices may interact
  • 38. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.39 • Google Nest, a home automation hub • Collects data from other appliances & sensors • But there is a homeowner identity behind it that Google wants to market to • And that owner will have relationships to many other things The Identity of Everything will be both Hierarchical and Matrixed
  • 39. © 2014 NetIQ Corporation. All rights reserved.40 NetIQ provides a unique combination of Identity, Access and Security solutions that will scale to address the future demands on identity
  • 40. © 2015 NetIQ Corporation and its affiliates. All Rights Reserved.41 Actions for Today, Tomorrow, Next Year • Understand the identity stores you already have • Examine how identity information is used in your organization • Look for ways to integrate identity context into your product design to protect data collected by IoT sensors • Start to build a framework to handle more sophisticated, aggregate identity, that can scale • Work towards an extensible identity framework that will encompass people, products, devices and services
  • 41. +1 713.548.1700 (Worldwide) 888.323.6768 (Toll-free) [email protected] NetIQ.com Worldwide Headquarters 515 Post Oak Blvd., Suite 1200 Houston, TX 77027 USA www.netiq.com/communities
  • 42. This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. Copyright © 2015 NetIQ Corporation. All rights reserved. ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States and other countries.