A Smarter, More Secure Internet of Things
Transcript of A Smarter, More Secure Internet of Things
![Page 1: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/1.jpg)
A smarter, more secure Internet of Things
Travis GreeneIdentity Solutions Strategist, NetIQ
![Page 2: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/2.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.2
Internet of Things
![Page 3: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/3.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.3
Internet of Things What “things” and how did we get there?
Goldman Sachs, What is the Internet of Things?, September 2014
![Page 4: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/4.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.4
Two Critical Components
Things People behindthe “Things”
![Page 5: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/5.jpg)
The Internet of Things
- A Few Examples
![Page 6: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/6.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.6
![Page 7: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/7.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.7
![Page 8: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/8.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.8
![Page 9: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/9.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.9
![Page 10: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/10.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.10
![Page 11: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/11.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.11
![Page 12: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/12.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.12
![Page 13: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/13.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.13
![Page 14: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/14.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.14
![Page 15: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/15.jpg)
The Risk Presented by
the Internet of Things
![Page 16: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/16.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.16
![Page 17: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/17.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.17
![Page 18: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/18.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.18
• The Internet of Things
will change the way we
use and interact with
technology.
• Devices will constantly
monitor and respond
both to us and to
each other.
• We must learn to
manage this interaction.
![Page 19: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/19.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.19
![Page 20: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/20.jpg)
“Another evolving area of risk lies in
physical objects—industrial components,
automobiles, home automation products,
and consumer devices, to name a few—that
are being integrated into the information
network, a trend typically referred to as the
‘Internet of Things.’
The interconnection of billions of devices
with IT and operational systems will
introduce a new world of security risks for
businesses, consumers, and governments.”2014 PwC State of Cybercrime Survey
![Page 21: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/21.jpg)
“The development towards an IoT is likely to
give rise to a number of ethical issues and
debates in society, many of which have
already surfaced in connection with the
current Internet and ICT in general, such as
loss of trust, violations of privacy, misuse of
data, ambiguity of copyright, digital divide,
identity theft, problems of control and of
access to information and freedom of
speech and expression. However, in IoT,
many of these problems gain a new
dimension in light of the increased
complexity.”2013 European Commission Report on the IoT
![Page 22: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/22.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.22
Gartner Hype Cycle
![Page 23: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/23.jpg)
So, how do we do that?
![Page 24: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/24.jpg)
Focus on the identities
![Page 25: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/25.jpg)
Too many users with
too much access
![Page 26: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/26.jpg)
Too many users with
too much access
devices
![Page 27: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/27.jpg)
We can’t leave it to the
manufacturers’ plan
![Page 28: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/28.jpg)
We can’t stop attacks,
but we can mitigate the
damage
![Page 29: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/29.jpg)
Focus on the basics
Enforce access controls
Monitor user
activity
Minimizerights
![Page 30: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/30.jpg)
But how do we understand if
the activity is appropriate?
![Page 31: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/31.jpg)
31
The answer is
NOT more data
• Security teams already have too
much data to deal with
• New tools and new
infrastructures compound the
problem
![Page 32: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/32.jpg)
Simply put…
There’s too much noise and not enough insight
![Page 33: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/33.jpg)
Security needs context…
What access?
Access okay?
Normal?
Where?
Who?
Identity?
![Page 34: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/34.jpg)
35
What is the key?
Identity
![Page 35: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/35.jpg)
We must adopt identity-centric
thinking if we want to have any
chance of maintaining control
over the world we are building
![Page 36: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/36.jpg)
Identity of Everything
![Page 37: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/37.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.38
The Identity of Everything allows the creation of a unique set of attributes
• Who or what every connected item or person is
• What permissions those objects and people have
• What they do with those entitlements
• Who granted the permissions
• How other people and devices may interact
![Page 38: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/38.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.39
• Google Nest, a home
automation hub
• Collects data from other
appliances & sensors
• But there is a homeowner
identity behind it that Google
wants to market to
• And that owner will have
relationships to many other
things
The Identity of Everything will be both Hierarchical and Matrixed
![Page 39: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/39.jpg)
© 2014 NetIQ Corporation. All rights reserved.40
NetIQ provides a unique combination of
Identity, Access and Security solutions
that will scale to address the future
demands on identity
![Page 40: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/40.jpg)
© 2015 NetIQ Corporation and its affiliates. All Rights Reserved.41
Actions for Today, Tomorrow, Next Year
• Understand the identity stores you already have
• Examine how identity information is used in your
organization
• Look for ways to integrate identity context into your
product design to protect data collected by IoT sensors
• Start to build a framework to handle more
sophisticated, aggregate identity, that can scale
• Work towards an extensible identity framework that
will encompass people, products, devices and services
![Page 41: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/41.jpg)
+1 713.548.1700 (Worldwide)888.323.6768 (Toll-free)[email protected]
Worldwide Headquarters515 Post Oak Blvd., Suite 1200Houston, TX 77027 USA
www.netiq.com/communities
![Page 42: A Smarter, More Secure Internet of Things](https://reader033.fdocuments.us/reader033/viewer/2022042716/55a6f9ee1a28abef0d8b45a1/html5/thumbnails/42.jpg)
This document could include technical inaccuracies or typographical errors. Changes are
periodically made to the information herein. These changes may be incorporated in new
editions of this document. NetIQ Corporation may make improvements in or changes to the
software described in this document at any time.
Copyright © 2015 NetIQ Corporation. All rights reserved.
ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the
cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration
Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy
Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit,
PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite,
Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ
Corporation or its subsidiaries in the United States and other countries.