Sydney, Australia – 7 October, 2015 – LogMeIn, Inc. (NASDAQ: LOGM) has unveiled Xively Identity Manager a new approach to tackling the unique and complex challenges of identity and access management (IAM) of Internet of Things (IoT) users and products. Xively Identity Manager has been designed to provide a turn-key, white-label option for onboarding and managing new end users of IoT devices, one that can easily be applied to web and mobile applications – the most common means of people creating accounts for their new connected products – through a simple API. Part of the Xively IoT platform, it also integrates with Xively’s ‘Blueprint’ capability, providing companies a seamless means of managing identities and access for employees, customers, apps, connected products, and connected product data. The Xively Identity Manager was debuted at LogMeIn’s inaugural IoT event, Xperience 2015.
The need for managing identities and access in the IoT – and the critical role identity management plays in device, data and user security – has become a hot topic in 2015. In a February 2015 Gartner report, entitled “The Identity of Things for the Internet of Things,” the analyst firm stated that “by year-end 2017, the Internet of Things will drive device and user relationship requirements in 50% of new identity and access management implementations.” The same report went on to state, “managing identities and access is critical to the success of the IoT, but in its current form IAM cannot provide the scale or manage the complexity that the IoT brings to the enterprise.”
In the IoT, identity management can become further complicated when you factor in the need for – and authentication needs around – secondary users and other third parties which may need access to a connected product, beyond its primary user or owner. For example, homeowners may buy an Internet connected product (thermostat, smoke alarm, garage door opener, lighting system, etc.), but other people living in that home may also want access to at least some functions of said connected device. Manufacturers and third parties (e.g. service technicians) may also need regular or one-time exception-type access for remote management or customer service. New identities may need to be created or transferred to new owners of the same home.
Forrester Research conducted a study on behalf of LogMeIn, which found that “67% of discrete manufacturers surveyed were concerned or extremely concerned about identity and access management for connected devices, reflecting the importance of IAM for today’s IoT devices.” The study also found that “currently, an average of four different constituencies (e.g., IT, operations, sales, field service, and customers) require access to connected device data,” positing that “the number of third parties requiring access to connected device data is expected to increase in the future as manufacturers provide connected product data and insight to vendors, distributors, and suppliers.”
“To date, most companies building connected products have been stuck between retrofitting enterprise IAM, which is inherently inward facing, using consumer web options, which means sacrificing control to third parties, or taking a do-it-yourself approach,” said Paddy Srinivasan, VP of products for Xively by LogMeIn. “Xively Identity Manager has been designed specifically for IoT use cases, giving our customers a turn-key option for reducing risk, bolstering security, and accelerating time to market.”
Xively Identity Manager provides businesses with the tools needed to:
 The Identity of Things for the Internet of Things, Gartner, February 2015
 Connect and Protect: The Importance of Security and Identity and Access Management For Connected Devices, Forrester Research, August 2015
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem
With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.
An interview with CSO's David Braue and Ian Yip, Chief Technology Officer, McAffee.