Get Cloud Ready!

Janakiram MSV

Subscribe to Janakiram MSV: eMailAlertsEmail Alerts
Get Janakiram MSV: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Blog Feed Post

How This Security Startup Is Plugging A Critical Gap In Enterprise IoT Platforms

Over the last two decades enterprise IT has matured to handle identity, authentication and authorization of endpoints and users. Today it is common to find technologies such as SAML and OAuth that provide single sign on (SSO) capabilities to both internal and external users. Various techniques including antivirus and antimalware combined with proven endpoint management tools are used to protect desktops, laptops, networking devices, servers and other IT assets. Identity and Access Management (IAM) frameworks not only connect users with the IT assets securely but also provide centralized visibility and control to enterprise IT teams.

Enter IoT, and the world looks very different. Unfortunately, none of the existing security mechanisms work in the environment that is a mix of IT and IoT assets. That’s because the security frameworks are designed to deal with IT devices like laptops and servers with sufficient computing power, memory and storage. Also, these frameworks are designed with interactive users in mind. When an employee accesses a printer connected to the corporate network, he is challenged to prove his identity, which is mapped to an access control system that decides an action. While the current IAM systems work very well with users and IT assets, they fall short to deal with IoT devices.

Unlike IT assets, which are typically in a few thousand within an enterprise, there may be tens of thousands of IoT devices deployed in an industrial environment. These devices are not powerful enough to run the same security tools used in traditional IT organizations. They are deployed in remote locations where maintenance and manual upgrades are expensive. Unlike users, they cannot be interactively challenged for a password or a biometric identity.

Enterprise IT teams and security professionals are under pressure to secure IoT devices. Recent attacks such as Mirai malware that targeted IP-cameras remind us the risk involved with non-secure IoT devices.

IoT platform companies such as AWS, Google, IBM, Microsoft, Oracle and PTC provide robust device management that offers scalable connectivity and M2M communication. But enterprise-grade security is not the focus of these device cloud platforms. For example, AWS IoT mandates the use of certificates in devices connected to the cloud. But it doesn’t automatically, and securely, provision these certificates at scale, and manage them for the lifetime of the devices. It is challenging to rotate these certificates deployed in remote devices.

Read the entire article at Forbes

Janakiram MSV is an analyst, advisor, and architect. Follow him on Twitter,  Facebook and LinkedIn.

Read the original blog entry...

More Stories By Janakiram MSV

Janakiram MSV heads the Cloud Infrastructure Services at Aditi Technologies. He was the founder and CTO of Get Cloud Ready Consulting, a niche Cloud Migration and Cloud Operations firm that recently got acquired by Aditi Technologies. In his current role, he leads a highly talented engineering team that focuses on migrating and managing applications deployed on Amazon Web Services and Microsoft Windows Azure Infrastructure Services.
Janakiram is an industry analyst with deep understanding of Cloud services. Through his speaking, writing and analysis, he helps businesses take advantage of the emerging technologies. He leverages his experience of engaging with the industry in developing informative and practical research, analysis and authoritative content to inform, influence and guide decision makers. He analyzes market trends, new products / features, announcements, industry happenings and the impact of executive transitions.
Janakiram is one of the first few Microsoft Certified Professionals on Windows Azure in India. Demystifying The Cloud, an eBook authored by Janakiram is downloaded more than 100,000 times within the first few months. He is the Chief Editor of a popular portal on Cloud called that covers the latest trends in Cloud Computing. Janakiram is an analyst with the GigaOM Pro analyst network where he analyzes the Cloud Services landscape. He is a guest faculty at the International Institute of Information Technology, Hyderabad (IIIT-H) where he teaches Big Data and Cloud Computing to students enrolled for the Masters course. As a passionate speaker, he has chaired the Cloud Computing track at premier events in India.
He has been the keynote speaker at many premier conferences, and his seminars are attended by thousands of architects, developers and IT professionals. His sessions are rated among the best in every conference he participates.
Janakiram has worked at the world-class product companies including Microsoft Corporation, Amazon Web Services and Alcatel-Lucent. Joining as the first employee of Amazon Web Services in India, he was the AWS Technology Evangelist. Prior to that, Janakiram spent 10 years at Microsoft Corporation where he was involved in selling, marketing and evangelizing the Microsoft Application Platform and Tools.