LogMeIn, Inc. today unveiled Xively Identity Manager a new approach to tackling the unique and complex challenges of identity and access management (IAM) of Internet of Things (IoT) users and products.
Xively Identity Manager has been designed to provide a turn-key, white-label option for onboarding and managing new end users of IoT devices, one that can easily be applied to web and mobile applications
– the most common means of people creating accounts for their new connected products – through a simple API. Part of the Xively IoT platform, it also integrates with Xively’s ‘Blueprint’ capability, providing companies a seamless means of managing identities and access for employees, customers, apps, connected products, and connected product data. The Xively Identity Manager was debuted at LogMeIn’s inaugural IoT event, Xperience 2015 taking place now in Boston.
The need for managing identities and access in the IoT – and the critical role identity management plays in device, data and user security – has become a hot topic in 2015. In a February 2015 Gartner report, entitled “The Identity of Things for the Internet of Things1,” the analyst firm stated that “by year-end 2017, the Internet of Things will drive device and user relationship requirements in 50% of new identity and access management implementations.” The same report went on to state, “managing identities and access is critical to the success of the IoT, but in its current form IAM cannot provide the scale or manage the complexity that the IoT brings to the enterprise.”
In the IoT, identity management can become further complicated when you factor in the need for – and authentication needs around – secondary users and other third parties which may need access to a connected product, beyond its primary user or owner. For example, homeowners may buy an Internet connected product (thermostat, smoke alarm, garage door opener, lighting system, etc.), but other people living in that home may also want access to at least some functions of said connected device. Manufacturers and third parties (e.g. service technicians) may also need regular or one-time exception-type access for remote management or customer service. New identities may need to be created or transferred to new owners of the same home.
Forrester Research 2conducted a study on behalf of LogMeIn, which found that “67% of discrete manufacturers surveyed were concerned or extremely concerned about identity and access management for connected devices, reflecting the importance of IAM for today’s IoT devices.” The study also found that “currently, an average of four different constituencies (e.g., IT, operations, sales, field service, and
customers) require access to connected device data,” positing that “the number of third parties requiring access to connected device data is expected to increase in the future as manufacturers provide connected product data and insight to vendors, distributors, and suppliers.”
“To date, most companies building connected products have been stuck between retrofitting enterprise IAM, which is inherently inward facing, using consumer web options, which means sacrificing control to third parties, or taking a do-it-yourself approach,” said Paddy Srinivasan, VP of products for Xively by LogMeIn. “Xively Identity Manager has been designed specifically for IoT use cases, giving our customers a turn-key option for reducing risk, bolstering security, and accelerating time to market.”
Xively Identity Manager provides businesses with the tools needed to:
- Quickly rollout an identity solution to capture information of end users of connected devices
- Create white-label identity – can be used by businesses to brand their own identity, embed identity in their own apps and web domains
- Map identities to devices for access control, working in tandem with Xively Blueprint on security and authentication
- Provide scalable access at runtime to ensure secure authentication at sub-second latency
- Manage the full lifecycle of creation, onboarding, and decommissioning for both primary and secondary users
- Build rich profile graphs of users to better map usage information and device data with specific customers and users for better service delivery and deeper customer relationships