Challenges in Incorporating the Role of Identity Management in IoT

Apac CIOOutlook | Wednesday, May 19, 2021

One of the most serious issues with IAM and IoT devices is that all of them ship with default passwords. Despite the fact that users are told to alter it later, not everybody behaves responsibly.

FREMONT, CA: In recent years, the tech industry has been introducing the next big thing: the Internet of Things (IoT). IoT, as a term, allows devices to wirelessly link to a network and transmit data without requiring human-to-human or human-to-computer interaction. Consumers are increasingly interested in the ability to monitor devices remotely. IoT is also available in security systems, thermostats, automobiles, electronic appliances, speakers, and other devices.

Here are some challenges that may spring up while incorporating the role of identity management in IoT:

Credential Misuse

The intentional use of compromised credentials, such as usernames and passwords, to access sensitive data is known as credential misuse. This can happen at work when employees inadvertently share their passwords with colleagues. They can do so to assist colleagues in avoiding IT delays that may occur when renewing a forgotten password.

In most cases, credential misuse is motivated by illegal intent. In the absence of a proper IAM or CIAM solution, hackers gain unintended access to areas that they can manipulate.

Returning to IoT, not all of those interconnected devices have a password management system capable of protecting data at the corporate level. According to a report conducted by ABI Research analysts, the absence thereof provides an excellent incentive for malicious drivers.

Default Password Risks

One of the most serious issues with IAM and IoT devices is that all of them ship with default passwords. Despite the fact that users are told to alter it later, not everybody behaves responsibly.

Those who change their default passwords, however, use common, easy-to-guess username/password pairs. This is a dangerous habit.

California lawmakers passed the CCPA to resolve this growing problem (effective January 1, 2020). This act requires linked IoT devices to encrypt unique passwords if they are manufactured or sold in the state of California.

That appears to be the appropriate move in ensuring privacy. But there is a drawback. If everybody in the company knows the password, people should not have access but end up with excessive privileges.

Martin Schlatter, CIO and Regional CEO, APAC, NTT Security

Sunil Singh, Regional Chief Information Officer, Coca-Cola Beverages Vietnam

Esteban Remecz, CIO, Asia Pacific, ZF Group

Ari Bose, CIO, Brocade

Harnath Babu, CIO, KPMG India

Steve Walker, CIO, DHL Supply Chain Asia Pacific

Steven Weinreb, CIO & EVP, Technology & Operations, Asia, MetLife

Nick Eshkenazi, Chief Digital & Transformation Officer at Astellas Pharma

Challenges in Incorporating the Role of Identity Management in IoT

IoT

Security Systems

Weekly Brief

High-Performance Computing Fuels APAC’s AI Breakthroughs

Navigating the Future of Digital Transformation in APAC’s Diverse Business Landscape

Managing Internal and External API's for Business Excellence

Highly-Functional Material Week Osaka 2025 Positions Japan at the Centre of Global Innovation, To Unveil the Future of Materials

Enhancing Cyber Defense with Predictive Analytics and AI

The Upcoming Shift in Wireless Connectivity with Wi-Fi 7