The IoT (Internet of Things) is made up of three elements:
- Things that are embedded with sensors
- The networks that connect them
- The systems that process data to or from the things
Today’s IoT verticals include: healthcare, life sciences, smart home, consumer, infrastructure, transport, urban mobility, and industrial systems. Clearly, IoT initiatives are becoming widespread. In a survey of business leaders conducted in 2017, 73% either had an IoT initiative in the works or were actively planning one.
According to Gartner, identity and access management will increasingly incorporate the identity of things (IDoT), human-to-device, device-to-device, and/or device-to-service/system. Gartner reports that 85% of businesses have an IAM initiative that already does or will need to support the IDoT.
In this blog we’ll discuss use cases from three interesting IoT trends: device monitoring, consumption tracking, and bio tracking, and call attention to the identity challenges these usages present.
Connected things, monitored remotely over the internet, provide new data insights into the performance of that object in the field. The data can also be used to automate previously manual tasks, such as maintenance. Instead of having to bring the device to a technician (or vice versa), connected things can diagnose themselves.
The data can be stored centrally in the cloud, democratizing access for all relevant parties (such as product owners, manufacturers, maintenance technicians, and support staff).
One example of this connectivity can be seen in the power tools industry, where premium brands are trying to compete against low cost alternatives from online marketplaces. They are upgrading to provide tools such as connected drills that alert the owner when a key component is breaking down, then recommend a fix. These drills can even queue up orders for replacement parts!
For businesses that buy power drills in bulk (such as construction sites) connected drills can save them hours of logistics by allowing the ordering of broken parts on demand, and an increase in productivity through better performing drills. Lost drills can be recovered using GPS.
The company can even measure the usage of their drills. For example, a foreman can track the productivity of each worker in terms of drill usage. Or the foreman herself could even be measured by the productivity rate of her team.
Tracking the consumption of a connected device can be used for billing. Rather than purchasing the device outright or leasing it on a flat-rate charge, it can be charged based on usage metrics. As a result, customer satisfaction improves as the thing is used more efficiently. This can serve to open up new markets where price points were previously too high.
As an example use case, two or more medical practices may share a device such as an MRI machine. Each practice may use the machine differently, with more or less frequency. For them, an appealing payment option might be to pay per use. IoT enables such a billing model.
Another billing model might be that whenever a patient needs a scan using the MRI machine, they are authenticated to a centralized tracking system that verifies the patient ID as billable by the practice. This is in lieu of renting or purchasing the machine and splitting the cost between the participating practices. The process is frictionless for the patient, and saves on cost for each of the medical practices.
Connected wearables can deliver all new forms of digital experiences for end users. In particular, this technology is changing personal health and fitness. Medical devices can remotely monitor body parts and be set with prescribed usage limits, managed remotely. Doctors can track how their patients are using these prescribed devices.
Connected wearables that track exercise have opened up a new way for people to digitally engage with their own fitness. People can compete in fitness challenges in large groups, at different times of day, in divergent geographic locations.
Modern Identity and IoT with Okta
Okta is the leader in identity and access management, and as a cloud service we are relied upon as an IoT enabler. As such, we are able to solve identity and access management on multiple levels, helping organizations support their unique IoT use cases. At its core, IoT devices have users that must be authenticated into apps, and API services that must be protected.
One example is TrueTear (an Allergan product), a handheld medical device that is paired with a mobile app experience. Allergan uses Okta to ensure customers can authenticate to their mobile app. TrueTear is supported by a microservices architecture, which is protected by Okta API Access Management.
TrueTear Account Creation Flow Diagram
Okta’s authentication product enables brands to build customizable account creation and login experiences consistent with their organization’s brand, security policies, and overall architecture, using common patterns.
Okta also provides authorization services, which secure API access with fine-grained, standards-based authorization policies using OAuth 2.0 and role-based access.
We enable user management of all users, groups, and policies to be controlled in one place, accessible everywhere, via the cloud. Adding, deleting, or updating users and groups can be done via programmatic control or a user-friendly admin console.