Cloud Security Alliance releases new guidance for ‘Identity and Access Management for IoT’

Cloud Security Alliance GRC IAM Identity and access management IoT

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, announced that its Internet of Things (IoT) Working Group (WG) has released a new summary guidance report titled ‘Identity and Access Management for the Internet of Things’.

The Internet of Things (IoT) has been experiencing massive growth in both consumer and business environments. In response to this emerging market and the particular security requirements of these connected devices, The CSA established the IoT Working Group (WG) to focus on providing relevant guidance to its stakeholders who are implementing IoT solutions.

The IoT introduces the need to manage exponentially more identities than existing IAM systems are required to support. The security industry is seeing a paradigm shift whereby IAM is no longer solely concerned with managing people but also managing the hundreds of thousands of “things” that may be connected to a network.

In many instances, these things are connected intermittently and may be required to communicate with other things, mobile devices and the backend infrastructure.

“This document is the first in a series of summary guidance aimed at providing easily understandable recommendations to information technology staff charged with securely implementing and deploying IoT solutions,” said Brian Russell, co-chair of the Internet of Things Working Group for the Cloud Security Alliance.

“With this guidance, the CSA’s IoT Working Group is seeking to provide prescriptive guidance to stakeholders detailing an easy-to-follow set of recommendations for establishing an IAM for IoT program within their organization.”