Tag: identity

Posted on

The Digital Twin Instance

Twin Buildings

It’s time to create a #DigitalTwin Instance of a physical entity that is derived from a Digital Twin Model. #IoT #IIoT

If you’ve worked with any of the Internet of Things platforms, you probably registered an IoT endpoint or device to make its identity known to the system. In the smallest way possible, this is what it means to create an instance of your digital twin that is entangled with a physical entity.

Like most things in the digital world, you start with Identity. You give your digital twin a name & perhaps a brief description. The IoT platform you’re working with will assign a unique identifier used to access & identify the digital twin and its physical counterpart throughout its life cycle. Next, some type of security token or X.509 certificate will be bound to the unique identifier of the digital twin in order to facilitate authentication & authorization. It’s possible that you might assign a date in the future when the security token or certificate is no longer valid. You should also have the option to enable or disable the twin if you need to blacklist incoming data from a compromised physical entity. Lastly, you bind it to the digital twin model that it’s derived from.

Posted on

Improve Employee Productivity at your Company by Implementing a Hybrid Identity Strategy

Book Cover

#Identity and Access Management is key to facilitating employee access to corporate and 3rd party resources from any #mobile device on any #network.

Most of you are well-versed at entering user names and passwords to access social media and banking sites from your desktop browser. Based on the identity you provide; you’re given access to those sites. Some of you in the corporate world might know what it means to join your computer to a Domain. Your company has you do this so you only have to enter your credentials once, while getting access to multiple servers. This is called single sign-on (SSO) and it uses a directory service.

With people moving to myriad mobile devices and enterprise workloads moving to the cloud, the SSO technologies of the past require retooling. To make this work in a heterogeneous world, security tokens using Security Assertion Markup Language (SAML) that work with any operating system are needed. A Secure Token Service (STS) is employed to issue tokens to clients on behalf of a secure software service.

Today, you need a cloud-based directory service to manage users, groups and roles. It must provide hybrid identity by synchronizing with on-premises directories so users can seamlessly authenticate whether they’re inside the corporate WLAN or roaming on mobile data networks. Additionally, it must provide users with SSO to apps and services residing in other clouds. Finally, this service must support multi-factor authentication (MFA) which requires something a user has (a phone), something they know (a PIN) or something they are (biometrics) to secure corporate resources.

Reduce risk and improve user productivity by restricting corporate access to those employees with credentials found in cloud and on-premises directories. What is your company doing to provide secure access to its business systems from any device?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click here to purchase a copy of my book today and start transforming your business!

Posted on

Reduce Business Risk by Using Employee Smartphones and Multi-factor Authentication to Secure Corporate Resources

Book Cover

The perception that employee #smartphones are a #security liability is misplaced. They’re a  #mobile, multi-factor authentication security asset.

It’s clear the things we’ve done in the past to stay secure are no longer sufficient. The pervasive use of usernames and passwords to authenticate with every kind of system on the planet is breaking down. Passwords aren’t strong enough and no one can remember them all. Some companies require something called two factor authentication in order to access their computer systems. This dramatically increases security because you’re required to have something like a smartcard and know something like a PIN in order to gain access. The downside is that everyone has to have a smartcard with cryptographic information on an embedded chip as well as a smartcard reader plugged into a PC to make this work. How likely is it that everyone on a global scale has this kind of gear? Not very.

It makes you wonder if there’s some kind of device carried by almost every human on the planet that could substitute for a smartcard? Seek out cloud and on-premises systems that work with devices to implement modern security features like multifactor authentication. Now when an employee enters their corporate credentials, the system will call their phone and require them to dial in an additional PIN to prove it’s actually them who’s trying to access corporate resources. A bad actor who may have stolen your credentials won’t have your phone to answer the call or know your PIN. It’s also unlikely they’ll have your face or fingerprint if you’ve enabled biometric security.

Reduce risk to your business by having employees use their smartphones to prove their identity when attempting access to corporate resources. What is your company doing to secure its business-critical resources?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click here to purchase a copy of my book today and start transforming your business!