Identity and Access Management challenges with the Internet of Things (IOT)


There will be more than 50 billion IoT (also known as "Internet of Things") connected devices by the year 2020, according to a white paper by Cisco.

The expected increase in the Internet of Things in the non-too distant future should be filling businesses with excitement. It can potentially increase efficiency, reduce costs, and it provides a hitherto unprecedented amount of audience data. So why are there so many who are doubting the Internet of Things?

Firstly, it would be sensible to firmly establish exactly what we mean by the term ‘Internet of Things’. The Internet of Things (IoT) is the connection to the Internet (and interlinking) of everyday objects, such as kettles, cameras and watches. Whilst the appeals of this to a business are massive, there are also major reservations about the IoT, particularly when it comes to Identity and Access Management.


One major concern that comes to mind when discussing the IoT is security, or lack thereof. Having every electronic device connected to the Internet and all linked together sounds, and can be, brilliant for many aspects of a business. But without stringent security in place, Identity and Access Management systems can be compromised, potentially meaning employees can gain access to programmes that they shouldn’t have access too, or, even worse, hackers.

However, security issues with IoT go beyond the obvious. Having all audience actions online means that there is a frightening and incessantly increasing amount of data online on users or employees. Not only does this raise moral questions (as discussed below), but there is a risk that a lot of personal data about users could be accessed, altered and stolen by the wrong people.

The good news is that there are ways to address this issue such as encryption, passwords, biometrics and network security.


The other concern regarding the IoT is more of a moral one. Having Access and Identity Management systems in place means that there is a large amount of data on every user that uses them. Many will understandably be rather uncomfortable with data being gathered about them against their will whilst having no idea what will happen to or who will see this data.

What the data is used for is also a big cause for concern. The idea of monitoring what users are doing to see who does what, when and where is one that does have its advantages, there is a difference between wanting to know what’s going on and spying on what everyone is doing 24/7. Only when there are guidelines put in place, either by the business or higher authorities, will people start to feel comfortable with using Access and Identity Management systems with the IoT.

Even if this was to happen (which is unlikely in the short term due to this still being in such an early developmental phase), there is still the logistics of setting up such systems, which takes us to the third problem.


In order for such a system to really benefit a business, it must be efficient and work flawlessly. Giving certain people access to certain programmes at certain times on certain devices is not an easy thing to accomplish. What if all the devices involved need to be from just one manufacturer to make it work? How will the system be maintained overtime? If a business is going to try and make use of Identity and Access Management systems, they are going to have to come up with answers to these questions.

Systems such as these are also only worth investing in if you know exactly what you are going to use them for, and exactly what you want and how you are going to go about doing this. This is because, put simply, data from such systems is very difficult to measure effectively. With more and more devices with Internet connection being used (and therefore more and more data being sent all the time) it is nigh-on impossible to know if performance can be optimised as there is, and will continue to be, so much stress on networks.


It’s not difficult to see why there are so many people have so many qualms with the IoT, even at a fairly embryonic stage of its development. Some may not even see the value of trying such systems yet. The issues mentioned above must be addressed and resolved, but it’s hard to deny that there is future for the IoT in data gathering and audience monitoring.

Talk to Sales

Sign up for our latest blog updates direct to your inbox