In our last post, we introduced the concept of the "Supply Chain of Information". We use this term in reference to any supply chain, as the trust in the supply chain is based upon the information derived from the supply chain indicating how trusted it is. After all, visibility into your supply chain for any managerial purpose is actually gathering information, at varying levels of reliability, to inform business decisions - inventory management, job sequencing, production shortfalls, supplier diversity requirements,...all things the traditional supply chain expert needs to support the business. Now, transform the supply chain context to cyber-security. Supply chain becomes critical to the cornerstones of cybersecurity: confidentiality, integrity, and availability. The supply chain of information is fundamental to measuring the trust in your supply chain.
IoT is H-O-T! But, it is still at its nascency. The "things" in IoT vary based upon domain, environment, and context, and we are only in our earliest days understanding where they can be applied to reducing risk in identity management. This blog will pull together the elements needed for industry to be able to use IoT across channels and domains. You will see the greatest challenges in provisioning devices to individuals. Next, you will get to see my simplified view of the lifecycle of IoT devices and how it impacts provisioning. Finally, it will describe the art of disambiguation, without giving away too many secrets, as the crux of using IoT in the world of identity management. Bottom line, we have an opportunity to look at IoT as not a confusing array of gadgets, but a better model to serve our users, while also increasing the integrity of the transaction without as much customer friction.