Securing Trust in Mobile Communication of Smart Things
“Swiss cheese” architecture is one that is full of holes when IoT is retrofitted with mobility, and mobility is retrofitted with SaaS apps, and SaaS apps are retrofitted with on-premise apps for hybrid IT environments. While use of biometrics and authentication are being adopted widely, it is leaving gaping design holes in the implementation and securability of IoT devices. Use of smart devices is the norm today, however it’s target architecture does not follow most of the common security conventions. Major renovation is needed before innovation. Furthermore, refactoring is required for which the effort can have up to 5 variations, none of which is the same as the IoT, mobile or web security. This session presents 5 hurdles and 5 solutions to implement secure mobile communication among smart things, using case studies to reinforce the best practices.
When smart device access modernizes mobile access (and mobility modernizes web access) we encounter several serious security challenges. The challenge begins with corporations regulating smart things, embracing BYOD, plus deploying SaaS or cloud infrastructure into their IT environments. The problem amplifies in magnitude. When users request access to the infrastructure via their smart device(s), they encounter a roadblock or compromise.
The session covers 5 ways to connect IoT mobile apps to SSO infrastructure – app to VPN; app via webview to IDaaS; app to SDK to IDaaS; browser-based app with OAuth and OIDC; containerized apps to M2M gateways. Each element will be discussed in detail in form of case studies so that the audience understands what works and what does not work for building safe and reliable security software and solutions.
In this session, attendees will learn:
1. How to deploy IoT securely to access resources on the network.
2. What design techniques can be used for creating a security blueprint.
3. What are the best practices for securing Trust in mobile communication of IoT.
Factors that makes it an effective presentation for IoT Slam are as follows:
1. The objective for using smart devices securely is on every CIO’s agenda.
2. Defending smart things has not matured anywhere near the maturity of conventional security. Add to it mobility, it begs for security breach waiting to happen.
3. Security remains the #1 impediment to adopting IoT at scale.
Senior Vice President & General Manager, Cybersecurity at CA Technologies
Dipto Chakravarty is the author of three best-selling books on computer architecture and security from McGraw-Hill and Wiley that have been translated in five languages. He has 10 patents to his credit in security, cloud and SaaS, holds a B.S and M.S in CS and EE from U. of Maryland, GMP from Harvard Business School and EMBA from Wharton School, U. Penn.
Currently, he is SVP and general manager of Core Security at CA Technologies. In this role, Dipto leads the product strategy, product mgmt and product development, and is focused on building a differentiated product portfolio to help customers solve their most difficult business problems of securing users in their hybrid IT infrastructure with mobility and IoT.
Prior to joining CA, he served as the EVP of Products at ThreatTrack, and earlier as the general manager for SaaS Cloud Security at Novell. Dipto has been an executive at four public companies (CA, IBM, NOVL, TRI) and four entrepreneurial startups to date. He led the turnaround and exit for e-Security, a SIEM company with its Series C for 7x LTM. Prior to it, he founded Artesia (sold to OpenText) with a management buyout from the Thomson-Reuters using $25M Series A from Warburg Pincus. Earlier, he led corporate venture of starting up a software division with $10M funding building rich media software.
End-User, Government, Enterprise, Small / Medium Enterprise, OEM
IoT, mobility, container, SaaS, cloud, authentication, architecture, BYOD, IDaaS, webview, VPN, security, privacy, trust, infrastructure
CxO, VP / Director, Middle Management, Technical, Business Line Management
Expert, Advanced, Intermediate
Banking, Financial Services, Insurance, Industrials, Consumer, Government / Public Sector, Automotive
Join our IoT Community at https://www.linkedin.com/groups/4662022/profile