Industry 4.0: Protecting endpoints effectively with Customer Identity and Access Management

22.08.18 | Author / Editor: Yael Widmann / Melanie Krauss
Published in MM Maschinenmarkt

Each interface adds new risks to a network. However, one way to securely take advantage of the benefits of Industry 4.0, is through customer identity and access management systems that guarantee a clear authentication and authorization.

The fourth industrial revolution, Industry 4.0, includes both self-regulating systems, communicating machines and the automation of production, as well as the digitalization of customer contacts and services. In all areas, whether man to machine or machine to machine, data is increasingly being exchanged automatically. This intelligent networking of product development, production, logistics and customers offers companies – also in the SME sector – the chance of higher productivity.

At the same time, the multitude of emerging endpoints creates new risks that companies have to deal with. Each endpoint gives rise to new vulnerabilities. Last but not least, it is these risks that make many medium-sized companies cautious about Industry 4.0, especially in Germany. In order to benefit from the advantages of Industry 4.0, new control mechanisms and reliable protection of accesses are needed. Professional user management integrated in the processes is extremely important for data security, as well as for process automation and user-friendly administration.

“Everything is an API” in a networked world. Because as how networking puts it, machines and products send and receive data to communicate with each other. Via interfaces, also API, connections to other systems is established. Each interface represents a potential security risk – and hence more important is to secure the interfaces.

Customer Identity and Access Management (CIAM) software therefore manages, protects and monitors portals and Web APIs through security standards such as OAuth2 or OpenID Connect. In the process, defined authentication flows are implemented. In order to be able to authenticate devices, they must be known to each other because devices must be trustworthy, before and while they interact with each other. In a clever device management system, all machines can be centrally registered, and their permissions could be managed.

Authentication and authorization


In addition to the devices, people who operate, maintain and sort out the machines play an important role, as do the decision-makers who determine the further course of production. Their unique identification and authorization is therefore a critical protective shield. Biometric authentication over face or voice is modern and efficient. In combination with intelligent fraud and anomaly detection, the opportunities of the networked system can be used without second thoughts.

The detection is based on various information available, such as access histories, logon attempts, or device information. Once a suspicious activity is detected, the fraudster can be recognized by an additional factor of authentication and, any further fraudulent transaction could be averted. Each channel is already largely secured – through strong authentication.

The second side of the coin represents the authorization. Channels and their resources require individual protection. This will require dedicated permission management of each channel, as well as an individualized authorization profile. Hence the keyword is: A defined and automated role and group management. By means of efficient allocation and control over roles and permissions, companies can, for example, have different groups of people – including customers or suppliers access their system, because in a (partially) automated and self-controlling value-added chain, a successful supply chain management and a smoothly functioning collaboration are very important.

Digitalisation focuses on the identity of the persons involved. Computers, wearables or machines provide the content context-specific to the person using the device or standing in front of it.

A customer identity and access management system enables companies to take advantage of the multiple opportunities offered by digitization, streamline processes and drive innovation in a secure and reliable ecosystem. Cloud-based, scalable software that is hosted in Germany can also be used to introduce appropriate software step by step and at a manageable cost.

* Yael Widmann is responsible for the business development of Cidaas at Widasconcepts in 71299 Wimsheim.

Leave a Comment

Your email address will not be published. Required fields are marked *