Getty Images/iStockphoto
4 steps IT can take to manage the IoT device explosion
IT and security teams must take steps to keep up with their IoT deployment, including investing in the right tools and creating an IoT operations budget.
IoT devices are critical to a wide range of use cases in the enterprise, but these endpoints can be difficult to update, manage and secure without the right approach and set of tools.
Many organizations already deploy thousands -- sometimes hundreds of thousands -- of sensors, surveillance cameras, access control systems or energy and infrastructure systems. Responsibility for these devices is costly and presents an overwhelming management and security challenge for IT and physical security teams.
The first major hurdle IT teams face when managing and securing IoT devices is that they must manually complete device maintenance, monitoring and security compliance; in the long term, this proves to be costly and inefficient. Often enterprises have multiple fleets of disparate IoT devices from different vendors, making them challenging to manage. Many of the devices are physically remote or difficult to access. Their operating commands and maintenance schedules vary. At a large scale, organizations struggle to monitor and control even basics such as firmware updates and password rotations.
Enterprises also lack visibility into their device ecosystems, and their overall IT environment inevitably becomes harder to manage. Many companies are unaware of every device connected to their networks: One survey from analyst firm Quocirca concluded that nearly two-thirds of organizations lack insight into their IoT environment. Without complete visibility, IT teams cannot efficiently maintain, update and secure devices.
These are tasks that start when a device arrives for deployment and continue until the day that device is decommissioned. How should IT and physical security groups work together to keep up with their IoT devices and take control of management issues?
Luckily for IT departments, a new practice called IoT operations, also known as IoTOps, has emerged in the enterprise. An IoTOps team specializes in the overall management of IoT devices, including cybersecurity, maintenance and extracting the insights they need to proactively keep devices operational. But there's more than meets the eye.
Here is an approach to empower IT to manage an IoT ecosystem efficiently, however diverse and large it may be.
1. Invest in the right tools for your IoTOps teams
First, take inventory to see the state of the ecosystem you're working with. Authenticate every connected device. Identify security and maintenance deficiencies. Then set immediate action priorities.
Tools are critical to the success of any enterprise IoT team. Spare yourself the problems of integration and the fragmented visibility of acquiring several narrow-purpose tools. Instead, find solutions that take a more holistic approach and extend across your current and future needs. A single unified view and point of control are essential. Other key features to look for are the ability to recognize and interact correctly with a wide range of devices, automation, risk detection and predictive maintenance.
As we advance, automation and unified visibility and control are tools to handle the growth of IoT assets. It's safe to say that nobody's IoT deployment will shrink over the next decade. Once you replace the manual aspects of managing IoT devices, you can easily scale up their usage. Your IoTOps team will have a much greater ability to manage ongoing IoT maintenance tasks, such as firmware upgrades, password rotations and certificate management, as well as overall security and visibility.
2. Strengthen your partner ecosystem
Technology partners -- such as systems integrators, consultants and value-added resellers -- are vital extensions of any IoTOps team. They usually have specific expertise in IoT security issues and the practices, solutions and policies to address them. They can play a key role in evaluating technology solutions as well.
3. Set goals and objectives
This step will likely overlap and be almost synchronous with defining the team. Set baseline goals for the project in device visibility, security and maintenance. Focus on the essentials. For visibility and security, identify every device that connects to the network; for maintenance, identify each device's firmware version and have a secure way to update firmware or software apps. Additional high ROI goals could include risk detection and predictive physical maintenance.
Also, incorporate and implement policies. IT and physical security teams use policies to measure whether a device is compliant. For example, a policy may include ensuring passwords and certificates are rotated periodically, or upgrading device firmware when needed. If a device doesn't meet policy, the device is not compliant.
Automation of operations is integral to all these functions -- and so is a single unified view of all managed IoT devices and a consistent GUI to interact with them.
4. Create an IoT operations budget
With IoTOps goals defined, size up the resources and solutions you will need to achieve them. Start estimating costs and build your optimal budget. Putting a dollar value on access to real-time, trusted data from thousands of devices can be elusive. Over time, data collected from device fleets will lead to insights for operations and help with future planning.
From chaos to control
These steps will position IT and physical security to keep pace with the growth of IoT device fleets and the evolution in use cases, device capabilities and security challenges. Embracing an IoT operations approach with the help of capable technology partners sets a solid foundation. With centralized visibility of your IoT and automation of operational maintenance and security tasks, your well-managed IoT will give your business the opportunity to test innovative business models.
About the author
Roy Dagan is CEO and co-founder of SecuriThings Inc. He started the company after many years of building cybersecurity, risk management and intelligence systems. Prior to SecuriThings, Dagan held multiple roles leading product management teams in various companies, including RSA, the security division of EMC, and Neptune Intelligence Computer Engineering Systems.
