IoT Endpoint Management
The IoT's new paradigm of technology services and data acquisition capabilities isn’t without challenges. Take, for example, the overwhelming task of managing hundreds, if not thousands, of IoT devices scattered across multiple networks. That job is growing exponentially more complex as dissimilar devices from a variety of vendors go online almost daily.
Traditional endpoints, such as desktops, smartphones, notebook computers, and tablets, are much easier to manage than IoT devices, because they run operating systems that can support locally installed agent software that interacts with a management platform. Most IoT hardware uses proprietary firmware backed by vendor-specific software that does not lend itself well to agents. As a result, those responsible for administering IoT devices and their associated networks must often use dozens of vendor-specific management tools and proprietary solutions to provision, monitor, and manage IoT devices.
“IoT has created numerous management challenges for our clients,” says Raj Mehta, chairman and CEO of Infosys International. “As an integrator, we have taken a deep dive into solving that management conundrum by attempting to standardize on certain vendors that offer management APIs or use open standards so we can develop our own management systems.”
For some, the application programming interface path may very well solve the management conundrum. However, many of the latest IoT devices do not offer APIs, nor are they based on open source frameworks. That does not bode well for healthcare, manufacturing, and supply chain solutions that have critical cybersecurity, compliance, and network isolation requirements.
“From a management standpoint, you have to make sure that IoT remains secure, which involves a host of processes, such as device patching, vulnerability assessment, full inventory control, encryption, access management, and of course, some type of [security information and event management] capability,” Mehta says.
Achieving that without some type of unified management system can be problematic, but solutions that can help are coming on the market. Consider, for example, AirWatch from VMware, which has created a digital workspace platform under the moniker of Workspace ONE. The Workspace ONE product offers unified monitoring and management for numerous endpoints, including those from several leading IoT manufacturers.
Simply put, Workspace ONE applies policies to any connected device by controlling traffic to it. This approach solves many of the security concerns around IoT. However, critical functions, such as patching or device configuration, may not be supported on all devices. What’s more, Workspace ONE is tied directly to TCP/IP-based communications, which may limit connectivity to RFID-based devices.
Approaches may need to be different for the industrial IoT. Companies such as Lowry Solutions are constructing devices and creating software solutions that provide a better path toward integrating IoT into manufacturing environments, while also incorporating the needed administrative shims to enable unified management on an enterprise scale.
While both Lowry Solutions and VMware have made some strides into the world of unified endpoint management, the divergence of IoT architectures prevents UEM from being able to manage every kind of IoT device. However, as IoT manufacturers begin to adopt industry standards and use more common open source-based firmware, such as those built on Linux, management challenges will ease. Until then, vet IoT devices based on how easy they are to manage and secure.
Frank J. Ohlhorst is a technology journalist and IT industry analyst with extensive experience as a business consultant, editor, author, and blogger.