Getting these elements right can be the dividing line between IoT chaos or control
Too many vendor-based IoT blogs and articles go like this:
- AMAZING STATISTIC on the exponential growth of IoT! (Hint: It’s huge!)
- SCARY STATISTIC on how out of control the situation is. (Note: It’s very, very out of control!)
- (ANOTHER) SCARY STATISTIC on how a single compromised device can imperil your entire organization.
- CONCLUSION: Buy our stuff.
These basic tenets are obvious and generally well understood by anybody in the orbit of IT. Missing here, however, is what are the essential elements that are needed to get your Internet of Things (IoT) project off the ground. What should you be looking for or careful not to miss? Based on my conversations with many customers in all industries and in all phases of their IoT projects, I’ve put together six must-haves that need to be in any IoT plan.
Must-Have #1: Support for Smart Devices
IoT devices come in several different flavors. A common one is the “smart device.” Smart devices are small computers: they are IP addressable, have a microprocessor, communicate using a protocol (Wi-Fi, Z-wave, or other), and have memory storage for an X.509 certificate, which is a public key cryptographic document used to secure the device. A smart IoT device can perform some complex tasks, and some even have a user interface (UI) that can be accessed. Your IoT plan needs to make provisions for how to manage these smart devices, including how to update software, if allowed. Your plan should also take into account how to install and refresh a security certificate. And, it should address how to manage these devices like any other computer on your network. But aren’t all IoT devices “smart” you may ask? Read on to find out.
Must-Have #2: Support for Constrained Devices
Not all IoT devices are “smart”. In fact, quite a few are just inexpensive, single-purpose devices that sit at the edge of the network and communicate through a gateway. These are known as “constrained” devices because they are limited – or constrained – in how much you can interface with the device or customize it for your environment. An example is a simple temperature sensor. But that doesn’t mean you can ignore them. The truth is you’ll have both smart and constrained devices on your network, and you need a solution that can manage both.
Must-Have #3: Support for Offline Capabilities
Think of where IoT devices are installed. While most are operating within the comfortable confines of the network WiFi, many others are mobile or far afield in places like factories, oil platforms, utility buildings, cars, and the like. Communications may be intermittent. A critical, often overlooked element in IoT plans is how do you support the offline nature of IoT devices? In particular, how do you authenticate devices to ensure they can continue to do their jobs while momentarily unable to connect to the network? A well-executed IoT plan should account for how offline devices can be secured and authenticated while off the network. Also needing to be accounted for is what happens when they rejoin the network in terms of synchronization with policy changes and event logs.
Must-Have #4: Manage IoT and Humans With a Common Platform
Who wants one more platform to manage? My guess is nobody. In that case, you need to manage your IoT devices like you do your users – with the same identity platform. This can be done because the users and devices share similar management and lifecycle needs. Just as you have users join your organization, gain various levels of access, and eventually leave, you also need to verify your IoT devices, authenticate them, give them various levels of access, and then eventually terminate their access and retire them. After all, the principles of least privileges and entitlement creep apply to non-human identities as well. Doing this on a common platform will allow you to manage both human and IoT assets through a common interface.
Must-Have #5: Integration with Leading IoT Platforms
The leading cloud platform providers – Google, Amazon, and Microsoft – all have their IoT management features. Best of all, their basic capabilities are often low-cost or even free to use. This is great, but it’s just a starting point. While those vendors offer deep analytics capabilities, they stop where real identity management capabilities are needed. The cloud providers hand these capabilities off to the IoT application that can manage and secure the IoT devices. That’s why selecting a vendor that has tight integration into your chosen cloud vendor’s platform is essential.
Must-Have #6: Automatic Authentication, Authorization, and Registration
Just as it is increasingly difficult – or almost impossible to manually manage the sprawl of identities in your environment – it is nearly impossible to manage all the IoT devices connecting to your network on a daily basis. Once devices are known on the network, a good IoT platform can automatically register devices when they turn on and automatically authenticate them. Automation is the only way to handle IoT projects. Make sure you include vendors who have an automated approach.
ForgeRock IoT can provide all the must-haves on our list. Getting your IoT projects off the ground and doing it right the first time with these critical capabilities can mean the difference between having a smooth, automated, secure IoT infrastructure that drives your business forward with confidence, or one that takes you into chaos. Contact ForgeRock to learn more about how our experts can help you with your IoT projects.