Organisations will not be in a position to employ all the skills it needs to implement, develop and maintain for its digital infrastructure and applications. The choice is going to be which skills are most important to an organisation. This selection needs to be very discriminating and focus on differentiating skills – those that really make a difference within your ecosystem, particularly for your customers and employees.
Organisations will need a great partner who can deliver generic skills and more services. They will have better economies of scale and skill and will free management to attend to those things most important to customers and employees.
Hybrid Cloud has an Edge
Almost every organisation has a hybrid cloud environment. This is not a projection – it has already happened. And most organisations are not well equipped to deal with this situation.
Organisations may not be aware that they are using multiple public clouds. Many of the niche SaaS applications used by an organisation will use Microsoft Azure, AWS or GCP, so it is highly likely organisations are already using multiple public clouds. Not to mention the offerings from vendors such as Oracle, Salesforce, SAP and IBM. IT teams need to be able to monitor, manage and maintain this complex set of environments. But we are only in the early stages of integrating these different services and systems.
But there is a third leg to this digital infrastructure stool that is becoming increasingly important – what we call “the Edge” – where applications are deployed as part of the sensors that collect data in different environments. This includes applications such as pattern recognition systems embedded in cameras so that network and server delays cannot affect the performance of the edge systems. We can see this happening even in our homes. Google supports their Nest domestic products, while Alexa uses AWS. Not to mention Amazon’s Ring home security products.
With the sheer number of these edge devices that already exist, the complexity it adds to the hybrid environment is huge. And we expect IT organisations to be able to support and manage these.
Simplify, Specialise, Scale
The lessons for IT organisations are threefold:
Simplify as much as possible while you are implementing new features and facilities. Retiring legacy infrastructure elements should be consistently included in the IT Team objectives. This should be done as part of implementing new capabilities in areas that are related to the legacy.
Specialise in the skills that are the differentiators for your organisation with its customers and employees. Find great partners who can provide the more generic skills and services to take this load off your team.
Scale your hybrid management environment so that you can automate as much of the running of your infrastructure as possible. You need to make your IT Team as productive as possible, and they will need power tools.
For IT vendors, the lessons are similar.
Simplify customer offers as much as possible so that integration with your offering is fast and frugal. Work with them to reduce and retire as much of their legacy as possible as you implement your services. Duplication of even part of your offer will complicate your delivery of high-quality services.
Understand where your customers have chosen to specialise and look to complement their skills. And consistently demonstrate that you are the best in delivering these generic capabilities.
Scale your integration capabilities so that your customers can operate through that mythical single pane of glass. They will be struggling with the complexities of the hybrid infrastructure that include multiple cloud vendors, on-premises equipment, and edge services.
Effective prescriptive maintenance only becomes possible after the accumulation and integration of multiple data sources over an extended period. Inference models should understand both normal and abnormal equipment performance in various conditions, such as extreme weather, during incorrect operation, or when adjacent parts are degraded. For many smaller organisations or those deploying new equipment, the necessary volume of data will not be available without the assistance of equipment manufacturers. Moreover, even manufacturers will not have sufficient data on interaction with complementary equipment. This provides an opportunity for large operators to sell their own inference models as a new revenue stream. For example, an electrical grid operator in North America can partner with a similar, but smaller organisation in Europe to provide operational data and maintenance recommendations. Similarly, telecom providers, regional transportation providers, logistics companies, and smart cities will find industry players in other geographies that they do not naturally compete with.
Employing multiple sensors. Baseline conditions and failure signatures are improved using machine learning based on feeds from multiple sensors, such as those that monitor vibration, sound, temperature, pressure, and humidity. The use of multiple sensors makes it possible to not only identify potential failure but also the reason for it and can therefore more accurately prescribe a solution to prevent an outage.
Data assessment and integration. Prescriptive maintenance is most effective when multiple data sources are unified as inputs. Identify the location of these sources, such as ERP systems, time series on site, environmental data provided externally, or even in emails or on paper. A data fabric should be considered to ensure insights can be extracted from data no matter the environment it resides in.
Automated action. Reduce the potential for human error or delay by automatically generating alerts and work orders for resource managers and service staff in the event of anomaly detection. Criticality measures should be adopted to help prioritise maintenance tasks and reduce alert noise.
Johnson Controls/DigiCert have designed a new way of managing PKI certification for IoT devices through their partnership and integration of the DigiCert ONE™ PKI management platform and the Johnson Controls OpenBlue IoT device platform. Based on an advanced, container-based design, DigiCert ONE allows organisations to implement robust PKI deployment and management in any environment, roll out new services and manage users and devices across your organisation at any scale no matter the stage of their lifecycle. This creates an operational synergy within the Operational Technology (OT) and IoT spaces to ensure that hardware, software and communication remains trusted throughout the lifecycle.
Rationale on the Role of Certification in IoT Management
Digital certificates ensure the integrity of data and device communications through encryption and authentication, ensuring that transmitted data are genuine and have not been altered or tampered with. With government regulations worldwide mandating secure transit (and storage) of PII data, PKI can help ensure compliance with the regulations by securing the communication channel between the device and the gateway.
Connected IoT devices interact with each other through machine to machine (M2M) communication. Each of these billions of interactions will require authentication of device credentials for the endpoints to prove the device’s digital identity. In such scenarios, an identity management approach based on passwords or passcodes is not practical, and PKI digital certificates are by far the best option for IoT credential management today.
Creating lifecycle management for connected devices, including revocation of expired certificates, is another example where PKI can help to secure IoT devices. Having a robust management platform that enables device management, revocation and renewal of certificates is a critical component of a successful PKI. IoT devices will also need regular patches and upgrades to their firmware, with code signing being critical to ensure the integrity of the downloaded firmware – another example of the close linkage between the IoT world and the PKI world.
PKI certification benefits both people and processes. PKI enables identity assurance while digital certificates validate the identity of the connected device. Use of PKI for IoT is a necessary trend for sense of trust in the network and for quality control of device management.
Identifying the IoT device is critical in managing its lifespan and recognizing its legitimacy in the network. Building in the ability for PKI at the device’s manufacture is critical to enable the device for its lifetime. By recognizing a device, information on it can be maintained in an inventory and its lifecycle and replacement can be better managed. Once a certificate has been distributed and certified, having the control of PKI systems creates life-cycle management.