The benefits that IoT technology can bring to organisations of all shapes and sizes, across multiple different sectors, are well-discussed. But implementing IoT devices throughout an organisation is not a one-way street of benefits – it also introduces some all-new challenges. One of the most significant is asset management – that is, how best to manage this sometimes vast proliferation of connected devices.
Every IoT device – from the simplest sensor through to the most sophisticated connected machine – is a new endpoint device, a new physical asset. It is a potential point of infiltration for cybercrime; it is a potential point of failure in the organisation’s IT infrastructure. Every IoT device needs to be visible and manageable by the organisation in question.
How to achieve this?
First, we need to take a step back. IoT asset management is just part of IT asset management – which in turn is just part of broader organisational asset management, including elements like facilities management and corporate asset management.
Part of why IoT asset management can be so challenging is that it crosses between these different forms of broader enterprise asset management. A previously unconnected physical asset, whether a simple light fighting or a sophisticated piece of kit on a manufacturing production line, starts off firmly within facilities or corporate asset management. But once it is connected – made smart – made part of the IoT – it also comes under the scope of IT asset management.
This means that asset management for the IoT era needs to take account of this dynamism, and greater collaboration and visibility needs to be set up between the IT and facilities management departments. For functions that might previously have been completely separate and discrete, this can be an interesting challenge.
The IT department is theoretically best-placed to take charge of a more comprehensive view of asset management – after all, it has the expertise in cybersecurity, data compliance, and so on. However, even the simpler end of IT asset management – looking after individual laptops, desktops, smartphones, and tablets, for example – can be messier than ideal in many organisations.
So the second key step in IoT asset management is to get your broader IT asset management programme in order. This requires an overarching strategic approach, set and owned by an individual or team. It requires a defined asset scope, with centralised control, and then a series of effective asset policies which cascade down from there. Remember that every single individual within the organisation who uses IT assets – which will be nearly everyone – has a role to play in enforcing and maintaining the asset management programme.
Only once the IT asset management house is in order can we move onto the third key step – bringing IoT devices into the scope of broader IT asset management. This means characterising all smart and connected devices as part of the IT infrastructure – something which facilities managers, for example, may not previously have considered when deploying, say, a smart lighting or heating system.
As such, everyone with procurement powers that could cover IoT devices needs to be made aware that in doing so they are introducing more devices to the organisation’s IT infrastructure. For larger organisations, this probably means centralising supplier and vendor management, as well as service integration. Every single IoT device, after all, needs to be considered as part of the overall security and risk posture.
This multi-layered approach is essential if organisations excitedly deploying hundreds or even thousands of new IoT devices are to do so in a way which keeps their infrastructure secure and their operations smooth.