BY DENNY FISHER, Chief strategist, ACS
There will be an estimated 50 billion devices connected to the Internet by 2020. Are you prepared?
You need to know how to manage these devices, monitor their effectiveness within your environment and keep them up to date. One of the biggest questions you’ll need to answer is what you monitor and how it’s monitored. A managed services provider can best help you through that process.
In this article we’ll walk through the steps you’ll need to consider when trying to manage all your devices.
Create a schematic of your environment
First, define tiers of criticality within your environment. You’ll need to know which applications are critical and where they fall within those tiers. Tiers zero or one are typically the most important devices in your environment. Each tier contains layers within it that operate different segments such as servers, security, the overall network and even individual business departments.
“What has the bigger impact if it goes down or there’s a problem?” said Tim Moore, the director of managed services for ACS.
For example, which servers or devices would stop everything and render your business inoperable if they were to fail, and which devices could you continue to function without?
It’s similar to the electrical system of your house. If one outlet stops working, you can use another, whereas if a fuse blows, an entire area of your house might not have power. Similarly, if the power transformer for your neighborhood loses power, it affects your entire house and each of the houses around you. Each of these components — an outlet, a fuse, a transformer — holds a different level of criticality and therefore a different remediation plan.
Decide what needs to be monitored
“If it’s in your environment, it needs to be monitored,” Moore said. “It’s in your environment for a reason.”
Determining the importance of the device and the metrics by which its performance is measured will help you determine the device’s tier. Levels of importance include informational, warning or critical and whether it needs a reaction. These levels are similar to the difference between knowing there’s going to be a storm vs. seeking shelter because there is a tornado about the strike.
Monitoring is important to the Internet of Things (IoT) because most, if not all, of them will be connected to the Internet. If, for example, your Samsung refrigerator stops regulating temperature, the refrigerator’s programmable logic controller reports to Samsung that there is a problem. The thermostat in your refrigerator affects your food reserve much like the thermostat in your server room affects your systems. If the room gets too hot, your systems will “spoil.”
The number of devices available is so large and continues to increase – a 200 percent jump from 2015 to 2020 – and many have little to no built-in security.
“Therefore, monitoring these devices and the security layers is paramount to reduce risk,” Moore said.
Devise a response plan; train your employees
If one of your most critical top-tier devices fails, do you have a response plan? The downtime of top-tier devices will trickle down and affect all other layers of your system.
Have a plan for situations in case your chiller, the air conditioning unit in your server room, goes down. This could include a battery-operated backup or generator. If your server went down, what steps would you take? Do you know what switches oversee which items and where they are located in the system?
“If you’re not going to react, don’t bother monitoring,” Moore said.
Monitoring the IoT should be done with a pull tactic, meaning monitored devices can be asked questions and have information requested of them. You don’t want the monitored device to automatically volunteer information. If your device is automatically volunteering information, you have no way of recording a failure or being notified of a failure. By requesting information from your devices, you increase the accuracy with which you can determine a failure. Part of your response plan should be to know whom to contact and how to remediate each IoT device. This could include the manufacturing of a machine on your production line or the support line for your coffee maker. Every Internet-enabled device has the potential to affect your environment. With the criticality of some of these devices, this will be of the upmost importance in case of a shutdown or another issue. Ensure that your employees have the skills and expertise to solve each of these potential problems.
“Knowing you have a problem means nothing without the ability and knowledge to react and resolve the issue,” Moore said.
If the check engine light comes on, you know you have a problem. You can either react and solve it, or continue to do nothing.
Consider outsourcing your monitoring
If you hire an outside company to monitor your system, it reduces some of the risk for reaction time and down time. You’re contracting a company to monitor the system 24 hours a day, seven days a week and to see a problem as soon as it begins. Moore said outsourcing also can save money because a business does not need to purchase the hardware and software for a monitoring system. The quicker the problem is identified, the quicker it can be solved.
“You’re mitigating the financial risk by lowering the reaction and resolution time for those risks,” he said.
You know you need to be able to take action quickly if there’s an issue with your network. Next month, we’ll explain the characteristics of an effective incident response plan, what to consider in one and the players to include.
|Denny Fisher, Chief Strategist