
During conversations with CIOs, CISOs, and IT Managers, they often bring up an issue we as security practitioners don’t normally think about, and that’s maintenance. When we think of most commodity IT today, reliability is not really an issue, and when it is, replacement is much faster and cheaper than having a technician show up to troubleshoot a problem.
But that’s not necessarily the case when we’re talking about IoT devices. Many devices have some mechanical component to them: a pump, a solenoid, or a relay. Anything not purely solid-state is going to have a greater need for maintenance.
But that’s not necessarily the case when we’re talking about IoT devices. Many devices have some mechanical component to them: a pump, a solenoid, or a relay. Anything not purely solid-state is going to have a greater need for maintenance.
How much maintenance? That’s the rub. Manufacturers assume that in a “normal” deployment and operating conditions, a given class of device might reasonably be expected to operate without issue for a given number of hours (Mean Time Between Failure). Sometimes that number is well past the timeframe that an institution might normally replace those devices in the normal course of events (tech refresh). But how do you know if your deployment of those devices, and how hard you work them, is normal? Business operating hours may be 9-to-5 or 24/7, but how do you know if any given device is really used that much?
Contrary to popular belief, it is possible to maintain something too much, just as you can not maintain it enough. An underworked device that is frequently opened and fiddled with is at risk for failure just as a device that is worked well beyond normal operating capacities and tolerances but not maintained.
Then there is the issue of the costs associated with carrying out maintenance that isn’t actually useful. For many maintenance functions, the time required to complete them properly, the labor required to do the job, and the impact of a device being out of service can all be quantified. Maintenance itself costs money, and the negative impact of unnecessary maintenance can cost even more money.
The negative impacts associated with not maintaining devices adequately is even more obvious. The “mean” in MTBF is just that - the average time. If margins need boosting, an organization might be tempted to push off properly scheduled maintenance and assume the risk that an actual failure is well past the mean.
But how do you really know how much your devices are actually being used? Odds are you don’t really know what your enterprise is made of. If you have a sufficiently IoT-rich environment, you may have a better handle on the IoT devices in use, but little or no visibility into how much they are used. Using a common example we see in the medical space: of a hospital’s 50 infusion pumps, maybe only half of them are used normally on a regular basis, a percentage of them are used far more than normal, and another percentage of them rarely get used because crafty staff who don’t want to go hunting for a pump when they need it hide them away.
The good news is you don’t have to guess how much any given IT or IoT device is actually used, for how long, and how hard. With Senrio Insight you can know with precision exactly which devices are on - and off - and for how long. You can know which devices need to be looked at now, and which will probably last well into your next tech refresh. You can know what you really should be ordering in the way of equipment, not simply re-ordering the same number and type of devices just because that’s how it's always been done.
Contrary to popular belief, it is possible to maintain something too much, just as you can not maintain it enough. An underworked device that is frequently opened and fiddled with is at risk for failure just as a device that is worked well beyond normal operating capacities and tolerances but not maintained.
Then there is the issue of the costs associated with carrying out maintenance that isn’t actually useful. For many maintenance functions, the time required to complete them properly, the labor required to do the job, and the impact of a device being out of service can all be quantified. Maintenance itself costs money, and the negative impact of unnecessary maintenance can cost even more money.
The negative impacts associated with not maintaining devices adequately is even more obvious. The “mean” in MTBF is just that - the average time. If margins need boosting, an organization might be tempted to push off properly scheduled maintenance and assume the risk that an actual failure is well past the mean.
But how do you really know how much your devices are actually being used? Odds are you don’t really know what your enterprise is made of. If you have a sufficiently IoT-rich environment, you may have a better handle on the IoT devices in use, but little or no visibility into how much they are used. Using a common example we see in the medical space: of a hospital’s 50 infusion pumps, maybe only half of them are used normally on a regular basis, a percentage of them are used far more than normal, and another percentage of them rarely get used because crafty staff who don’t want to go hunting for a pump when they need it hide them away.
The good news is you don’t have to guess how much any given IT or IoT device is actually used, for how long, and how hard. With Senrio Insight you can know with precision exactly which devices are on - and off - and for how long. You can know which devices need to be looked at now, and which will probably last well into your next tech refresh. You can know what you really should be ordering in the way of equipment, not simply re-ordering the same number and type of devices just because that’s how it's always been done.