Tech companies of every stripe are staking their claim to the internet of things, and networking vendors like Aruba are no exception. But to hear co-founder and president Keerti Melkote tell it, his company’s pitch might have a little more heat on it than others.
Aruba’s IoT credentials are based on a relatively simple premise – by definition, IoT devices have to be on the network, and they’re one of the bigger fish in that particular pool.
The company has a lot of experience in onboarding devices – hard-won during the era of BYOD, covering provisioning, credentials, privilege levels and monitoring – which translates well to the world of IoT, particularly given the urgent need to secure those devices.
“Security for IoT is the number one issue right now,” Melkote said in an interview. A lot of what makes up enterprise IoT – as opposed to consumer IoT or industrial IoT – is smart building tech, including physical security, lighting, HVAC and more. These are areas traditionally owned by the facilities section of a business, not IT.
“What IT does is give them a network drop and say ‘have at it,’” said Melkote. “That’s about it.”
Consequently, many of those devices are on the network, but aren’t secured. “A great target for a hacker,” he noted.
Regulatory progress – in particular, the European Union’s General Data Protection Regulation that’s weeks away from taking full effect – is adding impetus to the company’s drive toward better security and privacy controls, he says. GDPR requires businesses to protect the personal data included in transactions that take place inside the EU.
“I think GDPR will become a global thing. As a vendor we are accountable to GDPR issues, and that sets the bar. So now, I might as well go global with it,” said Melkote.
Since Aruba has to do business in those jurisdictions, it’ll comply with the applicable laws, so the effect of something like GDPR might be to improve IoT security conditions worldwide, not just in Europe.
What that means for Aruba is that the company is going to have to use its existing expertise while learning new tricks, aided by corporate parent HPE. First on the list is adding deeper analysis capabilities to the company’s repertoire, and doing it not in the data center, but at the edge, via more capable endpoints and hub devices.
“All these IoT devices are generating data of some sort – they’re all sensors – and you want to crunch the data closer to the device in many cases, simply because it’s controlling some equipment,” Melkote said. “When you’re controlling, real-time responses become very important.”
For consumer IoT, you don’t need a lot of edge computing – smart home gizmos and the like are all essentially cloud front-ends. But it’s a different story when you’re talking about enterprise and industrial IoT applications.
“The IoT opportunity becomes an all-in infrastructure opportunity,” Melkote said. “You need to have the network, you need to have the compute, you need to have the storage. And then you need to have the software.”
Melkote admitted that it’s been a challenge to move into the IoT space, where a certain degree of specialist knowledge of a given vertical – successful medical IoT, for example, requires expertise in the medical technology field – but that partnerships have proven key to addressing this.
These include partners in building controls, medical pumps, asset tracking, mobile communications and video distribution, among others.
“We end up occupying more the IT infrastructure landscape, with the OT stuff, the domain expertise, coming from our partners,” he said.