Device Management and IoT Security Challenges | IoT For All Podcast E123 | SecuriThings’ Roy Dagan

you are listening to the iot for all media network hello everyone and welcome to another episode of the iot for all podcast on the iot for all media network i'm your host ryan chicone one of the co-creators of iot for all now before we jump into this episode please don't forget to subscribe on your favorite podcast platform or join our newsletter at iotforall.com newsletter to catch all the newest episodes as soon as they come out before we get started if any of you out there are looking to enter the fast growing and profitable iot market but don't know where to start check out our sponsor leverages iot solutions development platform which provides everything you need to create turnkey iot products that you can white label and resell under your own brand to learn more go to iotchangeseverything.com that's iot changeseverything.com

so without further ado please enjoy this episode of the iot fall podcast welcome roy to the i24 podcast thanks for being here this week sure thing thanks for inviting me ryan yeah it's great to have you i'd love to start out with you giving a quick introduction about yourself background anything you think would be interesting for our audience to hear um and then we'll go from there sounds good um so i've been in tech for a few years for almost 20 years now started in one of the intelligence units in the israeli army i'm based in tel aviv these days by the way um after the army i served for a few years i studied computer science but i always worked as a product manager or managed teams of product managers i worked at various startups as well as corporates but mostly all the companies i worked at were focused on either you know the cyber security space risk detection analytics or kind of the combination of all of the above worked at companies you know just to name a few rsa security uh nice uh systems uh and others and and by the way at rsa that's also where i met uh rahnan which is our cto and my co-founder so we know each other for quite a quite a few years now and we spent them time at rsa and then started a few years later we kind of regrouped and started working on secure things tell me a little bit more about security things um obviously talk about what you'll do just you know at a high level but at the same time i'm always curious to hear about the story behind why the company was founded the opportunity you saw in the market all those good things sure thing so initially when we started the company you know and as probably you can sense from the name of the company we're very focused on cyber security for iot devices and also also initially more targeting uh kind of a manufacturers uh in this uh space and then what we realized over time is you know and after obviously speaking with a lot of customers uh that there is kind of a bigger bigger pain or some customers are really facing a bigger challenge so cyber security is definitely part of it but it's also a combination of operational and compliance challenges or which are really part of that pain and we saw a need to kind of extend the solution and provide something broader to the market and that was kind of the evolution so initially very cyber security focused and it was pretty good because that gave us a really strong foundation and it was pretty straightforward to expand that offering and to add the rest of the capabilities more of the operational and health monitoring capabilities and so on and that's when we really came up with the term iot ops which kind of you know encompasses all those capabilities together from our perspective yes so tell me a little bit more about when you say iot ops what what does that mean it's it's a term you know it's relatively new it's i've heard it a couple places here and there um but what is what is what are iot ops teams you know why are they important you know that kind of thing sure thing so the way we see it it's kind of a you know rising practice which kind of encompasses all the operational teams which are accountable for you know deployment availability but also security of these devices um these teams you know the organizations have these teams which are responsible for monitoring the status of devices you know in some cases directing technicians or system integrators uh defining and implementing the policies uh resolving all kind of issues with the devices overseeing upgrades and more and more tasks and we saw that these organizations and especially you know those what we call kind of infrastructure-based enterprises so you know think about airports or large universities or tech companies retailers financial institutions sure they're really based on you know a lot of kind of infrastructure there's a lot of operations operations especially when it comes to these devices and we kind of saw that these teams were i'd say kind of underserved um you know and while they're if you look at the ai it's pretty interesting if you look at the i.t space there's all these huge categories which have been around for for years right so orchestration and automation observability in cyber and you know this just goes on and on and we just saw that in the iot space in in enterprises in large organization um there's something missing and there's no kind of uh there's missing kind of an equivalent of that kind of i.t system which will serve these teams and that's when you know especially when we kind of extended the solution in the offering we also decided to coin that term iot ops uh to give it kind of a name for those teams and that practice fantastic okay that makes a lot of sense now going back a little bit more to to the company and kind of what you all have going on can you talk through um maybe not put any names attached to it which is totally fine but maybe just a little bit more about some use cases or active deployments that are out in the in the real world just to kind of bring it all full circle for audience sure sure sounds good so if we think about the deployments and type of customers we're deployed you know it's industries like casper you have hospitals and large uh retailers and financial institutions and airports universities and these are the type of of uh customers and organizations when you look at these organizations they have a lot of devices scattered all over the networks over sites over branches really all over the place think about the cameras access control systems building management systems and so on uh you'll see from you know the high hundreds to thousands tens of thousands in some cases well over a hundred thousand of these devices um and when you get to that scale you know everything from probably a couple of hundred of devices obviously also depends of the size of team you have it becomes a kind of a liability to manage these devices you have different types of devices different models different firmware versions and you need to kind of find a way to manage them all together okay so when we talk about the use cases you know it's it kind of depends on the industry and in some cases it's more towards a cyber in other cases more towards the you know automation capabilities sometimes more towards the the health or operational uh but you'll see things where for example risk detection is is a big thing a big use case and i think that's it's pretty specific uh to the way these iot deployments uh take place because they're very different from you know the standard it device so if you think about it uh with you know standard i.t device it goes all goes through it and is then you know handed to an employee or to a development team and so on with the iot devices so let's take like a camera or a panel access control system um you have a vendor so a manufacturer you have in many cases a distributor a system integrator and then you know they roll a truck out and they just place it on the network so that means that it doesn't really go through it okay and that's that's a challenge because there's cases of misconfigurations right of the devices uh you don't really know everyone follows the same procedures in some cases you don't really have that procedure in place so you have a device which is running on the network in many cases with many other devices and you really don't know what's happening with the device right after it's deployed um you know another example in deployment where you know customer wear status verification of devices is a big thing for them so you know even knowing uh for every device uh when if whether it's up and running and when it when it's failing or about to fail okay because that can then help them also with the incident handling sure and incident handling is a big is a big problem today because it's it's costly uh because in in many cases in the industry it's very common to again just roll a truck out yeah of course but what if you had the opportunity to use a system and automate that process and just you know click a button and fix that that issue and it goes on to you know use cases where you know customers are using it for kind of the ongoing maintenance okay so making sure that they're uh in compliance with things like firmware upgrades and making sure that there are no vulnerabilities on these devices because there are a lot of known vulnerabilities but not always are the devices upgraded either to a later the latest and greatest or just you know upgraded to a patched version right so that's also a significant uh challenge uh for customers across do you um i guess as you work with more companies kind of across different areas have you seen a common thread of the challenges that companies face um just kind of across the board or does it really vary depending on company size type focus industry et cetera when they come to you so i think typically they all have the same challenges but it really varies kind of the mixture or what the focus is okay so it's always there is some concern around you know the cyber threat but it depends on the industry and the type of team and you know in many cases is how many scrutiny is there from it how much do they they understand the cyber and the risk involved with these devices there there is always awareness but the question is how much and how uh how much they want to do uh battle can they do about it okay uh but then again it's again around the same use cases and across but you'll find that there's a different mixture based on the the industry okay and what that industry needs and you know the practices uh within that industry in some cases it's also obviously specific to the organization and things which are mandatory mandated on the organizational level makes sense so let me ask this then what advice do you have for companies who let's say have lots of devices right now um that are running on maybe a single network with no real way to manage them in a unified way kind of how do you approach that kind of problem uh how common is that problem and then you know how what is the advice that you have for for companies to help solve that and why it's important sure so very common so to start by answering it's it's very common there's a lot of devices and it's hard to say uh what's out there in many cases even the project of you know and these are the managed devices but even with these managed devices that you know they're out there and they you have a team which is responsible uh in some cases even pulling the right of the required information to know what needs to be done is a project by itself and that can take days you know working with excel files and all kind of tools just to pull that data from each server from each site connecting to that manually and then pulling that information so that by itself is a project so i'd say first it's kind of you know um the finding out what devices are you have there what management systems you have that have out there how many sites uh but also kind of the policy so ham who is responsible for all those devices is there one group within the organization or if it's each kind of um line of business business by itself but really kind of getting you know the best will be to get to that kind of consolidated level so you have kind of a bird's eye view onto on onto everything and then continue from there and perform the rest of the operations after you have kind of that level of visibility which you know you need to know what comes next and how you improve things within the organization that makes sense great um so let me ask um a question kind of just a little bit higher level here um when you just engage with companies kind of in the capacity that that's most normal to you all um where do you see i guess the biggest biggest potential i guess going forward for not only what you do but just kind of the the securing of smart devices and things in that space kind of over the next six to 12 months so a lot of our focus today is around the physical security devices um so again your cameras access control systems another such devices and we work closely with the companies uh with different vendors and system integrators uh in that space and there's a lot of potential and where you know there's a lot of customers and a lot of focus uh we have is there today but we're gradually also starting to expand to other areas you know building management and other kind of adjacent areas and other uh kind of managed i'd say managed unmanaged devices uh within the enterprise that have the the same challenges in some cases the the teams are kind of similar or adjacent to the teams we're working with uh today um so again the focus today will be kind of uh continuing working with the physical security team and gradually also expanding okay gotcha and um as as we kind of move into five 5g kind of entering the market i'm curious to get your take on how you see 5g kind of impacting the work you all do and how you kind of just suspect that organizations will embrace new connectivity technologies like 5g and new ones that come out you know is is there are you seeing kind of a positive take on new connectivity technologies as they come out and um what are your thoughts just kind of as as we kind of move forward into um the development and the launch of new technologies like 5g that's an interesting question i must say and i think at least from what we're seeing in the enterprise space today in the areas where we're deployed in the the types of customers it's still i think it's kind of early and hard to say it's hard to say when they'll be deployed you know how how far out in the future okay uh it is until it becomes you know very very common it's hard to say who will manage the devices you know it will be an external uh vendor someone within the organization so i'd say there's still a kind of uh just a bit of unknowns of what will happen it will definitely be interesting uh but i i still can't say um you know when that will happen if it's you know near future yeah or a few years from now yeah i'm very curious as well um 5g has been a very interesting topic for a number of our podcast episodes just kind of getting people's perception on it so i was just kind of curious from your angle of the market kind of how you see new technologies kind of influencing the work you all do and if it's a big influence if at all yeah so again at this point um we're not seeing much of it uh in in the areas where we are deployed in the enterprise and also um in the system integration world okay um but you know i'm sure we'll start seeing more and more how do you all how do you all handle the kind of education of of iot and the importance of the work you do when you talk to customers or go to try to bring on new customers and kind of and you know kind of handle more of i guess the marketing side and is a way to kind of collectively describe this but how do you um do you run into a lot of problems where the organizations that you talk to um are kind of unfamiliar with the importance of some of the offerings you have to the market obviously they are super important but i just wonder and we try to learn this on our side is is how connected those companies who have thousands of devices are to the real kind of understanding of the security side of the devices how to manage the devices how to handle the devices basically doing the best practices for an iot deployment and the security of their devices a lot of them are not as up to speed on them and i'm curious if you guys run into that problem too when you engage with organizations um kind of at any level yeah so i'd say there's uh probably uh two different kind of use cases here so those which are you know looking for a solution and you know just know that there's a better way to do things and those which at this point of time are kind of realizing that there's probably you know both on the cyber side as well as the operational side kind of understand that the way they were doing thing you know manually in some cases in some cases some of the stuff that our solution system does it's pretty much impossible to do without the right technology sure so they're kind of realizing that there's probably a better way to do and in that case they're you know approaching their uh system integrators and really starting to look for for a solution so it's a really interesting point in time to be in this market because the customers are kind of realizing that they have this significant pain and you know it's the right time whether a resolution is kind of available to solve uh this pain around education i think it's a lot of matter of um kind of speaking the right lingo right and kind of knowing which which team you're speaking with so in many cases we speak with you know the iot ops teams or you know the physical security or building management and so on uh which is kind of a different language uh it's different devices a lot of things are very different uh from your you know the it teams um it's it's just it's different and what we realized is that we kind of need to understand kind of both worlds and at the end of the day what we're doing is kind of really bridging between those worlds right the system can cater to some of the needs of the more of the uh operational teams but at the same time catered to the needs of the it or secops teams or those teams which have kind of been around and you know used to using their own system so we also provide them that the capabilities to integrate with those systems but when it comes to the marketing really kind of knowing you know with which team uh we're speaking and what they know what they know about the systems that they have in place and the challenges yeah that's interesting um how it kind of varies from team to team um do you i guess i'm trying to think of how to ask this question but obviously we see the potential and the value of of what iot technologies can do the the the value brings to to the business and the organization uh as it relates to things like cost savings you know et cetera do you ever run into talking with individuals or teams that just don't really get iot don't really understand the value or think it's more kind of one of the answers to one of the pre-interview questions was that iot is science fiction um is that something that is more common than maybe i realize because we're so close to the industry we don't we don't really run into too many people um that are you know that don't really believe in it but i'm curious from your side is that is that a common thing and how is that approached yeah that's interesting um and i think that's also we saw it kind of in the evolution of you know the company uh where we decided uh pretty early on to focus on what's really out there you know what and on the kind of the science fiction and what's going to be uh released and you know a few years out but really see which devices already out there are connected our large scale our iot devices are obviously ip enabled and you're using all these technologies and are uh creating these challenges uh for enterprises so i'd say you know in some cases the customers don't uh some of the customers you know might call them in different names at the end of the day these are you know the iot devices and they've been around for years sure right so if you look at the again the the spaces where we are in like physical security as one then you know these devices have been ip based digital for for for many years now you do run in and every now and then organizations which still have some analog devices but the vast majority has already been kind of transitioned so i'd say in nara in our case we don't really run into that kind of being science fiction because that's kind of their day-to-day fair enough yeah it makes a lot of sense just curious um but as we wrap up here i have just a couple of general questions i want to um i want to run by you and just get your take on so the first one is uh as we kind of move into post-pandemic world hopefully um what are you seeing as the biggest opportunities and the biggest things in iot that you're most excited for so that's uh it's it's interesting and i think that's uh so again i agree hopefully we're moving out of that phase in the world uh but we saw kind of a shift um and which is creating an opportunity in the last year since the pandemic started and i'd say a few things which we we kind of saw out there uh one is the need in remote work um you know organizations want to roll uh less trucks out there want less people to be on site or at least want to know that they have the ability to do stuff remotely and to have the tools to do stuff remotely the second thing we saw is uh and you touched upon that also and kind of the cost savings okay so how how can organizations do more with less um in some cases with some customers the teams haven't been growing in some cases they're actually been shrinking and they still need to do the same amount of work or the same type of work uh with a smaller team um so that's another another trend which we've been seeing and i think the the another thing is kind of realizing that automation is key for these devices um and realizing that before um before the pandemic uh either you know you didn't do some of the stuff uh or you put a few folks to do it uh manually or kind of semi semi-manually but then realize with everything that happened with the pandemic so you need to that you need to find a better way to do it and it's kind of been pushing organizations i believe uh to improve their practices uh when possible gotcha okay fantastic um as it relates to security things a little bit more are there any interesting or exciting news happenings um things are kind of coming out in the pipeline the next number of months that our audience should pay attention to what are we going to look out for so so yeah we actually uh just uh recently raised recently announced an around uh 14 million dollar round a couple months ago congrats thank you thank you thank you um and yeah things are looking very very well very good and the team is growing um in the team you know more customers and we're just looking to see how we can provide more value to our customers so we're growing both obviously on the engineering side and we're constantly improving the system and always want to make sure that their customers and our partners are extremely happy and will continue to doing that do that and release more and more capabilities but also obviously and go to market and marketing and you know more uh kind of some of the stuff we talked about and how can we help the industry and help educate uh where needed absolutely so definitely see more than that more than that fantastic i think this podcast will do a lot to help educate our audience on a number of key areas um and we'd love to obviously have you all become even a more active contributor with our with our audience now that we have this this new found podcast relationship so maybe we can find some ways to promote a lot of more about what you're all doing kind of the education piece i know our audience would probably benefit a ton from it um if so if in the meantime every audience wants to learn more and kind of get a better sense of what you all are doing have questions engage with you directly what's the best way to do that so either through our website or www at us or through the email you know info at securethings.com awesome

all right well roy this has been a fantastic conversation i really appreciate your time today um we look forward to getting this out to our audience in the next number of weeks and you know if there's anything else that we can do on the iot for all side to help promote what you all are doing you know share your knowledge and expertise in the space to hopefully um uh you know build that presence up and drive engagement please let us know thanks a lot ryan i appreciate it alright everyone thanks again for joining us this week on the iot for all podcast i hope you enjoyed this episode and if you did please leave us a rating or review and be sure to subscribe to our podcast on whichever platform you're listening to us on also if you have a guest you'd like to see on the show please drop us a note at ryan iotfrall.com and we'll do everything we can to get them as a featured guest other than that thanks again for listening and we'll see you next time

2021-07-11 22:59

Other news