We’re excited to announce that Entgra Cloud users now have access to the latest version of our Unified Endpoint Management (UEM) product – Entgra UEM 5.2. We designed Entgra UEM 5.2 specifically with Entgra Cloud users in mind. One of the highlights of the latest product version is that you can enroll your devices in a simpler, more straightforward manner. Entgra UEM 5.2 enables you to onboard your first device easily, contact support for faster replies to your queries, and also comes with a self-guided UI tour for your convenience.
The previous version of Entgra Cloud provided an older version of Entgra UEM. With the latest upgrade, Entgra Cloud users now have access to the following benefits:
Self-guided enrollment with clear directions
Per-tenant theming for customizations
Guided UI tour to provide a better understanding of features
Live chat for faster answers to your questions
Disable unwanted apps without block listing them
Agent labeling by sending a notification to the device
Device tracking enhancements for complete visibility over your device fleet
Read our release blog to learn more about these features. We also discussed upcoming changes to Entgra UEM that you can expect this year in this webinar.
3-phase migration process for existing Entgra Cloud users
If you’re an existing Entgra Cloud user, we have organized a 3 phase step-by-step process where you can migrate to Entgra UEM 5.2. We have to migrate the agent versions on the devices to take full advantage of the latest features.
Here is an overview of this process:
Phase 1: Agent upgrades
Phase 2: Portal migration
Phase 3: Migration completion
We will inform you when the migration process starts and its progress. With your help, we hope to migrate all agents to the latest product version within a few weeks after we begin this process.
Please contact us via the support portal if you have any questions. If you’re a new user curious to learn more about Entgra UEM’s expansible endpoint management features, sign up for our user evaluation trial here.
We are delighted to introduce Entgra UEM 5.1! Last month, we released Entgra UEM 5.0 with its all-new UI, updated analytics and dashboards, new support policies for Android and Windows, improved Docker support for product profiles, and enhanced API integrations.
Entgra UEM 5.1 is an extended version of the product that encompasses our Mobile Device Management (MDM) and Mobile Application Management (MAM) capabilities in addition to integrating Internet of Things (IoT) capabilities within a single platform.
While there are no architectural changes in Entegra UEM 5.1, we have introduced new features, improvements, and bug fixes. We considered numerous customer issues when developing these upgrades.
Here’s a comprehensive list of feature upgrades in this release:
Define permissible account types – You can specify the number of accounts per type and the account types allowed on the device.
Display changed device name in agent – Device name changed by admin via APIs in the agent now visible.
Trigger operation simultaneously in a device group – Ability to simultaneously deliver one or more actions to a device group.
Direct publishing of app releases – Authorized users can publish releases without following the app lifecycle.
Alternate app installing capability – An alternative mechanism in the agent that enables installing apps hosted in environments other than the app store, and/or to be used if the standard installation fails.
Complete file access permission for Android 11 and above – Improvements to storage access related permissions on Android 11 and above.
We hope to give our customers a better and more effective product with the release of Entgra UEM 5.1. To learn more about the product, refer to the documentation here. If you have any questions, do reach out to us at contact@entgra.io
If we are to describe the modern banking, financial services, and insurance industry (BFSI) in one word, we would say complex. With the onset of digitalization, many customer services are now online; banking and insurance mobile apps are increasingly becoming the norm. Apart from this transformation of customer services, traditional banks are facing competition from neobanks – technology-driven, agile banking and financial service providers. Neobanks often have lower operational costs as they are mainly online-based. Similarly, “born digital” insurers that leverage technologies such as artificial intelligence (AI) are competing with established insurance companies. We have also seen the rise of super apps that offer consumer services through third party integrations with several digital payment options (i.e., WeChat, Grab, AliPay, Gojek, to name a few). To stay ahead of these new disruptive developments and remain relevant to younger, digital native consumers, traditional BFSI companies are adopting digital-first strategies.
Competition is not the only factor that contributes to the complexity of today’s banking and financial services industry. As more services are available online and accessible from mobile devices, there are significantly higher security risks. In 2020, the BFSI industry was the top target for cyberattacks. The number of devices used in this industry is rising due to digitalization. Microfinance and insurance companies also have a mobile workforce, where employees travel to many locations to support their customer base.
The BFSI industry in Sri Lanka and digitalization
The BFSI industry in Sri Lanka is undergoing rapid growth. Innovation has become the defining characteristic of this growth, as institutions strive to differentiate their products and services. Digital onboarding, QR based payments, digital wallets, mobile applications, and mobile payments are some of these new services. With innovation and greater device use, device security inevitably becomes a major concern for the industry. Enterprise Mobility Management (EMM) has a pivotal role to play in catering to this innovative landscape and making it secure for all the customers. In this highly sensitive market, even the Central Bank of Sri Lanka (CBSL) introduced explicit guidelines to ensure the protection and security of mobile devices so that users are not exposed to threats in an uncontrollable manner.
Any digital-first strategy must then address flexibility, efficiency, and security. Discussions around device management and security often lead to Mobile Device Management (MDM). Let us start with some basics. MDM is a software solution that empowers IT admins to manage, monitor, and secure devices across different operating systems in an enterprise IT ecosystem. Banks, financial services providers, and insurance companies cannot control customers’ devices – but you can control your own devices and provide secure services to your customers.
In this blog we will delve into some common challenges faced by organizations and how you can address them by implementing an MDM strategy.
Mobility challenges in the BFSI industry
Challenges in the BFSI industry vary – they range from securing data to ensuring that corporate devices are used for their intended purposes. Each organization will have their own challenge. Some common issues are:
Centralized management of devices
One of the biggest challenges in Sri Lanka’s BFSI industry is the lack of a proper system that manages devices and tracks their usage. The latter is to monitor whether the field sales agents are not misusing corporate devices by using these devices to view non-related videos, play games, install improper wallpapers or apps that can lead to a loss of productivity or damage the organization’s reputation.
Launching apps and pushing app updates
In the microfinance industry, field sales agents are required to visit remote areas where the WiFi connectivity could be weak and/or challenging. Under these circumstances, pushing app updates is a daunting task.
Data security
The BFSI industry possesses large volumes of sensitive data. It is vulnerable to cyber-attacks. Any compromises in data security are costly for an organization’s reputation and will have an adverse impact on its business operations. The BFSI industry faces immense pressure to protect data in case a device is stolen or lost and must have the ability to erase all data stored in a device.
Benefits of an MDM strategy
Centralized device, app, and data management
An IT ecosystem with many different types of devices, apps, and data will have multiple endpoints. With unified endpoint management (UEM) capabilities, you will be able to centralize all your UEM functions in one place – regardless of the operating systems that your devices use.
Faster onboarding of new customers and team members
The MDM solution will oversee identity management – authentication, passwords, and authorization. The onboarding of new customers can become an online, device based function – which is more efficient and faster than dealing with cumbersome manual tasks. Similarly, granting the right authorization for your team members to use corporate devices will become a simpler task.
Mitigating effects during security breaches
Lost or misplaced devices, or any loss of data from apps need quick responses. MDM solutions provide geotracking capabilities to locate devices remotely, plus the ability to lock devices and delete data in the case of a security breach. This way, you can prevent the mishandling of devices and your all important data.
Remote troubleshooting
MDM solutions provide remote troubleshooting capabilities which is especially helpful if you have team members working in many geographic locations i.e., based in the field. In the event of device problems, these team members are not dependent on admins who are based elsewhere to solve such issues.
Device usage control and SIM lock-in
Restrict enterprise device use to required apps only through app blacklisting features to ensure that devices are used for work-related purposes. Moreover, you can also bind mobile SIM data to these apps only so that you do not incur any additional costs with your data packages.
Business intelligence
MDM solutions give you device usage statistics that you can view on dashboards. The data gives you insights into team performance and any app upgrades required.
Extensive integrations and customizations
You can customize the solution to suit your specific requirements, with the necessary dashboards, reporting, and analytics features.
At Entgra, we understand each of the challenges faced by the BFSI industry and we have a highly customizable product that will enable you to respond to rapid changes. Entgra MDM is a centralized device management and unified endpoint management platform that helps you manage your many device identities securely. You have access to a host of features such as remote device management, analytics and dashboards, and simplified device enrollment. Learn more here and start the conversation with us.
Entgra MDM is a unified platform for developing, managing, and integrating Unified Endpoints (UEM), Enterprise Internet of Things (IoT), and Enterprise Mobility Management (EMM).
Asgardeo is an IDaaS developed by WSO2. It is a developer-friendly platform for managing user identities and accessing management seamlessly. This blog will explain the configurations that you need to do on Asgardeo and Entgra MDM.
What is an external IDP?
In a nutshell, an external identity provider is a service that manages and stores user identities. It provides authentication and authorization services to other applications and services. Although Entgra MDM has an in-built identity server that can leverage all identity and access management (IAM) related services, it also provides flexibility to developers as they can connect with external IDPs.
Configuring Asgardeo
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 35
First, create an Asgardeo account and the rest is easy. Use the following link to sign up.
Creating an organization
The concept of organization is something similar to the term tenant of WSO2 Identity Server. Create an organization by clicking on the dropdown menu on the top-left corner of the page.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 36
This will prompt a simple form where we have to enter the name of the organization we are trying to create. (Note: this will allow only simple alphabetic characters and does not support other numerical, special characters or capital letters.)
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 37
For the purposes of this blog, I’ve created an organization named “devorganization”. Once the organization is set, create a new OIDC application.
Creating a new OIDC application
Click “Develop” on the top menu of the Asgardeo console and it will take you to the following page.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 38
Then click on the “New Application” button and choose “Standard-based application”.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 39
Give a name to the application and make sure to choose OIDC as the protocol. Check “Management application” if the application needs to access any management APIs of the organization. Finally, click on “Register” to create the application.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 40
Inside the application settings, go to protocols and update the grant types as follows:
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 41
Add https://localhost:9443/commonauth as the Authorized redirect URL. This is the URL to which the Asgardeo will redirect after completing authentication.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 42
Creating new custom user-attributes
When using external IDPs, although the users will be stored inside the external IDP, they might have to be provisioned inside Entgra MDM using just-in-time provisioning (JIT). Map attributes such as username, role, etc. with the local attributes. To create a new attribute, click “Manage” on the top menu and then navigate to the attributes section.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 43
Click on “Attributes” and then proceed to “New attributes” to add a new attribute. Create a couple of attributes for username and role, namely the “asgardeo-username” and “asgardeo-role”.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 44
After creating the attributes, it will redirect you to the configuration page of the attribute. Under this configuration, check the two configurations below and click on the update button to save the configurations.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 45
These two configuration will enable the display of these attributes in the user profile and make them mandatory.
Configuring the scopes
Configure the scopes to map the above attributes against “openid” scope, so that these attributes will pass during JIT provisioning. Under the “Manage” section, click on “Scopes”.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 46
Click the edit icon of the “Open ID” scope and then click the “New Attribute” button inside it to add an attribute to this scope.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 47
Check the “Asgardeo Username” and “Asgardeo Role” attributes and click on the “Save” button
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 48
Go to the created application and edit the user attributes as follows and click “Update” to save these changes:
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 49
Creating a new user account
You must then create a new user account to test the Asgardeo authentication flow. Under the “Manager” section, click on the “Users” section to view the user management page. Click on the “Add User” button to create a new user.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 50
Create a new user by filling out the following fields along with a temporary password.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 51
After creating the user account, go to the user’s profile and update the attributes that were created earlier and click on the “Update” button to save the changes.
Changing the subject claim of Asgardeo to username
By default, the User ID is set as the subject claim in Asgardeo. Entgra MDM will be looking for a username under the subject claim of the ID token. Therefore, we might have to update the subject claim of Asgardeo using their management APIs. Invoke the following APIs using the CURLs provided in the given order to change the subject claim.
Generate an access token using the client credentials of the application.
Search for all the applications under the organization and find the application-ID of the application you have created.
curl --location --request GET 'https://api.asgardeo.io/t/<organization_name>/api/server/v1/applications' \
--header 'Authorization: Bearer <access_token>'
Retrieve the application details using the above application-ID.
curl --location --request GET 'https://api.asgardeo.io/t/<organization_name>/api/server/v1/applications/<application_id>' \
--header 'Authorization: Bearer <access_token>'
Patch the application by changing the sub-claim to asgardeo_username. Change the values of the claim mappings and requested claims, based on the response received in step 3.
So far we have completed the Asgardeo configuration successfully. Now let’s move on to configuration of Entgra MDM.
Creating a new user role
To explore various features of Entgra’s web applications, a user might need certain permissions. You have to create a new role for that and assign a few permissions. Inside the carbon console, click on “Add” under the “Users and Roles” section and then click on “Add New Role”. Let’s create a role called “test-role” and then click “Next” to add permissions.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 52
You can now see a permission tree with a list of permissions. Click on the “device-mgt” permission and it will choose the child permissions automatically.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 53
Adding a new Identity Provider
Log into the carbon console of Entgra MDM via https://localhost:9443/carbon and click on “Add” under the Identity Provider sections on the left vertical menu. You will see the following page and can configure the basic configuration as shown below:
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 54
Configure the “Claim Configuration” as shown below. Here we are mapping the Asgardeo Role attribute with our internal role claim.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 55
Configure the “Role Configuration” as shown below. We are trying to map the “Asgardeo Role” attribute value against an internal role named “Internal/devicemgt-user” that is already configured inside the product.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 56
Configure the” Federated Authenticators” as shown below. Replace the client-id and client-secret with your Asgardeo application’s credentials.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 57
Configure the Just-in-Time provisioning to “Silent provisioning”.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 58
Configuring Service Provider
Entgra MDM comes with multiple web applications. Each of these web applications will have a service provider created inside the carbon console. To view the service providers, navigate to the Service Providers page. For this tutorial purpose, let’s try to configure Entgra’s Endpoint Management application with Asgardeo. Edit the Endpoint Management application’s service provider from the Service Providers page. If you cant see the service provider, try to log in to the endpoint management application at least once through the following URL: https://localhost:9443/endpoint-mgt.
Under the service provider, change the Authentication type to “Federated Authentication” and chose “Asgardeo” as the identity provider.
Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC 59
Voila! Now, we have successfully configured an Entgra MDM application, to SSO with Asgardeo IDaaS. Now you can log in to the https://localhost:9443/endpoint-mgt application using Asgardeo.
I hope that you found this blog useful. If you have any questions, do reach out to us here.
We’re pleased to announce that Entgra MDM has yet another new feature – geofencing capabilities. Enterprise Mobility Management (EMM) admins can define required virtual perimeters for controlling access over specified boundaries and perform some operations to those which are inside of those boundaries. Geofencing is a very useful feature in governing access for user groups. It can be conveniently set up by drawing boundaries over areas on the map.
Let’s discuss how the geofencing capabilities work through an example. Imagine that the Ministry of Education wants to provide tablets or mobile devices for school children in rural areas for online learning during the pandemic. And they wish to provide all the learning materials to the devices and manage those device capabilities. Additionally, they want to ensure that these devices do not leave school premises. The Ministry can use geofencing capabilities to monitor the devices’ locations, manage capabilities, and perform certain actions.
The Functionality of Geofencing Capabilities
Before you create a geofence, you need to set up the Alerting Configurations under the Platform Configurations. You can provide an email address where you can receive alerts. According to your use case, you can define whether users cross or access boundaries.
After defining the configurations you will be able to create geofences in Entgra MDM. The following data should be provided to create a new geofence.
Geofence name: Provide a name for identifying the geofence
Description: Add more details about the geofence
Device group(s): Assign a group (or groups) that consists of the devices that need to belong to the geofence
Event configurations: Add the given alert configuration to the relevant field
Afterwards, you need to mark the boundary line on the map. By using a shape such as a polygon or a circle, mark the area that you want to define as the geofence and then click on the Create button. The geofence table lists all the geofences that you create.
Returning to our example, after creating a geofence by including the school boundaries, if one of the students tries to leave the school with a device, the head of the school receives an alert and he/she can track the device location. The head of the school can also view how many devices in the relevant geofence are active at any given time. In addition, it can check the location of the provided devices and the device count, preventing devices from being misplaced.
Not only that, the group (or groups) that created the geofence can apply the required educational materials at the same time, adding various restrictions to the devices and managing them.
Entgra MDM has extensive enterprise wide MDM features that you can customize for your business needs. Learn more about the product and how we can help here.
Entgra MDM now enables you to allow and block listed apps with the latest feature. Enterprise Mobility Management (EMM) admins can manage device applications by using the blacklisting and whitelisting technique.
By way of an example, think of a school or an educational institute that provides tablets to their students for online learning. Admins need to restrict several apps from these devices (such as social media apps) in these scenarios. This means that these apps will be blacklisted whilst other apps, such as educational ones, would be installed in the devices sans interaction with the students.
The app blacklisting and whitelisting feature help you to meet these requirements. App whitelisting means that all applications, except the ones explicitly defined, are blocked. End users can only use apps that have been explicitly defined. App blacklisting occurs when defined applications cannot be installed on target devices. If the given black listed apps are already installed, they will be removed from devices.
The Entgra IoT Platform has an Application Restriction Settings policy with the capability to manage device applications for appropriate users. You can access this policy in the Android policy section on the Entgra IoT Platform. In this feature, you have the ability to select the appropriate app list type. Depending on the type selected, the functionality is as follows:
Allow List
After selecting the allow list you need to add these apps’ names and their package names. When the policy is applied to the device, only the listed app will be available and other apps will disappear.
Block List
Provide the names of the apps and package names that you want to add to the block list. When the policy is applied to the device, only the listed app will be removed and other apps will remain in the device.
In this way, you can change the number of apps on devices according to your preferences.
Let us return to the example. The head of the school or institution can add apps and their package names that he/she wants to block from the devices to the Block list. These listed apps will be removed from the devices while the required apps will remain. On the other hand, if he/she wants to add some educational or learning aid apps to the students’ devices, these can be installed through this policy.
Entgra MDM has extensive enterprise wide MDM features that you can customize for your business needs. Learn more about the product and how we can help here.
This blog is the second part of a series that deep dives into Entgra’s Enterprise Mobility Management (EMM) capabilities. Through this blog series, we aim to provide a better understanding of how Entgra’s technology can help you manage and secure your devices, improve the performance of your employees, and increase business profits through seamless device management.
Transfer Your Files and Perform Operations in Local Device Files
Imagine that you are managing a sales team. Your day to day activities involve sending sales reports or any other kind of find to your team members’ mobile phones or tablets. Or perhaps you need to edit files that you have already sent by renaming it or delete unnecessary files stored in a device. These actions can be performed easily when you are in the office.
Now imagine that your sales team is in the field and you want to transfer files to them, transfer files from their device to your server or perform an operation on the file in their device without disturbing them.
Fortunately, there’s a way to perform these actions.
Entgra IoT Server, with its EMM features, provides file transfer features to tackle similar kinds of scenarios.Admins can transfer files from an FTP server to a folder in the user’s device and vice versa using the file transfer feature. It is also possible to remotely access a device’s file system and perform file management tasks such as copy, rename, and delete files.
Here’s a short video that illustrates how simple remote and access is:
Using Devices in the Field
Click on the “connect to device” option on each device to start a remote session when using your devices in the field. This will display the device’s files on the screen. Select the option that allows you to select a server, where you can view all preconfigured FTP servers. Then simply click one of the servers, the server files will be fetched and shown on the screen. You can select any file and perform file transfer from local device to the FTP server or vice versa. This also comes with an option to rename and delete the local files in the device also.
The first blog of this series gives you a quick introduction to our remote screen sharing and control features. You can read the blog here. You can learn more about our IoT, EMM, and Mobile Device Management (MDM) technology here. We’re always happy to hear from you, so drop us an email on contact@entgra.io to start a conversation with us.
How Sri Lanka’s Government Administrators Can Digitalize Vital Citizen Data Collection Functions
Sri Lanka has a multitude of government agencies with varying levels of processes involved. At present, numerous public field officers employed by these agencies perform many tasks – such as citizen data collection – manually using paper forms. They include village officers (or Grama Sevakas), public health inspectors (PHIs), community midwives, environmental police officers, municipal council employees, and field officers from the Department of Agrarian Development and the Department of Census and Statistics to name a few. They then visit the relevant area government offices to sync their work – again performed manually.
In a bid to digitalize key government functions, some agencies have begun distributing public field officers with mobile devices that contain a set of apps to eliminate these manual tasks and ensure that data is available in a centralized system in a timely manner.
While this is a welcome move, this endeavor does not address key functionalities. These include:
A centralized strategy to monitor and manage devices deployed in the field.
An ecosystem to provide remote app updates or new apps. Public field officers are required to manually download and install apps.
Strategy to provide operating system (OS)/ security updates and mandatory app updates such as virus guards.
Remote troubleshooting of device, app, and OS related issues that would eliminate time consuming and costly field visits by IT support teams.
Tools to enforce data usage restrictions, misuse of devices or data/ device theft.
System level architecture to provide centralized identity, device management, integration or APIs.
The lack of these functionalities would pose several challenges that will impede the long term success of a large scale project such as this. This blog provides a step-by-step guide on how government agencies can implement a device strategy that addresses these functionalities and simplifies data collection whilst saving costs in the long term.
Device Strategy and Ecosystem: A Step-by-Step Guide
The device strategy and ecosystem must address each of the following considerations before devices are used in the field.
Device functionality
Takes into account issues such as device robustness, how they would work in the field seamlessly, battery life of each device, and device weight.
Device specifications
Operating system used by devices (i.e. OS or Android), scanning requirements, whether or not devices are able to connect to printers, and the warranty period of devices.
Device ownership and user policies
Privacy and user guidelines are central to a project such as this. The device strategy must address who exactly will be given access to use devices in the field, guidelines for doing so, and the policy adopted for usage outside of official duties.
Identity and access management and storage
Security and identity management (IAM) are often the cornerstones of a sound device management strategy. A successful IAM system consists of single sign-on (SSO), self sign up, password set ups, and password resets. This system must decide on whether OTPs for sign up will be sent via SMS or email for secure signing in and the official verification/approval process.
Device configuration
Test devices, check runtime usage, and ensure that onboarding configurations are functioning as intended and device apps work in offline mode.
App development
Apps must incorporate user behavior, use the mobile device management (MDM) app store, sandbox environment in place, and kick start beta testing.
Device distribution and education
Once all of the above are in place, the relevant government agencies must prepare lists of device recipients, map serial number ID with employee IDs, decide on a complete support structure (i.e. who will provide 1st and 2nd level support), prepare instruction manuals to educate users, and organize device delivery to the field force. This is also the ideal time to formulate the device roll out plan and scale the device system with the expected support load.
Run a pilot and deploy devices to the field
This is the ideal moment to define the defect reporting process and the warranty claim process.
Pre-work device check and monitoring
Finally, before devices are in full use, assess the level of support needed, how alerts/escalations are reported, and app functionality.
Data Analysis and Visualization to Aid Policy Makers
A project such as this will require particular attention paid to methods of data storage and visualization to facilitate analysis by policy makers. The device strategy requires a central data storage mechanism – by ‘data’ we refer to both citizen data and device functionality data. Data visualization will be enabled in the form of dashboards to aid government employees and policy makers.
By implementing a device strategy with these considerations in mind, government agencies are better able to lower costs through greater control over device usage, plan for the long term, and start digitalizing services for the benefit of citizens, policy makers, and public field officers alike.
Entgra provides has worked with many public agencies and private sector organizations to implement robust device strategies. Learn more here.
With the ongoing pandemic creating many upheavals, organizations are increasingly grappling with a monumental challenge – creating seamless workflows and remote working environments whilst staying resilient, relevant, and flexible to respond to present and future changes. These changes are also taking place against a backdrop of evolving technology usage, both by organizations and individuals. Industry analyst Gartner identified Internet of Behavior (IoB) as one of the strategic technology trends for 2021. Explained simply, IoB is a data-driven approach to guide behavior. Data is gathered from many different sources and IoB will increasingly shape interactions between people and organizations. Using data from multiple sources and devices to gain insights into business operational processes and productivity is of course not a new phenomena. Organizations across industries have been moving towards deploying connected devices and Internet of Things (IoT) enabled business environments for quite some time.
Successful use of IoT technology requires a device strategy, regardless of the type of organization. When I use the term “devices,” I refer to both mobile devices and IoT enabled devices. A device strategy must take into consideration 7 important factors to thrive: business planning, product building, operational efficiency, scaling, tech support, value creation, and sustainability.
Business Planning
Organizations that require a device strategy fall into 4 broad categories – device manufacturers, application developers, system integrators, and device users. Each of them have different needs and priorities when formulating a device strategy. As a starting point, ask yourself some crucial questions about your organization – which of the above 4 categories you belong to and what your organization envisions for itself.
Here is an overview of the different technology requirements for these organization types:
Device manufacturers – to develop devices and basic software (such as an API) to showcase device capabilities
Application developers – need to build IoT applications on top of their existing hardware
Systems integrators – to integrate several IoT applications and create value in a particular industry
Device users – provide devices to their employees to be used for specific purposes
Product Building
All of these organizations must then identify the specific market requirements, target customers, and the expected types of device engagement. These are the things to keep in mind for a product building strategy.
A generic guideline is as follows:
Device manufacturers consider where and how the devices are to be used, taking into considerations issues such as device robustness, protocol use (existing or new protocols), chipset usage (existing or new chipsets), device security, and power consumption.
Application developers are mainly concerned with the types of devices that will be used, the type of software platform to use, application distribution, and how the application logic compares with power consumption.
Systems integrators’ main concerns are with integration – which platform to use, the need of new platforms, security, protocols, analytics, dashboards, and how they can expose APIs with external parties.
Device users need to understand if they’re using the right type of device, whether or not these devices are user friendly, data security and storage, and device ownership (who owns the devices – the organization, device manufacturer, or the employee).
Operational Efficiency
Once you build your IoT applications and deploy your devices, then it’s time to think about operational efficiency. Your key concerns at this stage would broadly consist of detecting device failure notifications, identifying device anomalies early so as to minimize operational disruptions, pushing software updates to all your devices in your ecosystems, and how you can reset your devices in the case of a security breach.
Scaling
Any organization must first have a thorough understanding of their IoT deployment so that they can formulate and implement a scaling strategy. A starting point for this exercise would be to first identify which architecture layer within your IoT deployment needs scaling and how this can be done, recognize usage and failure patterns, consider questions around device throttling, and finally, if your organizations will use server or edge computing capabilities.
Support
When we talk about technology support, the biggest issue is what actions an organization will have to take when a remotely installed device fails. Using backup devices is an option (although this is often not the most cost-effective choice).
Value Creation
Devices and their deployment are expensive. Long term value creation must therefore be a cornerstone of your device strategy. Measure the impact of device integration and understand what steps your organization can take to prevent your devices from becoming less valuable over time, how your organization can gain a competitive advantage through your devices, what type of data can be generated from your devices for business insights, and how you can diversify your business offerings and processes.
Sustainability
A discussion about value creation naturally leads to questions about sustainability. Sustainability focuses on 3 areas – technology, data security, and legal challenges.
On the technology front, devices and platforms used today may not be valid in several months’ time. As such, organizations must address any vendor lock in issues with your devices, whether or not your platform can be scaled with other devices and applications, and any license fees and data ownership concerns that you will encounter.
When considering data security, any breach impacts consumer trust in your organization which in turn affects sustainability. Pay particular attention to how your data is stored, whether or not you use a managed cloud service, who will be given access to the data, whether or not a data filtering mechanism exists within your organization, and how your mobile apps were developed.
Finally, on the legal challenges front, many regions have introduced data privacy and security laws, for example, GDPR in the EU, CCPA in California, USA, and CDR in Australia. With these regulations, there’s a chain of liability, many different and complex data ownership scenarios, and automated contracts. Any questions on a sustainable device strategy must look into the intricacies of these regulations and even in the absence of formal regulations, pay heed to privacy concerns of individuals and device users.
Learn more about our Mobile Device Management (MDM) and IoT technology. Our customers span the Android device manufacturing, original design manufacturing, government, education, pharmaceutical, healthcare, insurance, and service industries.
