How to Manage Your Device Fleet in the Age of IIoT

Main drivers of an IIoT ecosystem, device management strategies, and getting started. 

Lenny Kuhne on Unsplash

Industrial Internet of Things (IIoT) today

The internet has grown to remarkable eminence, progressing a long way from its humble beginnings as a coke vending machine1 following basic instructions. Today, the semantic web engages with us interactively and processes information for us intelligently.

The Internet of Things (IoT) encompasses a connected system of devices and sensors with the ability to gather, process, and exchange data over a network (not necessarily the internet), thereby enabling remote monitoring, evaluation, and administration of such devices. In a broader sense, this is about the integration of people, processes, and technology with devices, harnessing the best of each and making our lives easier.

With the advent of Industry 4.0, we are thrust forward with the Industrial Internet of Things (IIoT). It is a common misconception to think of IIoT as an extension of IoT. In reality, however, it is just a subcategory of IoT that expands into industrial applications of IoT. IIoT has evolved from Distributed Control Systems (DCS), where autonomous controllers were distributed throughout a system with localized control. Today, it is directed towards automation and improving the operational efficiencies of large industrial processes. It also includes consumer-facing applications such as wearable devices, smart home technologies, and self-driving cars.

In essence, both IoT and IIoT consist of a system of connected devices, machines, sensors, and infrastructure that transmits data via a network with the ability to remotely administer devices and processes.

IIoT is the decisive factor that empowers the Fourth Industrial Revolution, smartly dubbed Industry 4.0. Enabled by powerful emerging technologies such as Machine Learning (ML), Artificial Intelligence (AI), advanced robotics, big data, edge computing, and other innovative breakthroughs, IIoT is becoming an inescapable big player in our lives.

IIoT technologies empowering Industry 4.0

Having leapfrogged from steam engines2 to supercomputers by the Third Industrial Revolution, Industry 4.0 explores closer integration of digital technologies with the physical world in various industries to enhance efficiency, productivity, and innovation. 

Energy conserving smart cities with optimally controlled traffic, smart factories with digital twins maneuvering laborious tasks, and collaborative robots (Cobots) working alongside human operators are only some items on the IIoT promise shelf. Insights derived from wide data sources and analytics, predictive maintenance capabilities, and progressive automation are other transformative changes brought about by leveraging the power of connected devices and data analytics, leading to heightened competitiveness and sustainable growth in industries.

The technologies enabling and empowering IIoT vary from cybersecurity, cloud computing, edge computing, machine-to-machine communication, 3D printing, extended reality (XR), advanced robotics, big data, radio frequency identification (RFID) technology, cognitive computing, and a multitude of other such advancements in different fields.

Among them, some are more potent drivers that distinctively characterize an IIoT ecosystem. These include:

  • Cyber-Physical Systems (CPS): As the term implies, these systems are composed of digital systems integrated into the physical processes of an industry. Cyber-physical systems play a pivotal role in Industry 4.0 by connecting the physical and digital realms to enable more accurate decision-making, automation, optimization, and enhanced collaboration between humans, machines, and processes. They are a fundamental component of the smart, interconnected ecosystems that characterize Industry 4.0.

  • Cloud computing: A novel concept of getting the required computing services for a specified period of time over the internet instead of provisioning local hardware and infrastructure. Cloud computing covers a wide range of services, including storage, processing power, networking, and software. It offers various service models, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), catering to different levels of control and management. The elasticity of cloud computing, i.e., the ability to scale up or down as per changing workloads, ensures improved performance and efficient use of resources. Because cloud computing is a measured and on-demand service, it ensures cost-effective resource consumption and commercial viability.

  • Edge computing: This is a decentralized computing paradigm that brings computation and data storage closer to the location where they are needed instead of remotely accessing them via cloud servers. Data processing occurs at or near the “edge” of the network, typically closer to the source of data generation, which could be sensors, devices, machines, or users. Edge computing delivers reduced latency, real-time responsiveness, enhanced security, and improved bandwidth efficiency. It’s a critical technology for applications that require rapid processing and decision-making, especially in IIoT applications and Industry 4.0.
  • Big data: Comprises the massive volume of structured and unstructured data generated from various sources at a high velocity. This data is often too complex and large to be effectively processed and analyzed using traditional database management tools and methods. Big data encompasses a wide range of data types: text, images, videos, sensor readings, social media interactions, and more.
  • AI and ML: These technologies are critical requirements to transform raw data into insights that drive operational performance in industrial processes. They facilitate real-time data and updates, enhance operations, and enable predictive capabilities.
    AI and ML algorithms expedite data analysis and pattern recognition by processing large volumes of IIoT-generated data that help with predictive maintenance, anomaly detection, and real-time decision-making. Cognitive computing enables IIoT systems to understand and respond to natural language queries and instructions, thereby simplifying user interaction with complex industrial systems.

IIoT device management strategies

With Industrial IoT, we are talking about many different types of devices connected and integrated into a single digital ecosystem that seamlessly operate with each other and run multiple business processes efficiently. It is therefore imperative to have an effective device management strategy for your enterprise to ensure the security, robustness, and efficiency of your system. As an ever-increasing number of industrial devices become connected and integrated into the digital ecosystem, effective management and administration become a tedious task demanding much attention, time, and resources. Not so, however, if you have done your homework beforehand.

It is important to be aware of and proactively address the potential challenges of handling a collection of devices out at large. Some of the key factors to consider when managing fleets of disparate devices are displayed below.

Illustration: Device management strategy factors to consider when managing large device fleets

Securing your edge with Entgra solutions

Imagine having to herd a fleet of devices – hundreds and thousands of them at that – concurrently, efficiently, and flawlessly around the clock on multiple platforms, each with its own configuration settings and running on different operating systems? Quite the nightmare for a modern IT-admin shepherd if not for the convenience of effective device governance strategies at our disposal today. 

Endpoint devices encompass physical equipment connected to the digital ecosystem, exchanging with and sometimes processing information for the network. These include the commonly identified mobile devices, embedded devices, desktop computers, kiosks, virtual machines, servers, and wearables, as well as facilitating devices like routers, network gateways, firewalls, and load balancers.  Each of these comes with its own manufacturer and is often run on specific operating systems such as iOS, Android, or Windows. They gather, exchange, and sometimes process data which needs to be utilized securely and translated into intelligible information. This process is often handled by single-console device control and administration. Privacy regulations, device policies, and other factors that must guarantee the security of devices and data are also integral components of the process.

What the shepherd needs today, then, is a crook that can enroll, administer, and manage the whole of the device fleet with zero-touch (literally) agility and enable ceaseless, robust operation of the process with minimal intervention.

Entgra UEM for centralized device management and unified endpoint management (UEM) has extensive enterprise-wide customizable UEM features offering granular, simplified experiences and robust identity management capabilities. With its ability to trigger operations simultaneously in a device group, live feed, and Grafana-based dashboards, an IT administrator’s life is simplified manyfold.

The Entgra IoT Platform facilitates end-to-end IoT application development on one platform, giving you the ability to integrate all your devices and solutions. 

Device location tracking, enterprise wipe, device lock, and restriction policies are some of the security features Entgra offers as an accredited Google Enterprise EMM Partner for Android devices. 

Presently, our industry solutions cover factory floor monitoring, kiosk management, and utility meter connectivity. We provide customized IoT solutions catered to your specific factory floor device monitoring and control requirements and scalable kiosk management propositions befitting long-term growth. 

Entgra solutions combined would just be the shepherd’s crook that your enterprise needs to flourish unrestrained. 

Get onboard with our Try-It-Now product packages or contact us for further information on how we can help you. 


1. The first device on the Internet of Things – the first ARPANET-connected appliance – was a modified Coca-Cola vending machine at Carnegie Mellon University in 1982, marking the beginning of a network of smart devices. The machine was able to report its inventory and whether newly loaded drinks were cold.

2. Each Industrial Revolution has been marked by distinctive economic, social, and cultural changes. The First Industrial Revolution saw the transition from hand production methods to machines through the use of steam and water power.

Using Internet of Things (IoT) Powered Solutions for Data Collection and Cleaner Air

Photo by CHUTTERSNAP on Unsplash

We all know about the benefits of clean air for our health, lifestyles, and the planet. With emissions increasing globally, improving air monitoring capabilities is becoming even more important for environmental agencies. A part of these improvements lies in having access to data and information about air quality, as it is ultimately these insights that become useful when enacting regulations.

The Air Quality Index (AQI) is the standard for measuring air quality. It includes information about pollutants such as carbon monoxide, sulfur dioxide, nitrogen dioxide, aerosols, and ground level ozone. Air quality sensors measure the quantities of these pollutants present in a particular microclimate.

An IoT powered framework comprises multiple sensors, devices, and communication modems connected to a network. Measuring air quality can be time consuming and costly, however. And sometimes, there may be questions about how best to use the data collected. An IoT powered framework makes this process easier, provides you with a series of options that best fit your budget, and helps you reduce the manual work required. In this blog, we’ll explain how devices function in an air quality measurement system, how an IoT solution works typically, uses of the data collected, and the benefits of an IoT powered data collection system.

The data collection framework: Device capabilities

The sensors, devices, and communication modems of such a system will collect data (i.e. air pollutant quantities). You can select from a range of equipment based on your budget – from low cost, lower precision to expensive, high precision ones. Each type of device will have different capabilities:

  • Security measures – The market contains different communication modes and protocols with varying security measures, so it is important for you to understand these measures in advance.
  • Data collection methods – Some devices collect and transfer data in real time, while others perform these functions in batches. 
  • Computing functions – Some devices function as “dumb” data collectors and others can detect anomalies, sanitize, and perform automatic calibrations.
  • Power sources – Devices deployed indoors in remote locations can use power directly from an electricity grid. There are also devices that use power from solar panels to charge batteries.

The role of an IoT solution

The IoT solution will retrieve the data that your sensors, devices, and communication modems collect. Apart from data retrieval capabilities, the IoT solution will also oversee these functions:

  • Supporting different wire and application level protocols
  • Identifying degrading, rogue, or malfunctioning equipment
  • Collecting, storing, sanitizing, and enriching sensor readings, plus detecting anomalies
  • Integrating with similar weather-associated APIs and validate the data
  • Facilitating data sharing using industry standard managed API patterns
  • Calculating the AQI value and air quality category

How can I use the data collected?

We have discovered that the above question is quite a common one. The answer is that there are many applications and integrations that you can explore to create user-friendly data consumption/visibility models and even new revenue streams.

  • Develop different types of data consumption applications for different audiences. Configure the data so that it is visible on dashboards, embedded widgets, or mobile apps for user convenience.
  • Share data with different audiences – Environmental, aviation or military authorities, educational institutions, research bodies, the general public, etc. If you decide to share data in this way, you can also think about a monetization model.

Benefits of an IoT powered data collection system to determine air quality

A robust data collection system, the possession of a rich set of data, and the above mentioned application options are some of the obvious benefits. Some other ways you can benefit from an IoT powered data collection system are:

  • Cost control – As we mentioned earlier, devices have varying costs and precision levels. You can decide what types of devices that you want to use based on your budget and overall objectives for collecting the data.
  • 24/7 data availability – This is especially important to provide up-to-date AQI information to the public and other organizations; and issue alerts when required. The data will also form the cornerstone of planning air safety regulations.
  • Accessibility – You can use these devices in all environments, in urban and rural areas. It provides you with a mechanism to monitor the air quality in the more remote areas with no personnel being physically present in these areas too.

Once you have an understanding of the devices required for creating a data collection framework, your next step is to work with an IoT solutions provider and select the right technology platform. We built the Entgra IoT Platform with connectivity in mind – it provides you with the application building blocks to integrate all your devices under one platform. The platform addresses key technology needs for a data collection framework, such as extensive integration, data processing, extensible architecture, and data sharing via APIs. Find out how we can help you.

Configuring Asgardeo as an External IDP With Entgra MDM Using OIDC

Photo by Dan Nelson on Unsplash

Entgra MDM is a unified platform for developing, managing, and integrating Unified Endpoints (UEM), Enterprise Internet of Things (IoT), and Enterprise Mobility Management (EMM).

Asgardeo is an IDaaS developed by WSO2. It is a developer-friendly platform for managing user identities and accessing management seamlessly. This blog will explain the configurations that you need to do on Asgardeo and Entgra MDM. 

What is an external IDP?

In a nutshell, an external identity provider is a service that manages and stores user identities. It provides authentication and authorization services to other applications and services. Although Entgra MDM has an in-built identity server that can leverage all identity and access management (IAM) related services, it also provides flexibility to developers as they can connect with external IDPs.

Configuring Asgardeo

First, create an Asgardeo account and the rest is easy. Use the following link to sign up.

Creating an organization

The concept of organization is something similar to the term tenant of WSO2 Identity Server. Create an organization by clicking on the dropdown menu on the top-left corner of the page.

This will prompt a simple form where we have to enter the name of the organization we are trying to create. (Note: this will allow only simple alphabetic characters and does not support other numerical, special characters or capital letters.)

For the purposes of this blog, I’ve created an organization named “devorganization”. Once the organization is set, create a new  OIDC application.

Creating a new OIDC application

Click “Develop” on the top menu of the Asgardeo console and it will take you to the following page.

Then click on the “New Application” button and choose “Standard-based application”.

Give a name to the application and make sure to choose OIDC as the protocol. Check “Management application” if the application needs to access any management APIs of the organization. Finally, click on “Register” to create the application.

Inside the application settings, go to protocols and update the grant types as follows:

Add https://localhost:9443/commonauth as the Authorized redirect URL. This is the URL to which the Asgardeo will redirect after completing authentication.

Creating new custom user-attributes

When using external IDPs, although the users will be stored inside the external IDP, they might have to be provisioned inside Entgra MDM using just-in-time provisioning (JIT). Map attributes such as username, role, etc. with the local attributes. To create a new attribute, click “Manage” on the top menu and then navigate to the attributes section.

Click on “Attributes” and then proceed to “New attributes” to add a new attribute. Create a couple of attributes for username and role, namely the “asgardeo-username” and “asgardeo-role”.

After creating the attributes, it will redirect you to the configuration page of the attribute. Under this configuration, check the two configurations below and click on the update button to save the configurations.

These two configuration will enable the display of these attributes in the user profile and make them mandatory.

Configuring the scopes

Configure the scopes to map the above attributes against “openid” scope, so that these attributes will pass during JIT provisioning. Under the “Manage” section, click on “Scopes”.

Click the edit icon of the “Open ID” scope and then click the “New Attribute” button inside it to add an attribute to this scope.

Check the “Asgardeo Username” and “Asgardeo Role” attributes and click on the “Save” button

Go to the created application and edit the user attributes as follows and click “Update” to save these changes:

Creating a new user account

You must then create a new user account to test the Asgardeo authentication flow. Under the “Manager” section, click on the “Users” section to view the user management page. Click on the “Add User” button to create a new user.

Create a new user by filling out the following fields along with a temporary password.

After creating the user account, go to the user’s profile and update the attributes that were created earlier and click on the “Update” button to save the changes.

Changing the subject claim of Asgardeo to username

By default, the User ID is set as the subject claim in Asgardeo. Entgra MDM will be looking for a username under the subject claim of the ID token. Therefore, we might have to update the subject claim of Asgardeo using their management APIs. Invoke the following APIs using the CURLs provided in the given order to change the subject claim.

Generate an access token using the client credentials of the application.

curl --location --request POST '<organization_name>/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=<client_id>' \
--data-urlencode 'client_secret=<client_secret>' \
--data-urlencode 'scope=internal_application_mgt_view internal_application_mgt_update'

Search for all the applications under the organization and find the application-ID of the application you have created.

curl --location --request GET '<organization_name>/api/server/v1/applications' \
--header 'Authorization: Bearer <access_token>'

Retrieve the application details using the above application-ID.

curl --location --request GET '<organization_name>/api/server/v1/applications/<application_id>' \
--header 'Authorization: Bearer <access_token>'

Patch the application by changing the sub-claim to asgardeo_username. Change the values of the claim mappings and requested claims, based on the response received in step 3.

curl --location --request PATCH<organization_name>/api/server/v1/applications/<application_id>' \
--header 'Authorization: Bearer <access_token>' \
--header 'Content-Type: application/json' \
--data-raw '{
   "claimConfiguration": {
       "dialect": "LOCAL",
       "claimMappings": [
               "applicationClaim": "",
               "localClaim": {
                   "uri": ""
               "applicationClaim": "",
               "localClaim": {
                   "uri": ""
       "requestedClaims": [
               "claim": {
                   "uri": ""
               "mandatory": true
               "claim": {
                   "uri": ""
               "mandatory": true
       "subject": {
           "claim": {
               "uri": ""
           "includeUserDomain": false,
           "includeTenantDomain": false,
           "useMappedLocalSubject": false

Configuring Entgra MDM

So far we have completed the Asgardeo configuration successfully. Now let’s move on to configuration of Entgra MDM.

Creating a new user role

To explore various features of Entgra’s web applications, a user might need certain permissions. You have to create a new role for that and assign a few permissions. Inside the carbon console, click on “Add” under the “Users and Roles” section and then click on “Add New Role”. Let’s create a role called “test-role” and then click “Next” to add permissions.

You can now see a permission tree with a list of permissions. Click on the “device-mgt” permission and it will choose the child permissions automatically.

Adding a new Identity Provider

Log into the carbon console of Entgra MDM via https://localhost:9443/carbon and click on “Add” under the Identity Provider sections on the left vertical menu. You will see the following page and can configure the basic configuration as shown below:

Configure the “Claim Configuration” as shown below. Here we are mapping the Asgardeo Role attribute with our internal role claim.

Configure the “Role Configuration” as shown below. We are trying to map the “Asgardeo Role” attribute value against an internal role named “Internal/devicemgt-user” that is already configured inside the product.

Configure the” Federated Authenticators” as shown below. Replace the client-id and client-secret with your Asgardeo application’s credentials.

The endpoints are as follows:

Authorization Endpoint URL:
Token Endpoint URL:
Callback URL: https://localhost:9443/commonauth
Userinfo Endpoint URL:
Logout Endpoint URL:
Additional Query Parameters: scope=openid

Configure the Just-in-Time provisioning to “Silent provisioning”.

Configuring Service Provider

Entgra MDM comes with multiple web applications. Each of these web applications will have a service provider created inside the carbon console. To view the service providers, navigate to the Service Providers page. For this tutorial purpose, let’s try to configure Entgra’s Endpoint Management application with Asgardeo. Edit the Endpoint Management application’s service provider from the Service Providers page. If you cant see the service provider, try to log in to the endpoint management application at least once through the following URL:  https://localhost:9443/endpoint-mgt.

Under the service provider, change the Authentication type to “Federated Authentication” and chose “Asgardeo” as the identity provider.

Voila! Now, we have successfully configured an Entgra MDM application, to SSO with Asgardeo IDaaS. Now you can log in to the https://localhost:9443/endpoint-mgt application using Asgardeo.

I hope that you found this blog useful. If you have any questions, do reach out to us here.

Post-Pandemic Business Revival: Where Are We Headed?

Photo by Alec Favale on Unsplash

The effects of the COVID-19 pandemic continue to loom over us. With hopes of opening countries and returning to normalcy, we take one step forward, only to fall back two, with tightened masks. It surely will be a while before life as we once knew it can be restored.

Thrust with incertitude at all levels from economic subsistence, vocational hardship, healthcare exigencies, and the unpredictability of life in general, our core existential strategy for the last two years has primarily been inclined towards that of basic survival centered around us as individuals, our close-knit families and communities, and the associated temporal assets. The pandemic epiphany has brought about drastic changes in our lifestyles, calling us to revise our priorities with a new reality check in life. 

For business enterprises, this is bad news and has been so for the past two years. 

The Trending Story In Numbers

As with every historical industrial revolution, the effects of the pandemic will shape the economic trends for the future. Unsurprisingly, there will be an evident increase in remote working. A recent Gartner poll found that 48% of employees will likely work remotely at least part of the time after COVID-19 compared to 30% before the pandemic. Similarly, the McKinsey Global Institute estimates that more than 20% of the global workforce could work the majority of its time away from the office – and equally importantly, be just as effective. A consequent HR trend analysis by them indicates that 32% of organizations are replacing full time employees with contingent workers as a cost-saving measure. Prepped up for this, in a recent Gartner poll, 90% of HR leaders said employees would be allowed to work remotely even once COVID-19 vaccines are widely available.

As indicated by these statistics, we have embraced what worked well from the pandemic and are progressing forward retaining the lessons learned. There’s no going back now. Digitally enabled productivity gains have accelerated the Fourth Industrial Revolution powered by technology and defined by operational models that survived above the pandemic predicaments. 

Remote Working or the ability to Work From Anywhere (WFA) is clearly here to stay. So is the hybrid work model as has been discovered in a recent HR trend analysis by Gartner.

Accordingly, the most favorable operational model driving business transformations in the predictable future is that of the Hybrid Work model where employees interact with each other with a mix of distributed, co-located premises synchronously, and/or asynchronously.

Your employees are now empowered with the choice of how best productivity is accomplished – your job is to ensure they are sufficiently equipped to do so. 

Are We Ready? Fitting Device Strategy for Your Ecosystem

Managing a digital ecosystem of disparate devices on different platforms can be quite a challenge. Even more so are the conundrums involved with the smooth operation of digital systems whilst being caught unawares by the virus. It is therefore imperative that we make the most of what we have for continued existence of operations under the prevailing constraints.

In one of our recent undertakings, we set out to empower public field officers by helping them digitize their routine tasks. Whilst managing to effectively map the skill sets to devices and the appropriate technology during the project, we also analyzed and outlined how the government administrators in Sri Lanka can benefit from a centralized strategy to monitor and manage the devices deployed in the field. 

Ideally, a complete device strategy is woven around the business requirements of the enterprise, its device engagement criteria, product building, operational efficiency, scaling potential, and the extent of available technical support. Value creation from a long-term perspective and sustainability of device deployment with integration are vital aspects to be considered for a productive device strategy. 

With our varied Mobile Device Management (MDM) solutions and Internet of Things (IoT) technologies, Entgra can help you formulate the most fitting strategy for your enterprise. Our recommendations precede a comprehensive analysis of your device specifications, their functionality and configurations, defined ownership and administrative policies, pre-work device check, monitoring and their distribution,  complete with a pilot run on device deployment in the field.  As part of our assistance in managing your ecosystem, we will also help you with App development, identity and access management (IAM) and storage options. 

Resilience and Agility: The Way Forward

Resilience, in enterprise terms, is a measure of your ability to swiftly adapt to disruptions while maintaining continuous business operations and safeguarding your employees, assets, and overall brand equity. Resilient organizations are better able to respond and correct their course quickly with changes. 

Faced with the adversities introduced by the pandemic, enterprises that are actively taking measures to optimally tackle the changes are positioned with a competitive edge to be able to progressively move forward retaining most of their strength in vying to make the most of the situation. 

Building a more responsive organization in terms of infrastructure and operational flow to increase agility and flexibility with room for flexing is therefore of utmost importance. This in turn translates into facilitating seamless workflows and remote working environments against a backdrop of changing and evolving technology usage, both by organizations and individuals. 

Entgra offers you a single platform for device integration with comprehensive endpoint management capabilities where you are able to expose devices as APIs securely with identity federation for managing human and device identities. Enabling custom integrations with broad built-in capabilities, and for developing end-to-end applications, our secure, customizable platform can manage all types of devices and applications. Complete with device and endpoint data analytics for systematic decision making, our IoT platform together with our Enterprise Mobility Management (EMM) solutions will enable you to remain resilient, relevant, and flexible to respond to present and future changes.

Get in touch with us to learn more about how we can help you.