Moving CMMS to the cloud
Web-based CMMS can save money, but security must be robust
Moving to a web-based CMMS implementation has the potential to save money for companies that are self-hosting the systems internally, but robust security is a necessity.
Companies that currently host systems on-premises have several options, including:
- Converting and consolidating servers to virtual machines (VMs) on premises
- Converting and/or consolidating servers to VMs in the cloud
- Converting or configuring software to run on PaaS (platform as a service) in the cloud
- Buy or migrate to a cloud hosted solution
The approach for each company would vary on several factors, including their appetite for capital investment vs. operational expenses, current license agreements, ability to execute technical solutions and size of the current environment. Each company should weigh the short and long-term strategy to understand the impacts of a cloud-hosted solution.
IIoT devices and environments have the potential to pass large amounts of data over the wire. This much data in a cloud-hosted environment could have a large financial impact, based on the cost to move data into and out of the environment. Special attention should be paid to the polling intervals for devices when estimating the cost and potential impact to the network and application. Properly implemented to address the right use cases, the cost of implementing a CMMS with IIoT integrations could have a large and meaningful impact on overall manufacturing operational costs. Historical data captured from these devices and integrated into the CMMS are the cornerstone to predicting future failures and allowing for proper planning and maintenance.
The cost of storage for cloud-based services is cheap and only continuing to become cheaper. Backups of data could always be held on premises if a company desires. Most cloud-based solutions offer geo-redundant, highly available copies of data for very reasonable prices. Companies that haven't or don't have the means to invest in capital-intensive hardware solutions will find extremely cost competitive solutions available. In many instances, the administration of backups is simplified as well, with solutions enabling a full real-time backup with transactional log shipments with a few clicks of the mouse.
Systems are only as secure as the weakest link. IIoT networks are not exempt, if not more vulnerable than traditional infrastructure. Fragmented standards and approaches combined with industry hype have probably left many early adopters at greater risk. Careful consideration should be given to IIoT networks, as they present a very difficult security footprint for administrators to address. Security considerations and risk assessments should be completed for each layer of the application from the hardware up to presentation layer and down to the database. A few items for someone considering an implementation should include:
- Physical security and access to the devices and hubs
- Communication protocols and standards (BT, WiFi, ZigBEE, etc.) used for M2M and device to system communications
- Authentication and authorization of devices and users to the network
- Data encryption (over the air, wire, and at rest)
- Security training and education (human elements are consistently the biggest security risk)
Properly implemented, IIOT can be as secure as traditional environments, but the level of integration and complexity will add risk to adoption. Finding a proper balance of a company’s appetite for risk and return on operational efficiencies will most likely drive the breadth and depth of their IIoT implementation. Until more OEMs and service providers provide more cost efficient end-to-end solutions that address the security implications, the rate of successful adoption may continue to be expensive and/or risky.