Jack Waters, CTO, Level 3 Communications, discusses three network adjustments organisations should undertake for a smooth and secure transition towards a hyper-connected future.
Cisco estimates that over 50 billion devices and objects will be connected to the Internet by 2020. However, a problem remains, as many traditional networks are still manual, static and complex, which isn’t ideal for the Internet of Things (IoT). To realise the promise of a hyper-connected future, three shifts must take place.
Fibre. The bandwidth needed for the onslaught of IoT-connected devices should be enough to make anyone think about the fibre. At the Consumer Electronics Show held recently, a lot of discussions focused on this because of the emergence of 4K ultra-high-definition television.
The underlying conversation around 4K and 100Gbps has to do with fibre-optic networks. Getting cities – and consumers – hardwired with fibre will be a necessity for the future. The term Smart City has been used to characterise these communities that are investing in infrastructure and advancing science and technology efforts to securely collect and use data to do everything from decrease energy consumption to cut overhead costs and improve the life of residents.
IPv6. Right now, we aren’t actually seeing an overwhelming adoption of IoT devices in personal homes or offices. Cisco stated that more than 99 percent of things in the physical world remain unconnected. However, it’s only a matter of time before every single aspect of our life is Internet dependent.
In today’s environment, if consumers want their devices to be accessed outside of their homes or private networks, a user has to go into their Wi-Fi router and portmap it to an outside network. This is complicated and not very user-friendly.
To fix this, we must give public IP space to all of the ‘things.’ Great in theory, however, the rate of new ‘things’ is growing at such a rapid pace, the current method of assigning addresses won’t be able to accommodate the volume. In order to provide addresses for every device, the Internet will need to transition from IPv4 to IPv6.
So what’s the hold up? At the moment, there isn’t imminent financial motivation or competitive pressures for broadband providers to transition. As long as the market can efficiently work out the remaining sellable IPv4 address space to those that require it, the pressure to migrate to IPv6 will not fully materialise.
Over time, as the number of IoT devices increases and IPv4 addresses grow scarcer, financial and competitive pressures will rise accordingly, eventually leading to economic incentive for IPv6 transition. Consumers will demand the ability to interwork with every device seamlessly with speed, ease and expect that the ‘Internet’ will continue to be the ubiquitous, any-to-any network they grew accustomed to in its IPv4 origins. An IPv4 and IPv6 Internet, patched together with transitional technologies such as Network Address Translation, won’t be able to scale to the levels forecasted for IoT devices, not without cumbersome constraints. This perfect storm of consumer expectations and financial incentive is what is required for IPv6 to become a reality after all of these years.
Security. There is a lot of concern about what it will mean for the threat ecosystem to have millions of connected devices – especially those managed by consumers – available for malicious activity. If we don’t address the security issues rearing up today, we’re going to have a serious security situation. Right now, many companies are making Internet-connected devices that aren’t able to be patched or easily updated with new security rollouts. Considering many IoT devices collect personal data, security should be a concern for all.
IoT developers should do more to secure their products. For organisations using IoT, it is essential to do a rigorous analysis of the security controls built into IoT devices and services they wish to use. At a minimum, an audit of IoT device’s communications channel, use of encryption, an analysis of the type of data it collects, stores and transmits, and the security of the end-point(s) with which it communicates, is paramount.
Given IoT’s growth rate, and the resulting broadening of the cyber-attack surface, organisations must be ever more vigilant in conducting comprehensive risk analyses and in the implementation of proper governance structures. A risk-based approach is the best way to balance the risk of using IoT with its unlimited productivity benefits.