IoT is among us already, and mobile use cases are also becoming more common. However, the industry agrees that some fundamental issues still need to be understood by enterprises or solved by the industry.
MEF IoT advisor Andrew Parkin-White explores the issues of international connectivity and security with an expert panel comprising Graham Hart-Ives, Head of IoT Sales, JT Global, Stephen Fitzpatrick, VP IoT, Cellusys and Gerrit Jan Konijnenberg, advisor to MEF.
The ecosystem needs a more suitable tariff structure for IoT roaming
Beginning by exploring the key issues in IoT roaming, Graham initially identified the customer expectation of the same roaming rate across the globe reminding us that, in reality, this is only the case in the EU.
Watch the MEF IoT Webinar in full
Mobile Network Operators (MNOs) have typically structured tariffs around consumer offerings and not the small amounts of data that IoT devices will generate. An approach of a per line rather than a per Mbyte charge is much more suitable.
Gerrit concurred that IoT pricing needs a different scenario for IoT than for the consumer and that MNOs need inter-operator tariffs in place to develop the market stating that ‘wholesale enables retail’. MNOs still have much work to do on new IoT tariffs for 4G and then 5G. He sees great importance in raising the issues of roaming and the underlying cost structures. He makes the point that if a business is relying on very low cost IoT roaming communications, then it might be time to question the business case.
Flat rate IoT roaming across the world is a position sought by many enterprises. We are yet to reach this position and Graham points out that those capturing and using the data need to determine its value to them. Streaming in-car video is certainly not as interesting to automotive companies as telematics.
Multiple IoT roaming solutions are emerging and one size will not fit all
IoT applications are emerging across a variety of industries and diverse requirements will need different solutions. Stephen sees the challenge that many different ecosystems are available and each IoT roaming project has its own characteristics. MNOs and other ecosystem partners can help with these challenges and in navigating through complex issues. Sharing across the ecosystem would help to establish best practice. He sees similar needs emerging when roaming on 2G, 3G, 4G and NB-IoT networks, namely: good roaming rates, stability and the ability to maintain device connection.
We are seeing billions of connected IoT devices and security is becoming a major area of focus… It is important to build in security at the deployment stage and tackle security issues much earlier on, recognising where the vulnerabilities and threats lie in the ecosystem.“
Although Stephen sees ‘cellular as king’ for IoT roaming, there are other technologies available but roaming security remains an issue. Graham also identifies the importance of cellular but emphasises that SigFox and LoRaWAN have a place. LoRaWAN is very suitable for campus type environments with many IoT connections and offers high levels of control. Gerrit supports this view whilst identifying that the usage characteristics dictate the technology, for example, cellular is an appropriate solution when devices travel. Further considerations need to be around where the data is travelling from and to, how much data there will be and how secure that data will need to be.
Enterprises need to think ahead in developing an IoT roaming solution
The question of developing an IoT roaming solution in house or using a system integrator is a challenging one. Graham has seen both approaches and seen examples of good and poor outcomes. The key is to choose a trusted partner carefully, making sure that they understand the business benefits of the solution and be realistic about the problem to be solved. Futureproofing sensors, connectivity and security is key and all elements need longevity in the field. Planning for twice the estimated life in the field and ensuring that upgrades and bug fixes can happen is critical. Finally, seek advice on end-to-end security. IoT roaming projects are moving beyond automation and are transforming revenue streams, according to Stephen.
IoT security needs to be at the forefront
We are seeing billions of connected IoT devices and security is becoming a major area of focus. Whilst enterprises are conscious of security requirements, the emphasis on putting products into the field is greater. Security is often an afterthought. It is important to build in security at the deployment stage and tackle security issues much earlier on, recognising where the vulnerabilities and threats lie in the ecosystem.
Stephen sees particular security issues in mission-critical applications. Healthcare applications may have medical diagnostics, active tracking of pacemakers or insulin levels and disease prevention. Smart metering and national grids fall into the same category that can be vulnerable to attack. Most visible attacks have been denial of service and over 300 telecoms networks were subject to attack in 2017 principally in the areas of automotive, healthcare and manufacturing. Large and small companies alike have been attacked and some organisations find it impossible to continue after a security breach. Companies have often found it impossible to sell further product after a such a breach.
The desire for low cost IoT solutions and lack of standardisation can impede security
Despite the critical nature, spending on IoT security accounts for only a small fraction of overall IoT expenditure. With billions of IoT devices expected to connect, businesses need to think about security sooner rather than later. Graham states that the drive for the lowest cost product has had an impact on security as prices have headed downwards.
This is particularly the case in Europe and the Rest of the World. In the US, performance has been a major driver. Here standardisation is more prevalent and other regions would do well to follow the US example.
Placing low quality IoT products into the field can have an impact on security. In the US, an underperforming product is thrown off the network and blacklisted with the regulations in force. The same does not happen in Europe and the Rest of the World, although the panel believes it is only a matter of time before regulation takes effect as Governments become nervous about the vulnerability of key infrastructure. Standardisation on product quality is important as is the need to qualify the security levels required.
Education is critical in IoT security
Finally, we asked the panel for the single largest issue for mobile IoT security and the consensus is that educating customers is key. Stephen believes that business do not know or understand where IoT vulnerabilities lie and it is up to suppliers to show solutions to these problems.