How to Benefit from the Shortcomings of IoT
The Internet of Things (IoT) offers the advanced connectivity of devices and services by connecting the physical world to the virtual world in the exchange of data in real-time. Despite the many promising opportunities IoT offers, it is still surrounded by many misconceptions that lead professionals to ignore its promise. Many of these misconceptions are wrong and do not encapsulate the actual issues surrounding IoT. The following is taken from an article from Redmond Channel Partner, in which Howard Cohen explains many of the problems with IoT and how Microsoft partners can actually offer solutions to these problems and benefit in the process. To read the full article, follow the link at the bottom of the page.
Before moving on to the real problems, let’s begin with the misconceptions surrounding IoT:
- It’s simply too new. Years will pass before there is any real opportunity in the IoT.
- There is no clear path for a company like mine to find opportunities.
- There is no IoT and there’s not ever going to be one. It’s all marketing hype, just like “cloud.”
- There’s nothing to these “things.” They don’t need any kind of servicing. Plug ‘n’ play.
Luckily, these misconceptions are unfounded. First off, IoT is not new. By 2008, the number of “things” connected to the internet had already exceeded the number of people on earth. A report from Statistica Inc. forecasts that there will be more than 50 billion things by 2020, up from only 22.9 billion last year. This creates huge and growing IT partner opportunities, because even though these “things” have actually been on the Internet for quite some time, many of these “things” are cheaply made, poorly resourced and highly fallible. In summary, these “things” suck.
WHY THE “THINGS” OF IOT FALL SHORT
Security is one of the biggest issues facing the “things” of IoT. With the appearance of Mirai this past fall, the security problems facing IoT came to light. Mirai is malware that scans the Internet for vulnerable devices and takes advantage of the fact that few users ever change the default passwords on webcams and other IoT devices. Mirai uses a number of standard username/password combinations in order to take over thousands of IoT devices and gather them into a giant botnet reporting to command and control servers. While the devices are weak in terms of their individual compute capability, their sheer numbers create the potential for distributed denial of service (DDoS) attacks of unprecedented scale.
IoT had a coming-of-age security moment last October when the first of three Mirai-based DDoS attacks hit Dyn, a major domain name services provider. IoT devices flooded the DNS provider with malicious requests, disrupting major Web sites like Spotify, Twitter, and PayPal. This attack was not the last use of Mirai and its use is not expected to end anytime soon. Even once the specific vulnerabilities Mirai can exploit are narrowed to make it close to irrelevant, the exponential growth in IoT device usage means similar malware is guaranteed to continue to emerge to exploit such a rich target. Symantec Corp. quantified this claim saying that “the average IoT device is scanned every two minutes. This means that a vulnerable device, such as one with a default password, could be compromised within minutes of going online.” Additionally, even when not under attack, these everyday devices, including security cameras, cars, switches, and sensors, have problems.
JP Vasseur, a Cisco fellow and co-chair of the IETF Working Group, offered an overview of the challenges facing IoT in a blog post. “The industry has for some time been working to develop new IPv6 protocols designed specifically for constrained networking environments such as IP smart objects. IPv6 is the 128-bit Internet Protocol addressing system that is slowly replacing the original 32-bit IPv4 we’re all accustomed to,” Vasseur wrote. “These smart objects typically have to operate with very limited processing power, memory and under low energy conditions, and as a result, require a new generation of routing protocols to help them connect to the outside world. When compared to computers, laptops or even today’s generation of smart phones, traditional IPv6 protocols tend to work less effectively or consume energy at too rapid a rate for these small, self-contained devices or sensors that are often powered by small batteries that are difficult to replace.” Additionally, these challenges are compounded by the virtual impossibility of avoiding hardware failures with so many devices involved in data handling.
These issues create opportunities. There is an opportunity to differentiate offerings through superior fault management. There are opportunities at every level of the stack for high-end developers to create protocol-level software that supplements the high-error rate of these low-cost hardware “things.” Clearly, there’s also significant opportunity available to channel partners in simply monitoring and maintaining the often low-quality and problem-prone devices themselves.
LOOKING FORWARD WITH IPV6
The explosion of IoT is accelerating pressure on a huge technical change that offers a related project opportunity for Microsoft partners. We’ve run out of IPv4 addresses to assign to things. Every device on the Internet, and every device on private networks that uses the TCP/IP protocol, must have an IP address. Through IPv4, IP addresses were assigned with four numbers between 0 and 255 each separated by dots. This allowed for 4.3 billion computations. By September of 2012, there were no more IPv4 addresses to assign. IPv6 addresses this issue using a 128-bit structure as opposed to IPv4’s 32-bit, so that the available number of addresses is 3.4 undecillion, a number so large as to be difficult to comprehend.
MAKING THE TRANSITION TO IPv6
For many, the transition to IPv6 began years ago with hybrid strategies allowing more time as users ran their networks using both address structures. Because the address structures are so different from one another, and IPv6 uses a different data packet structure, IPv4 devices and IPv6 devices cannot interoperate without using some form of gateway. The most popular co-existence hybrid strategies include tunneling, in which the IPv6 traffic is encapsulated into the IPv4 header, though this introduces additional overhead; dual-stack, which basically does the reverse using address translation; or cloud-based translation services.
With the need of IP addresses growing exponentially every day, the transition to IPv6 needs to be a top priority for anyone and everyone who uses the internet, yet the majority of organizations haven’t even begun planning yet. Every IPv6 transition requires two major projects with plenty of replacement hardware and months of services. The first will create a hybrid between IPv4 and IPv6 so everyone can continue using the Internet. Then, someday, we’ll all need to shift to pure IPv6.
MANAGING THE IOT
Clearly there are opportunities for ISVs and vertical specialists in seeding IoT sensors throughout manufacturing floors and in countless other advanced solutions. But the problems with IoT mean there will be opportunities galore in IoT for less-specialized partners. Though the term “managed services provider” has been rendered almost meaningless by the wide variety of channel players who leverage it, the need for monitoring and management reaches every facet of information technology. To name a few, there is performance management, outage management, Service Level Agreement (SLA) and Quality of Service (QoS).
Keep in mind that IoT includes systems like ICS, which require environmental sensors and controls at a highly granular level. Tomorrow’s IT services provider will be called upon to manage many more physical attributes, such as maintenance and replacement of these devices and environmental testing to assure proper performance. Similarly, new communication services based on microphones and speakers installed into bus stops, train stations and other venues will also require testing, maintenance and periodic servicing.
There will be billions of devices to manage, along with more sophisticated services, larger namespaces, more intricate security and new physical adjacencies. The challenges will be many and the solutions lucrative. In any language, that spells opportunity.