IoT encryption: a revenue driver for CSPs
Since then, despite IoT dialogue intensifying, relatively little attention has been given to how IoT data from fleets of connected devices will be secured. Perhaps ‘devices’ is the wrong word. For manufacturing plants, together with hotels, gas stations, retailers and a host of other enterprise beneficiaries, IoT is less about investing in new technologies and more about retrofitting sensors to existing machines and other physical assets.
This matters because IoT sensors have limited processing power and, as a result, are incapable of performing heavy duty computational functions, like encryption. So where does this leave us? We know that encryption is a deal breaker for IT decision makers but, at the same time, it seems beyond reach.
Happily, the solution is also a revenue opportunity for communication service providers (CSPs), and involves encryption being performed at a central point before the data is transmitted across the WAN. After all, the biggest risk to corporate data security does not come from the factory floor, the hotel staff, or the gas station attendant; it comes from the threat of that data being intercepted by a third party as it is being transmitted across the web.
By using a customer premises-based router as a managed service delivery platform, CSPs can centralise all of a customer’s IoT data from across their sites and provide encryption as a service, pre-transmission. This means that the CSP can hold both the encryption and the decryption keys centrally and securely, on behalf of the customer. What’s more, because the customer-premises equipment’s (CPE’s) functions are also managed by the CSP, it is about as tamper-resistant a piece of hardware as the enterprise is likely to find.
OneAccess’ experience in working with CSPs to develop this encryption-as-a-managed-service suggests that, as with most telco-managed services, subscription rates will be negotiated between the CSP and the customer on a case by case basis. An obvious key determinant here is the base cost of the service, but a number of other variables relative to each customer’s specific circumstances are also be taken into account, including the level of value–add the service delivers to each customer in terms of security and service continuity, or the number of other managed services the CSP has bundled into a ‘catch-all’ subscription.
The beauty in the model is its flexibility; unlike other ‘off-the-shelf’ managed services, IoT connectivity is usually negotiated as an individual project, meaning that the supporting encryption component of the contract can be easily tailored to fit the project requirements of each customer.
Corporate hacks from dissident groups are at record levels and, if Edward Snowden’s revelations are to be believed, clandestine state-sponsored surveillance is far more widespread than originally imagined. With this in mind, enterprise decision makers are right to tread carefully and insist on bulletproof encryption. After all, in the wrong hands, IoT data has the potential to expose an organisation’s operational weaknesses in almost immeasurably greater detail than a corporate hacks is able to achieve today.
CSPs can deliver the reassurances required and drive revenue at the same time. To do so, however, they need the right solution. This is yet another reason to celebrate the versatility and revenue-enabling qualities afforded by today’s generation of CPE.
About the author:
Pravin Mirchandani is CMO of OneAccess – www.oneaccess-net.com