Research has suggested that the industry will grow from US$900billion in 2014 to US$4.3trillion by 2024. Despite this, alongside this raft of growth and opportunity comes the heightened risk of security breaches.

Operators need to be smart with their investment when it comes to IoT. It’s all well and good chasing new sales leads and initiatives and reaping the rewards, but security needs to be high, if not at the top, of their agenda. More than 30 billion connected devices will be in use by 2025, of which cellular IoT — including 2G, 3G and 4G technologies – is forecast to account for about seven billion units.

Security attacks

With the increased number of devices accessing the core network, operators need to ensure they plan for the worse and have prevention measures in place for possible hijackers. The repercussions of such a breach can have serious consequences for both the operator and end user, as any device hijack can be a potential entry point to the network for an attack.

Security attacks can come in all different shapes and sizes. One of the more common breaches is the “man-in-the-middle” concept, whereby a hacker is looking to interrupt and breach communications between two separate systems. This attack can have severe consequences as the hacker secretly intercepts and sends messages between two parties when they are under the belief that they are communicating directly with each other.

Following this, the hacker can trick the recipient into thinking they are still getting a legitimate message. These attacks can leave the networks, and end-users, in a position of extreme vulnerability with regards to IoT, due to the nature of the devices being hacked. For example, these devices can be anything from industrial tools, machinery or transportation to innocuous connected “things” such as smart TV’s or connected fridges.

DDoS attacks

Another common threat posed to IoT networks is the denial of service (DoS) attacks. There can be a host of reasons for the network being unavailable, but it usually refers to the infrastructure that cannot cope due to capacity overload. In a Distributed Denial of Service (DDoS) attack, a large number of systems maliciously attack one target.

In comparison to hacking attacks like phishing or brute-force attacks, DDoS doesn’t usually try to steal information or leads to security loss, but the loss of reputation for the affected company can still cost a lot of time and money. Often customers also decide to switch to a competitor, as they fear security issues or simply can’t afford to have an unavailable service.

To tackle these issues, it’s paramount that access to the IoT devices for the applications should be through a controlled and secure environment that first authenticates and authorizes the user/application before allowing access to the core.

GTP and SCTP protocols

The first step for operators is to ensure any connection from the IoT device to the core network over S1 and Gb interfaces is fully authenticated. In order to do this, they must invest in and revisit the capabilities of their GTP and SCTP protocols, which will handle the hundreds of connections into the core network.

Authentication can be delivered by the RFC 4895 for the SCTP protocol without compromising performance or network monitoring visibility like IPsec/VPNs do. This can prove vital as networks are subject to attacks with greater frequency and demonstrated disastrous outcomes.

Alongside a highly reliable SCTP protocol, operators should implement a DTLS module. Such a solution gives operators peace of mind that eavesdropping and network tampering is dealt with, as well as helping detect and fix real-time connection failures, redundancy and fault tolerance for signaling applications and improved destination and peer path failure.

‘IoT provides a wealth’

In addition, it can also resolve the issue of bottlenecking in networking due to Diameter signaling, by allowing the Linux host to provide thousands of associations and connections.

It’s clear that the IoT provides a wealth of business and marketing opportunities for operators. But to ensure it’s not a short-lived fad, security must be taken seriously. Attacks on the networks can have detrimental impacts on both the operators, who can have their reputation diminished in seconds if vulnerabilities are publicised, and end-users, whose devices, and therefore livelihoods, are at risk.

Now is the time for the industry to lay down the foundations and realise the tools and protocols needed to secure the future.

Written by Robin Kent, director of European operations, Adax

The post IoT offers a ‘wealth of opportunity’ for the telecoms industry appeared first on DevOps Online North America.

According to The State of Database Deployments in Application Delivery survey, 90% of enterprise application teams face pressure to release applications more quickly, 93% have application delivery challenges because of database deployments, and 71% reported more than 50% of all significant application changes require database changes.

Database release automation

Incredibly, a majority of enterprises admitted to still manually reviewing, validating and deploying database changes, with 93% reporting challenges accelerating their database deployments, and 91% saying that they need to rework database changes multiple times to make sure they are production-ready.

Without database release automation, updating a mission-critical database to support an application change is a laborious, risky and time-consuming process that relies too heavily on human intervention.

Robert Reeves, co-founder and CTO at Datical, commented: “Because data is the most valuable asset an enterprise has, database deployments are a real challenge and must be managed very carefully. Sadly, database deployments have been widely ignored, in large part due to the high complexity and risk.

Application delivery pipeline

“These survey findings validate that if we continue the status quo, we will fail. It is beyond time to automate the database release process, just as we’ve done for the infrastructure provisioning and application release processes, to create a seamless and unified application delivery pipeline.

“As software professionals, we must ensure innovation and great customer experiences are brought to market faster for our companies.”

As application teams feel the increased pressure to release new, high-quality application innovation faster, enterprises are realising the need to include the database in their overall application delivery strategy.

Reduced application downtime

Diane Hagglund, principal researcher at Dimensional Research, commented: “As the research reveals, database deployments are a bottleneck that slows down the business and put application performance at risk.

“The good news is that the data also shows that there are clear and tangible benefits for all teams when database release automation is adopted.”

The research was conducted by a total of 303 individuals from large organisations from a range of vertical sectors at the end of February 2018.

Written from press release by Leah Alger

The post Research shows 93% of enterprises face application delivery challenges appeared first on DevOps Online North America.