The business world is catching on to the idea that machine-to-machine (M2M) communication is poised to transform the way many industries do business. Early adopters in M2M connectivity are already reaping benefits with everything from agricultural sensors and controllers for tractors and irrigation pumps to home health monitoring devices and transportation fleet navigation systems. These businesses are gaining operational efficiency, quality of service improvements, and the ability to create new revenue models, among other benefits.
Of course, M2M adoption isn’t just a simple process. By definition, M2M typically means that many more endpoints—including ‘dumb’ devices that cannot protect themselves—will be connected. And the more endpoints there are, the more complex and costly it becomes to secure and control communications to them—especially as they are distributed across wider geographic areas and involve more diverse systems. Not surprisingly, security is one of the biggest obstacles to widespread M2M adoption today.
With cellular coverage now nearly ubiquitous in many areas of the globe, commercial cellular networks are often a good choice for organizations to establish M2M connectivity. Using cellular networks offers tremendous flexibility to connect endpoints that are mobile or in remote locations, but it means turning over responsibility for security to the cellular provider. While these providers are generally invested in maintaining security, whether or not an organization can or should trust the provider to protect the integrity of the data being transmitted depends on the likelihood and severity of risks that are specific to the business.
For example, video from IP cameras can be a powerful loss prevention and risk management tool. However, some jurisdictions have very strict digital chain of custody standards that can render IP camera data inadmissible in court if the data has been handled by a third party. Depending on the case, properly authenticating data handled by a cellular provider could be difficult or even impossible if the data hasn’t been encrypted from end to end.
Yet implementing traditional security products—such as firewalls, VPNs, or VLANs—to protect M2M communications over shared networks is notoriously complex and cumbersome. As the scale and diversity of endpoints and systems increases, so does the complexity. And those security solutions still rely on IP or MAC addresses to establish identities, which is what hackers try to spoof to compromise the network.
Cellular carriers offer MPLS VPNs as enhanced security infrastructure for wireless communications, but dedicated MPLS networks are extremely costly, especially at scale. MPLS connectivity for a single site can average $1200 a month. Imagine a car manufacturer with 5 sites or a retailer with 100 sites to connect. That quickly adds up to an annual bill of $72,000 for 5 sites and more than $1.4 million for 100 sites.
With all of the security, cost, and control and issues around M2M connectivity, it’s no wonder that businesses and industries that have the potential to gain huge advantages have been slow to take on M2M initiatives. But, there are solutions that can take the cost and complexity out of securing M2M communications over cellular networks, and they are available today.
These new security platforms work by using Host Identity Protocol (HIP)—rather than traditional IP or MAC addresses—to establish unique cryptographic identities for protected endpoints. This means that hackers can’t spoof them, and they can’t see them because only explicitly whitelisted devices can access or see the footprint of other protected devices and systems. With all assets cloaked, end-to-end encryption secures communications between those endpoints over any mix of cellular, wired Ethernet, Wi-Fi, or satellite networks, so organizations can choose to use the networks that make the most economic and operational sense for their business.
Just as importantly, these new security solutions have been developed to eliminate complexities that have been inherent in traditional security products. They use automation and orchestration to simplify administration, and they make it possible to provision security at tremendous scale.
There’s a promising future in M2M, and for many industries, it will soon be a competitive necessity rather than a luxury. Now that there are highly secure, scalable, and cost-effective ways to protect M2M communications, it’s time to start reaping the business advantages of M2M connectivity.
About the author: Lucas Kane has led product management for Tempered Networks since May 2013. Kane helps Tempered Networks’ customers and partners bridge the OT and IT imperatives, and leverage the opportunities that come with the converged industrial enterprise. Prior to Tempered Networks, Kane executed award-winning product initiatives for companies such as Microsoft, Verizon, Samsung and HTC. During the dot com era, he played a fundamental role in developing first-of-a-kind web 1.0 content solutions for MountainZone, NBC and their affiliates.
Edited by
Ken Briodagh
