IoT devices are expected to exceed mobile phones as the largest category of connected devices in 2018, giving shrewd mobile operators a lot to benefit from. Unlike smartphones whose appetite for data grows every year, IoT devices such as those used to monitor the health of a car engine or for billing water or electricity are typically designed for low data rates, as such they generate a fraction of the revenue associated to a smartphone, between $0.3 to $3 per device depending on region.
In addition to connectivity IoT also presents a huge opportunity for operators to deliver value added services. The first generation of IoT service was to provide enterprise customers connectivity management and geo-location information derived from the mobile operator’s control systems. Jasper (now Cisco) was at the forefront of providing these types of services, and are now competing against other vendors and operator home grown systems.
A new generation of services will be derived from the IoT data plane. We estimate that IoT security will be the number one VAS in demand, as it is still viewed as the number one barrier to deploying IoT services. The following is a set of security services that can be deployed rapidly and will provide immediate value to an operator’s enterprise customers.
IoT Behavior Control
IoT devices are typically designed for a specific purpose, their behavior is predictable and how they communicate can be well defined into a profile. Elements of the profile can be applied as a policy (e.g when the device can communicate, and who with, including associated protocols) and some can be used for anomaly detection time of day and volume of traffic. This service would provide a first layer of protection to an IoT service.
IoT Service Security
Behavioral control can be augmented with a second layer that protects IoT devices against Bot and other types of Malware infection. Since the network is not the only means of loading Malware onto a device, this layer also detects, alerts and quarantines infected devices. Typically, such a service will have three components:
- A network based Anti-malware engine that blocks malware downloads
- Detection of Bot activity such as port scanning or mass DNS traffic for launching an IoT bot based DDoS attack and Botnet command and control traffic
- Quarantine and alert for infected IoT devices
Data Plan Protection
An additional service that an operator can offer is to prevent customer bill shock that stems from misuse of the IoT SIM card and abuse of its data plan. This would typically address fraudulent activity on stolen SIM cards or piggy-backing on an IoT device for its connectivity.
With IoT being estimated at a value of $1.8 trillion by 2026, there is no question of where the revenue opportunities are in the market today. As security remains a large barrier for many in embracing the IoT, this is the key value added service for operators, if they are looking to seize their slice of this extremely lucrative pie.