Proof of concept versus production deployments: The case for an enterprise IoT model

Connecting production IoT devices to a public network might be tempting, but a private IoT network will be more secure and reliable, argues Comms365's Nick Sacke

By 2025, according to analyst group IDC, there will be 41.6 billion connected devices - always on, always online, sending and receiving data.

However, organisations looking to deploy production networks at scale will face challenges that may compromise overall benefits - and security - if they are not addressed at an early stage.

In particular, many will be trialling their IoT use cases first on public ‘innovation' networks (due to the lower cost). But there are a number of vital elements missing in such services, which are standard features of an enterprise-grade production network design. These elements are fundamental to a future-proof, secure and reliable IoT deployment that can stand up to technical and commercial scrutiny.

While you can connect an IoT device and pass data on a public, open IoT network, there are limits on further functionality

SLA-driven networks

The backbone of an enterprise IoT solution is connectivity from device to application. Controlling radio mechanisms, authenticity and authentication are critical requirements of an enterprise network server. Providing a clear network overview, comprehensive metadata, gateway insights and management alerting for problems ensures a network design that can be operated and managed at scale.

In contrast, public, ‘open' IoT networks have been designed to encourage innovation for the individual user, and have been successful in sparking a training ground community of hobbyists, academics and interested parties that can connect and test their IoT devices and use cases.

Controlling radio mechanisms, authenticity and authentication are critical requirements of an enterprise network server

But while you can connect an IoT device and pass data on a public, open IoT network, there are limits on further functionality - there is no decoding of data, no management of the gateway, no quality of service on message delivery, or SLAs.

Guaranteed delivery

In a LoRaWAN network, the protocol used between gateway and server is user datagram protocol (UDP). Known as a packet forwarder, it simply takes a message and passes it on. But UDP, which is still common in many IoT gateways today, has difficulties with authentication and the ability to recover from losses on the network. There is a prolific use of these legacy protocols and techniques on public networks which provide no method to guarantee delivery of information.

A successful IoT implementation relies on guaranteed delivery of information from the gateways to the network server. But with legacy protocols used on public networks often being a cause of missing data points, this is a frequent cause of failed proof of concepts (PoC), casting a shadow of doubt over the reliability of the end to end solution.

UDP has difficulties with authentication and the ability to recover from losses on the network

In an IoT model fit for the enterprise, it's imperative to use software on the gateway which guarantees the reliable transfer of the data, and confirms it. A private network design, combined with software that confirms data delivery to the application layer - and can handle retransmission of the data if required - means that the quality of service (QoS) can be significantly improved.

If, under all conditions, there is high availability, as well as guaranteed secure and reliable data delivery, a PoC will be much safer and more secure. Even at the PoC stage, you still need to be able to demonstrate reliability, constant connection, failover and backup of connection, and with an enterprise model built on a single cloud private infrastructure, that can easily be achieved.

Building on an insecure platform might not be an immediate concern, but it typically ends with unforeseen problems

Security measures and standards

With an enterprise IoT model, there is a set of security techniques and standards that simplify compliance audits. It also requires little or no effort in terms of changing corporate firewalls and proxies - it has all the necessary security elements baked in from the start.

The first consideration for any deployment from the moment the first sensor and gateway are connected should be security. However, in practice it is often only taken into consideration when deployments start to scale or move into production. Building on an insecure platform might not be an immediate concern, but it typically ends with unforeseen problems when a solution is ready to scale.

Proof of concept versus production deployments: The case for an enterprise IoT model

Connecting production IoT devices to a public network might be tempting, but a private IoT network will be more secure and reliable, argues Comms365's Nick Sacke

The Enterprise IoT Network Server components are built with implemented security features at every layer and encourage the use of secure software and integrations. This means it does not compromise on security by using basic insecure software, which is a common scenario with Public Innovation Networks.

Automatic version updates

Building an IoT network at scale requires powerful operational and management tools, and complete overview of the network, users and resources, ensuring you maintain full control.

As a deployment scales, debugging, user management and valuable administrative tools are essential.

A successful IoT implementation relies on guaranteed delivery of information from the gateways to the network server

For example, in an IoT production deployment, there could be hundreds of gateways deployed. So how do you ensure the gateways have the latest security patches and software updates? In an enterprise IoT model, lifecycle management is highly automated. Along with the security and authentication, updates can be securely retrieved, self-updating, and due to this, the new version of software can be remotely installed/ run without any human intervention.

The same cannot be said for a public network - any updates or security patches would have to be retrieved and installed manually. For a large scale IoT rollout, this will be a significant challenge, potentially leaving the entire deployment vulnerable to attack and incurring lengthy downtime.

Go private

While public IoT networks have successfully encouraged innovation, when it comes to rolling out enterprise-grade production networks, an ultra-secure model that can demonstrate reliability, security and scalability is required.

It's not enough just to connect to a public network and show data flowing. Businesses must pay close attention to these crucial elements, or the deployment may never move out of the proof-of-concept stage, potentially putting revenues and return on investment at stake if the network is being relied upon to deliver key operational data and insights for action.

With an enterprise model that has security and reliability baked-in from the start, organisations can be assured that their private network is secure, reliable and can stand up to scrutiny - even in an era of increased regulatory requirements.

Nick Sacke is Head of IoT and Products at Comms365. As IoT is coming, Sacke recommends starting projects on private, enterprise-grade network designs, with all the necessary software and security features built-in