The adoption of connected devices has exploded recently. Gartner estimates that 25 billion “things” will be connected to the internet by 2020. Just as hiring troves of new people and scaling to new heights strains corporate infrastructure, so too the influx of IoT devices into a company puts new demands on existing enterprise IT infrastructure, resulting in numerous challenges. However, with every challenge to the integrity of enterprise IT infrastructure comes an opening for innovation through clarified business goals and better IoT systems integration.
The Rise of Edge Computing
IoT devices produce a large volume of data. Most require data to be processed quickly to deliver the low latency services they promise. With millions of connected devices worldwide, the easiest way to facilitate this through a distributed environment, moving the computing capability closer to each end-node: an approach known as edge computing. For example, the connected car driving down the street in New York cannot wait for a server in California to make a computation. Even 200 milliseconds of latency can be lethal. The solution is to have a “micro data center” closer to the actual car in New York so that the computation is made almost immediately.
Let’s Standardize IoT Device Communication
There are many transport layer protocols and standards available to support IoT communications, such as ZigBee, LoRa and Bluetooth. Each is best suited to different IoT applications—close range, long range, indoor, outdoor, etc. This is similar to the various transport layer standards we may be more familiar with in the traditional world of the internet. For example, consider the several flavors of WiFi and Ethernet, which are also used for IoT. There are also numerous IoT SDOs (Secure Device Onboard) and alliances which provide standards for connecting IoT devices to the internet. These alliances are typically industry- and context-specific (e.g. for smart homes, manufacturing, vehicles, and healthcare applications).
Device naming is a critical requirement in IoT for the obvious reason that IoT devices must be able to identify themselves. Otherwise, the information they collect and transmit has no value. Moreover, control systems that send data or commands to IoT devices need to be able to consistently identify each IoT device individually. In short, every IoT device is on the internet (by definition) and each requires a unique identifier—in other words, a name.
There are different naming standards and conventions for IoT—e.g. barcodes, RFID, smart cards—but there is no single name service to support them. There is also a lack of standardization in IoT naming. There are barcodes (EPC), smart cards, sensors, GPS and more, but no standardized, mutually intelligible language with which they can communicate. A standardized name service could help accelerate innovation in IoT, enabling lower cost and easier, more reliable interoperability.
DNS looks like an obvious choice. There are several good reasons. DNS uses a hierarchical naming convention which is very similar to the naming standards used in IoT. It’s highly scalable, performant, and resilient. It’s proven technology that has security mechanisms available, and IoT cybersecurity is a huge concern.
Secure DNS Is a Top Priority
IoT security is a top concern in several respects. Some IoT devices perform highly sensitive functions—for example, in healthcare, industrial control systems, and autonomous vehicles. It’s vitally important that these devices are well secured from compromise. As we have already seen with the Mirai botnet, enterprise IoT devices can also be used to launch broadside attacks on larger enterprise networks with common cybersecurity vulnerabilities like DDOS. Even devices that perform non-sensitive functions can be weaponized. It’s therefore essential that communications with IoT devices are robustly fortified.
DNS as a Solution for Enterprise IoT Cybersecurity
DNS can play an important role in securing IoT systems. It provides authentication mechanisms, such as DNSSEC and DANE—DNS-based Authentication of Naming Entities—which can help prevent an IoT device or gateway from connecting to a malicious server seeking to cache malware. There are also privacy mechanisms available with DNS such as DNS-over-TLS (Transport Layer Security) and HTTPS.
Many IoT devices have been developed and deployed without solutions providers adequately thinking through enterprise IoT cybersecurity concerns. The problem remains without a coordinated and compelling solution. Fortunately, there are well-established protocols from the “standard” internet, such as DNS, which can help foster cybersecurity innovation in IoT through standardized naming and communication while also providing much-needed methods to secure IoT communications.
As more IoT devices enter the market, it will put a strain on the global internet. This will require a significant effort to systematize and upgrade for growth patterns. As enterprises embrace these new, connected technologies, we must ensure that our existing IT infrastructure, standards, and security best practices keep pace with the rapaciousness of IoT innovation.
Written by Jonathan Lewis, VP product marketing, NS1