Archive | Devices RSS feed for this section

5G mobile networks: A cheat sheet

17 Aug

As LTE networks become increasingly saturated, mobile network operators are planning for the 5G future. Here is what business professionals and mobile users need to know about 5G networks.

What is 5G?

5G refers to the fifth generation of mobile phone networks. Since the introduction of the first standardized mobile phone network in 1982, succeeding standards have been adopted and deployed approximately every nine years. GSM, the 2nd generation wireless network, was first deployed in 1992, while a variety of competing 3G standards began deployment in 2001. The 4G LTE wireless technology standard was deployed by service providers in 2010. Now, technology companies and mobile network operators are actively deploying 5G cellular networks around the world for new mobile devices. These 5G deployments accompany transitional LTE technologies such as LTE Advanced and LTE Advanced Pro, which are used by network operators to provide faster speeds on mobile devices.

Principally, 5G refers to “5G NR (New Radio),” which is the standard adopted by 3GPP, an international cooperative responsible for the development of the 3G UMTS and 4G LTE standards. Other 5G technologies do exist. Verizon’s 5G TF network operates on 28 and 39 GHz frequencies, and is used only for fixed wireless broadband services, not in smartphones. Verizon’s 5G TF deployments were halted in December 2018, and will be transitioned to 5G NR in the future. Additionally, 5G SIG was used by KT for a demonstration deployment during the 2018 Winter Olympics in Pyeongchang.

5G NR allows for networks to operate on a wide variety of frequencies, including the frequencies vacated by decommissioning previous wireless communications networks. The 2G DCS frequency bands, the 3G E-GSM and PCS frequency bands, and the digital dividend of spectrum vacated by the transition to digital TV broadcasts are some of the bands available for use in 5G NR.

5G standards divide frequencies into two groups: FR1 (450 MHz – 6 GHz) and FR2 (24 GHz – 52 GHz). Most early deployments will be in the FR1 space. Research is ongoing into using FR2 frequencies, which are also known as extremely high frequency (EHF) or millimeter wave (mmWave) frequencies. Discussions of the suitability of millimeter wave frequencies have been published in IEEE journals as far back as 2013.

Millimeter wave frequencies allow for faster data speeds, though they do come with disadvantages. Because of the short distance of communication, millimeter wave networks have a much shorter range; for densely-populated areas, this requires deploying more base stations (conversely, this makes it well suited to densely-populated places such as arenas and stadiums). While this would be advantageous in certain use cases, it would be a poor fit for use in rural areas. Additionally, millimeter wave communication can be susceptible to atmospheric interference. Effects such as rain fade make it problematic for outdoor use, though even nearby foliage can disrupt a signal.

Tests of early 5G mmWave networks by sister site CNET surfaced a number of performance problems, with the Moto Z3Samsung Galaxy S10 5G, and LG V50 depleting their battery faster than on 4G networks. In the case of the Moto Z3—which uses a pogo-pin connected Moto Mod add-on to deliver 5G—four hours of testing completely drained the battery in the attachment; the use of sub-6 GHz 5G networks is expected to lessen this effect. Likewise, increased efficiency in Qualcomm’s upcoming Snapdragon X55 modem will alleviate some performance issues.

It is vital to remember that 5G is not an incremental or backward-compatible update to existing mobile communications standards. It does not overlap with 4G standards like LTE or WiMAX, and it cannot be delivered to existing phones, tablets, or wireless modems by means of tower upgrades or software updates, despite AT&T’s attempts to brand LTE Advanced as “5G E.”While upgrades to existing LTE infrastructure are worthwhile and welcome advances, these are ultimately transitional 4G technologies and do not provide the full range of benefits of 5G NR.

For an overview of when 5G smartphones are being released, as well as the benefits and drawbacks of 5G smartphones, check out TechRepublic’s cheat sheet about 5G smartphones.

What constitutes 5G technology?

For mobile network operators, the 3GPP has identified three aspects for which 5G should provide meaningful advantages over existing wireless mobile networks. These three heterogenous service types will coexist on the same infrastructure using network slicing, allowing network operators to create multiple virtual networks with differing performance profiles for differing service needs.

eMBB (Enhanced Mobile Broadband)

Initial deployments of 5G NR focused on eMBB, which provides greater bandwidth, enabling improved download and upload speeds, as well as moderately lower latency compared to 4G LTE. eMBB will be instrumental in enabling rich media applications such as mobile AR and VR, 4K and 360° video streaming, and edge computing.

URLLC (Ultra Reliable Low-Latency Communications)

URLLC is targeted toward extremely latency sensitive or mission-critical use cases, such as factory automation, robot-enabled remote surgery, and driverless cars. According to a white paper (PDF link) by Mehdi Bennis, Mérouane Debbah, and H. Vincent Poor of the IEEE, URLLC should target 1ms latency and block error rate (BLER) of 10−9 to 10−5, although attaining this “represents one of the major challenges facing 5G networks,” as it “introduces a plethora of challenges in terms of system design.”

Technologies that enable URLLC are still being standardized; these will be published in 3GPP Release 16, scheduled for mid-2020.

mMTC (Massive Machine Type Communications)

mMTC is a narrowband access type for sensing, metering, and monitoring use cases. Some mMTC standards that leverage LTE networks were developed as part of 3GPP Release 13, including eMTC (Enhanced Machine-Type Communication) and NB-IoT (Narrowband IoT). These standards will be used in conjunction with 5G networks, and extended to support the demands of URLLC use cases on 5G networks and frequencies in the future.

The ways in which 5G technologies will be commercialized are still being debated and planned among mobile network operators and communications hardware vendors. As different groups have differing priorities, interests, and biases, including spectrum license purchases made with the intent of deploying 5G networks, the advantages of 5G will vary between different geographical markets and between consumer and enterprise market segments. While many different attributes are under discussion, 5G technology may consist of the following (the attributes are listed in no particular order).

Proactive content caching

Particularly for millimeter wave 5G networks, which require deploying more base stations compared to LTE and previous communications standards, those base stations in turn require connections to wired backhauls to transmit data across the network. By providing a cache at the base station, access delays can be minimized, and backhaul load can be reduced. This has the added benefit of reducing end-to-end delay. As 4K video streaming services—and smartphones with 4K screens—become more widespread, this caching capability will be important to improve quality of service.

Multiple-hop networks and device-to-device communication

In LTE networks, cellular repeaters and femtocells bridge gaps in areas where signal strength from traditional base stations is inadequate to serve the needs of customers. These can be in semi-rural areas where population density complicates serving customers from one base station, as well as in urban areas where architectural design obstructs signal strength. Using multiple-hop networks in 5G extends the cooperative relay concept by leveraging device-to-device communication to increase signal strength and availability.

Seamless vertical handover

Although proposals for 5G position it as the “one global standard” for mobile communications, allowing devices to seamlessly switch to a Wi-Fi connection, or fall back to LTE networks without delay, dropped calls, or other interruptions, is a priority for 5G.

Who does 5G benefit?

Remote workers / off-site job locations

One of the major focuses of 5G is the ability to use wireless networks to supplant traditional wireline connections by increasing data bandwidth available to devices and minimizing latency. For telecommuters, this greatly increases flexibility in work locations, allowing for cost-effective communication with your office, without being tied to a desk in a home office with a wireline connection.

For situations that involve frequently changing off-site job locations, such as location movie shoots or construction sites, lower technical requirements for 5G deployment allow for easily set up a 5G connection to which existing devices can connect to a 5G router via Wi-Fi. For scenes of live breaking news, 5G technologies can be used to supplant the traditional satellite truck used to transmit audio and video back to the newsroom. Spectrum formerly allocated to high-speed microwave satellite links has been repurposed for 5G NR communication.

Internet of Things (IoT) devices

One priority for the design of 5G networks is to lower barriers to network connectivity for IoT devices. While some IoT devices (e.g., smartwatches) have LTE capabilities, the practical limitations of battery sizes that can be included in wearable devices and the comparatively high power requirements of LTE limit the usefulness of mobile network connectivity in these situations. Proposals for 5G networks focusing on reducing power requirements, and the use of lower-power frequencies such as 600 MHz, will make connecting IoT devices more feasible.

Smart cities, office buildings, arenas, and stadiums

The same properties that make 5G technologies a good fit for IoT devices can also be used to improve the quality of service for situations in which large numbers of connected devices make extensive use of the mobile network in densely populated areas. These benefits can be realized easily in situations with variable traffic—for instance, arenas and stadiums are generally only populated during sporting events, music concerts, and other conventions. Large office towers, such as the 54-story Mori Tower in Tokyo’s Roppongi Hills district, are where thousands of employees work during the week. Additionally, densely populated city centers can benefit from the ability of 5G networks to provide service to more devices in physically smaller spaces.

When and where are 5G rollouts happening?

Early technical demonstrations

The first high-profile 5G rollout was at the 2018 Winter Olympic Games in Pyeongchang, South Korea. KT (a major mobile network operator) Samsung, and Intel collaborated to deliver gigabit-speed wireless broadband, and low-latency live streaming video content. During the games, 100 cameras were positioned inside the Olympic Ice Arena, which transmitted the video to edge servers, then to KT’s data center to be processed into “time-sliced views of the athletes in motion,” and then transmitted back to 5G-connected tablets for viewing. This demonstration used prototype 5G SIG equipment, which is distinct from the standardized 5G NR hardware and networks being commercialized worldwide.

Similarly, Intel and NTT Docomo have announced a partnership to demonstrate 5G technology at the 2020 Tokyo Olympic Games. The companies will use 5G networks for 360-degree, 8K-video streaming, drones with HD cameras, and smart city applications, including “pervasive facial recognition, useful for everything from stadium access to threat reduction.”

Other 5G tests and rollouts have occurred worldwide. Ericsson and Intel deployed a 5G connection to connect Tallink cruise ships to the Port of Tallinn in Estonia. Huawei and Intel demonstrated 5G interoperability tests at Mobile World Congress 2018. In China, ZTE conducted tests in which the company achieved speeds in excess of 19 Gbps on a 3.5 GHz base station. Additionally, in tests of high-frequency communications, ZTE exceeded 13 Gbps using a 26 GHz base station, and a latency of 0.416 ms in a third test for uRLLC.

Where is 5G available in the US?

Verizon Wireless deployed mmWave-powered 5G, marketed as “Ultra Wideband (UWB),” in Chicago, IL and Minneapolis, MN on April 3, 2019; in Denver, CO on June 27, 2019; in Providence, RI on July 1, 2019; in St. Paul, MN on July 18, 2019; and in Atlanta, GA, Detroit, MI, Indianapolis, IN, and Washington, DC on July 31, 2019.

Future deployments of Verizon’s 5G services have been announced for Boston, MA, Charlotte, NC, Cincinnati, Cleveland, and Columbus, OH, Dallas, TX, Des Moines, IA, Houston, TX, Little Rock, AR, Memphis, TN, Phoenix, AZ, Providence, RI, San Diego, CA, and Salt Lake City, UT, as well as Kansas City, by the end of 2019.

Verizon Wireless started deployments of its 5G fixed wireless internet service on October 1, 2018 in Los Angeles and Sacramento, CA, Houston, TX, and Indianapolis, IN. Verizon’s initial 5G network deployments use its proprietary 5G TF hardware, though the company plans to transition these networks to 5G NR in the future. Verizon’s 5G TF network is only used for home internet service, not in smartphones.

AT&T has active 5G deployments in Atlanta, GA, Austin, Dallas, Houston, San Antonio, and Waco, TX, Charlotte, NC, Indianapolis, IN, Jacksonville and Orlando, FL, Las Vegas, NV, Los Angeles, San Diego, San Francisco, and San Jose, CA, Louisville, KY, Nashville, TN, New Orleans, LA, New York City, NY, Oklahoma City, OK, and Raleigh, NC. Deployments have also been announced for Chicago, IL, Cleveland, OH, and Minneapolis, MN.

AT&T has deployed LTE Advanced nationwide; the company is marketing LTE Advanced as a “5G Evolution” network, though LTE-Advanced is not a 5G technology. AT&T has a history of mislabeling network technologies; the company previously advertised the transitional HSDPA network as 4G, though this is commonly considered to be an “enhanced 3G” or “3.5G” standard.

Sprint started deployments of 5G on May 30, 2019 in the Dallas / Ft. Worth and Houston, TX, Kansas City / Overland Park, KS, and Atlanta, GA metro areas. Sprint’s 5G networks run on 2.5 GHz, providing more widespread coverage throughout a region than is possible on line-of-sight mmWave connections, though with a modest decrease in speed compared to mmWave networks. Sprint activated 5G service in Chicago on July 11, 2019. The company has also announced plans to deploy 5G in Los Angeles, CA, New York, NY, Phoenix, AZ, and Washington, DC.

T-Mobile USA has active 5G services in Atlanta, GA and Cleveland, OH, with future plans to bring 5G services to Dallas, TX, Los Angeles, CA, Las Vegas, NV, and New York, NY. T-Mobile’s deployment is powered by Ericcson AIR 3246 modems, which support both 4G LTE and 5G NR. This equipment allows for 5G and LTE networks to be operated from the same equipment.

The purchase of Sprint by T-Mobile has been approved by the Justice Department, though a multi-state lawsuit is aiming to prevent the deal from proceeding. If the merger goes forward, “only the New T-Mobile will be able to deliver… real, game-changing 5G,” according to T-Mobile CEO John Legere in a June 2019 blog post. Following a merger, the New T-Mobile will have 600 MHz low-band, 2.5 GHz mid-band, and mmWave spectrum holdings, putting it at an advantage relative to AT&T and Verizon.

Where is 5G available in the UK?

EE debuted 5G services in Belfast, Birmingham, Cardiff, Edinburgh, London, and Manchester on May 30, 2019. Availability of 5G by the end of 2019 is planned for Bristol, Coventry, Glasgow, Hull, Leeds, Leicester, Liverpool, Newcastle, Nottingham, and Sheffield. Availability of 5G in 2020 is planned for Aberdeen, Cambridge, Derby, Gloucester, Peterborough, Plymouth, Portsmouth, Southampton, Wolverhampton, and Worcester.

BT, which owns EE, is anticipated to deploy separate BT-branded 5G services in London, Manchester, Edinburgh, Birmingham, Cardiff, and Belfast in autumn 2019.

Vodafone provides 5G services in Birkenhead, Birmingham, Bolton, Bristol, Cardiff, Gatwick, Glasgow, Lancaster, Liverpool, London, Manchester, Newbury, Plymouth, Stoke-on-Trent, and Wolverhampton at present, with deployments planned for Blackpool, Bournemouth, Guildford, Portsmouth, Reading, Southampton, and Warrington by the end of 2019.

Three will begin rollout of 5G services in London in August 2019, with services for Birmingham, Bolton, Bradford, Brighton, Bristol, Cardiff, Coventry, Derby, Edinburgh, Glasgow, Hull, Leeds, Leicester, Liverpool, Manchester, Middlesbrough, Milton Keynes, Nottingham, Reading, Rotherham, Sheffield, Slough, Sunderland, and Wolverhampton expected before the end of the year.

Three and Vodafone do not charge a premium for 5G network services in the UK, compared to their rate plans for 4G.

O₂ announced availability of 5G services for Belfast, Cardiff, Edinburgh, London, Slough, and Leeds “from October 2019,” with plans to bring expand 5G services to “parts of 20 towns and cities, before rolling out to a total of 50 by summer 2020.”

Where is 5G available in Australia?

Optus has 100 5G-capable sites in service, and has pledged to build 1,200 by March 2020.

Telstra commenced rollout of 5G networks, starting with the Gold Coast in August 2018. Telstra services select neighborhoods in Adelaide, Brisbane, Canberra, Gold Coast, Hobart, Launceston, Melbourne, Perth, Sydney, and Toowoomba.

Australia’s National Broadband Network (NBN) operator has declared its intent to provide 5G fixed wireless internet access in a statement to ZDNet.

Chinese vendors Huawei and ZTE have been banned by the Australian government from providing 5G networking equipment to mobile network operators due to national security concerns.

Where else in the world is 5G available?

South Korea was the first country to have a commercially available 5G network, with SK Telecom, KT, and LG Uplus activating 5G networks on April 3, 2019, two hours before Verizon Wireless activated 5G in the US, according to ZDNet’s Cho Mu-Hyun. By April 30, 2019, 260,000 subscribers in South Korea were using 5G networks. KT, the country’s second-largest mobile carrier, is working on deployments of in-building repeaters for use in crowded buildings such as airports and train stations.

5G is also seen as vital for economic development among Gulf states, with Saudi Arabia including 5G as part of the Vision 2030 economic development plan, and Qatari network operator Ooredoo claiming “the first commercially available 5G network in the world” on May 14, 2018, prior to the availability of smartphones that can use 5G.

Ookla maintains a map of 5G network services worldwide, with networks categorized into Commercial Availability, Limited Availability, and Pre-Release to demonstrate the extent of availability for each observed deployment.

How does a 5G future affect enterprises and mobile users?

As technology advances, older devices will inevitably reach end-of-life; in the mobile space, this is an outsized concern, as wireless spectrum is a finite resource. Much in the same way that the digital switchover occurred for over-the-air TV broadcasts, older mobile networks are actively being dismantled to free spectrum for next-generation networks, including transitional LTE Advanced, LTE Advanced Pro, and “true” 5G networks.

In the US, AT&T disabled its 2G network on January 1, 2017, rendering countless feature phones—as well as the original iPhone—unusable. Verizon plans to disable its legacy 2G and 3G networks by the end of 2019, which will render most feature phones and older smartphones unusable, as well as IoT devices such as water meters. Verizon stopped activations of 3G-only phones in July 2018. End-of-life plans for the 2G networks of Sprint and T-Mobile have not been publicly disclosed.

Additionally, as 5G is used increasingly to deliver wireless broadband, wireline broadband providers will face competition as the two services approach feature parity. With many people using smartphones both as their primary computing device and for tethering a traditional computer to the internet, the extra cost of a traditional wireline connection may become unnecessary for some people, and enable those outside the reach of traditional wireline connections to have affordable access to high-speed for the first time.

Business customers may also integrate 5G technology in proximity-targeted marketing. 5G’s reliance on microcells can be used as a secondary means of verification to protect against GPS spoofing, making proximity-targeted marketing resistant to abuse.

As 5G specifications are designed around the needs of businesses, the low-power and low-latency attributes are expected to spark a revolution in IoT deployments. According to Verizon Wireless President Ronan Dunne, 5G will enable the deployment of 20 billion IoT devices by 2020, leading to the creation of the “industrial internet,” affecting supply chain management, as well as agriculture and manufacturing industries. These same attributes also make 5G well suited to use cases that require continuous response and data analysis, such as autonomous vehicles, traffic control, and other edge computing use cases.

Source: https://clearcritique.com/5g-mobile-networks-a-cheat-sheet/

Advertisements

IoT, encryption, and AI lead top security trends for 2017

28 Apr

The Internet of Things (IoT), encryption, and artificial intelligence (AI) top the list of cybersecurity trends that vendors are trying to help enterprises address, according to a Forrester report released Wednesday.

As more and more breaches hit headlines, CXOs can find a flood of new cybersecurity startups and solutions on the market. More than 600 exhibitors attended RSA 2017—up 56% from 2014, Forrester noted, with a waiting list rumored to be several hundred vendors long. And more than 300 of these companies self-identify as data security solutions, up 50% from just a year ago.

“You realize that finding the optimal security solution for your organization is becoming more and more challenging,” the report stated.

In the report, titled The Top Security Technology Trends To Watch, 2017, Forrester examined the 14 most important cybersecurity trends of 2017, based on the team’s observations from the 2017 RSA Conference. Here are the top five security challenges facing enterprises this year, and advice for how to mitigate them.

  1. IoT-specific security products are emerging, but challenges remain

The adoption of consumer and enterprise IoT devices and applications continues to grow, along with concerns that these tools can increase an enterprise’s attack surface, Forrester said. The Mirai botnet attacks of October 2016 raised awareness about the need to protect IoT devices, and many vendors at RSA used this as an example of the threats facing businesses. While a growing number of companies claim to address these threats, the market is still underdeveloped, and IoT security will require people and policies as much as technological solutions, Forrester stated.

The Internet of Things (IoT), encryption, and artificial intelligence (AI) top the list of cybersecurity trends that vendors are trying to help enterprises address, according to a Forrester report released Wednesday.

As more and more breaches hit headlines, CXOs can find a flood of new cybersecurity startups and solutions on the market. More than 600 exhibitors attended RSA 2017—up 56% from 2014, Forrester noted, with a waiting list rumored to be several hundred vendors long. And more than 300 of these companies self-identify as data security solutions, up 50% from just a year ago.

“You realize that finding the optimal security solution for your organization is becoming more and more challenging,” the report stated.

In the report, titled The Top Security Technology Trends To Watch, 2017, Forrester examined the 14 most important cybersecurity trends of 2017, based on the team’s observations from the 2017 RSA Conference. Here are the top five security challenges facing enterprises this year, and advice for how to mitigate them.

1. IoT-specific security products are emerging, but challenges remain

The adoption of consumer and enterprise IoT devices and applications continues to grow, along with concerns that these tools can increase an enterprise’s attack surface, Forrester said. The Mirai botnet attacks of October 2016 raised awareness about the need to protect IoT devices, and many vendors at RSA used this as an example of the threats facing businesses. While a growing number of companies claim to address these threats, the market is still underdeveloped, and IoT security will require people and policies as much as technological solutions, Forrester stated.

“[Security and risk] pros need to be a part of the IoT initiative and extend security processes to encompass these IoT changes,” the report stated. “For tools, seek solutions that can inventory IoT devices and provide full visibility into the network traffic operating in the environment.”

2. Encryption of data in use becomes practical

Encryption of data at rest and in transit has become easier to implement in recent years, and is key for protecting sensitive data generated by IoT devices. However, many security professionals struggle to overcome encryption challenges such as classification and key management.

Enterprises should consider homomorphic encryption, a system that allows you to keep data encrypted as you query, process, and analyze it. Forrester offers the example of a retailer who could use this method to encrypt a customer’s credit card number, and keep it to use for future transactions without fear, because it would never need to be decrypted.
istock-622184706-1.jpg
Image: iStockphoto/HYWARDS

3. Threat intelligence vendors clarify and target their services

A strong threat intelligence partner can help organizations avoid attacks and adjust security policies to address vulnerabilities. However, it can be difficult to cut through the marketing jargon used by these vendors to determine the value of the solution. At RSA 2017, Forrester noted that vendors are trying to improve their messaging to help customers distinguish between services. For example, companies including Digital Shadows, RiskIQ, and ZeroFOX have embraced the concept of “digital risk monitoring” as a complementary category to the massive “threat intelligence” market.

“This trend of vendors using more targeted, specific messaging to articulate their capabilities and value is in turn helping customers avoid selection frustrations and develop more comprehensive, and less redundant, capabilities,” the report stated. To find the best solution for your enterprise, you can start by developing a cybersecurity strategy based on your vertical, size, maturity, and other factors, so you can better assess what vendors offer and if they can meet your needs.

4. Implicit and behavioral authentication solutions help fight cyberattacks

A recent Forrester survey found that, of firms that experienced at least one breach from an external threat actor, 37% reported that stolen credentials were used as a means of attack. “Using password-based, legacy authentication methods is not only insecure and damaging to the employee experience, but it also places a heavy administrative burden (especially in large organizations) on S&R professionals,” the report stated.

Vendors have responded: Identity and access management solutions are incorporating a number of data sources, such as network forensic information, security analytics data, user store logs, and shared hacked account information, into their IAM policy enforcement solutions. Forrester also found that authentication solutions using things like device location, sensor data, and mouse and touchscreen movement to determine normal baseline behavior for users and devices, which are then used to detect anomalies.

Forrester recommends verifying vendors’ claims about automatic behavioral profile building, and asking the following questions:

  • Does the solution really detect behavioral anomalies?
  • Does the solution provide true interception and policy enforcement features?
  • Does the solution integrate with existing SIM and incident management solutions in the SOC?
  • How does the solution affect employee experience?

5. Algorithm wars heat up

Vendors at RSA 2017 latched onto terms such as machine learning, security analytics, and artificial intelligence (AI) to solve enterprise security problems, Forrester noted. While these areas hold great promise, “current vendor product capabilities in these areas vary greatly,” the report stated. Therefore, it’s imperative for tech leaders to verify that vendor capabilities match their marketing messaging, to make sure that the solution you purchase can actually deliver results, Forrester said.

While machine learning and AI do have roles to play in security, they are not a silver bullet, Forrester noted. Security professionals should focus instead on finding vendors that solve problems you are dealing with, and have referenceable customers in your industry.

Source: http://globalbigdataconference.com/news/140973/iot-encryption-and-ai-lead-top-security-trends-for-2017.html

You Can’t Hack What You Can’t See

1 Apr
A different approach to networking leaves potential intruders in the dark.
Traditional networks consist of layers that increase cyber vulnerabilities. A new approach features a single non-Internet protocol layer that does not stand out to hackers.

A new way of configuring networks eliminates security vulnerabilities that date back to the Internet’s origins. Instead of building multilayered protocols that act like flashing lights to alert hackers to their presence, network managers apply a single layer that is virtually invisible to cybermarauders. The result is a nearly hack-proof network that could bolster security for users fed up with phishing scams and countless other problems.

The digital world of the future has arrived, and citizens expect anytime-anywhere, secure access to services and information. Today’s work force also expects modern, innovative digital tools to perform efficiently and effectively. But companies are neither ready for the coming tsunami of data, nor are they properly armored to defend against cyber attacks.

The amount of data created in the past two years alone has eclipsed the amount of data consumed since the beginning of recorded history. Incredibly, this amount is expected to double every few years. There are more than 7 billion people on the planet and nearly 7 billion devices connected to the Internet. In another few years, given the adoption of the Internet of Things (IoT), there could be 20 billion or more devices connected to the Internet.

And these are conservative estimates. Everyone, everywhere will be connected in some fashion, and many people will have their identities on several different devices. Recently, IoT devices have been hacked and used in distributed denial-of-service (DDoS) attacks against corporations. Coupled with the advent of bring your own device (BYOD) policies, this creates a recipe for widespread disaster.

Internet protocol (IP) networks are, by their nature, vulnerable to hacking. Most if not all these networks were put together by stacking protocols to solve different elements in the network. This starts with 802.1x at the lowest layer, which is the IEEE standard for connecting to local area networks (LANs) or wide area networks (WANs). Then stacked on top of that is usually something called Spanning Tree Protocol, designed to eliminate loops on redundant paths in a network. These loops are deadly to a network.

Other layers are added to generate functionality (see The Rise of the IP Network and Its Vulnerabilities). The result is a network constructed on stacks of protocols, and those stacks are replicated throughout every node in the network. Each node passes traffic to the next node before the user reaches its destination, which could be 50 nodes away.

This M.O. is the legacy of IP networks. They are complex, have a steep learning curve, take a long time to deploy, are difficult to troubleshoot, lack resilience and are expensive. But there is an alternative.

A better way to build a network is based on a single protocol—an IEEE standard labeled 802.1aq, more commonly known as Shortest Path Bridging (SPB), which was designed to replace the Spanning Tree Protocol. SPB’s real value is its hyperflexibility when building, deploying and managing Ethernet networks. Existing networks do not have to be ripped out to accommodate this new protocol. SPB can be added as an overlay, providing all its inherent benefits in a cost-effective manner.

Some very interesting and powerful effects are associated with SPB. Because it uses what is known as a media-access-control-in-media-access-control (MAC-in-MAC) scheme to communicate, it naturally shields any IP addresses in the network from being sniffed or seen by hackers outside of the network. If the IP address cannot be seen, a hacker has no idea that the network is actually there. In this hypersegmentation implementation of 16 million different virtual network services, this makes it almost impossible to hack anything in a meaningful manner. Each network segment only knows which devices belong to it, and there is no way to cross over from one segment to another. For example, if a hacker could access an HVAC segment, he or she could not also access a credit card segment.

As virtual LANs (VLANs) allow for the design of a single network, SPB enables distributed, interconnected, high-performance enterprise networking infrastructure. Based on a proven routing protocol, SPB combines decades of experience with intermediate system to intermediate system (IS-IS) and Ethernet to deliver more power and scalability than any of its predecessors. Using the IEEE’s next-generation VLAN, called an individual service identification (I-SID), SPB supports 16 million unique services, compared with the VLAN limit of 4,000. Once SPB is provisioned at the edge, the network core automatically interconnects like I-SID endpoints to create an attached service that leverages all links and equal cost connections using an enhanced shortest path algorithm.

Making Ethernet networks easier to use, SPB preserves the plug-and-play nature that established Ethernet as the de facto protocol at Layer 2, just as IP dominates at Layer 3. And, because improving Ethernet enhances IP management, SPB enables more dynamic deployments that are easier to maintain than attempts that tap other technologies.

Implementing SPB obviates the need for the hop-by-hop implementation of legacy systems. If a user needs to communicate with a device at the network edge—perhaps in another state or country—that other device now is only one hop away from any other device in the network. Also, because an SPB system is an IS-IS or a MAC-in-MAC scheme, everything can be added instantly at the edge of the network.

This accomplishes two major points. First, adding devices at the edge allows almost anyone to add to the network, rather than turning to highly trained technicians alone. In most cases, a device can be scanned to the network via a bar code before its installation, and a profile authorizing that device to the network also can be set up in advance. Then, once the device has been installed, the network instantly recognizes it and allows it to communicate with other network devices. This implementation is tailor-made for IoT and BYOD environments.

Second, if a device is disconnected or unplugged from the network, its profile evaporates, and it cannot reconnect to the network without an administrator reauthorizing it. This way, the network cannot be compromised by unplugging a device and plugging in another for evil purposes.

SPB has emerged as an unhackable network. Over the past three years, U.S. multinational technology company Avaya has used it for quarterly hackathons, and no one has been able to penetrate the network in those 12 attempts. In this regard, it truly is a stealth network implementation. But it also is a network designed to thrive at the edge, where today’s most relevant data is being created and consumed, capable of scaling as data grows while protecting itself from harm. As billions of devices are added to the Internet, experts may want to rethink the underlying protocol and take a long, hard look at switching to SPB.

Source: http://www.afcea.org/content/?q=you-can%E2%80%99t-hack-what-you-can%E2%80%99t-see

The Cost of a DDoS Attack on the Darknet

17 Mar

Distributed Denial of Service attacks, commonly called DDoS, have been around since the 1990s. Over the last few years they became increasingly commonplace and intense. Much of this change can be attributed to three factors:

1. The evolution and commercialization of the dark web

2. The explosion of connected (IoT) devices

3. The spread of cryptocurrency

This blog discusses how each of these three factors affects the availability and economics of spawning a DDoS attack and why they mean that things are going to get worse before they get better.

Evolution and Commercialization of the Dark Web

Though dark web/deep web services are not served up in Google for the casual Internet surfer, they exist and are thriving. The dark web is no longer a place created by Internet Relay Chat or other text-only forums. It is a full-fledged part of the Internet where anyone can purchase any sort of illicit substance and services. There are vendor ratings such as those for “normal” vendors, like YELP. There are support forums and staff, customer satisfaction guarantees and surveys, and service catalogues. It is a vibrant marketplace where competition abounds, vendors offer training, and reputation counts.

Those looking to attack someone with a DDoS can choose a vendor, indicate how many bots they want to purchase for an attack, specify how long they want access to them, and what country or countries they want them to reside in. The more options and the larger the pool, the more the service costs. Overall, the costs are now reasonable. If the attacker wants to own the bots used in the DDoS onslaught, according to SecureWorks, a centrally-controlled network could be purchased in 2014 for $4-12/thousand unique hosts in Asia, $100-$120 in the UK, or $140 to $190 in the USA.

Also according to SecureWorks, in late 2014 anyone could purchase a DDoS training manual for $30 USD. Users could utilize single tutorials for as low as $1 each. After training, users can rent attacks for between $3 to $5 by the hour, $60 to $90 per day, or $350 to $600 per week.

Since 2014, the prices declined by about 5% per year due to bot availability and competing firms’ pricing pressures.

The Explosion of Connected (IoT) Devices

Botnets were traditionally composed of endpoint systems (PCs, laptops, and servers) but the rush for connected homes, security systems, and other non-commercial devices created a new landing platform for attackers wishing to increase their bot volumes. These connected devices generally have low security in the first place and are habitually misconfigured by users, leaving the default access credentials open through firewalls for remote communications by smart device apps. To make it worse, once created and deployed, manufactures rarely produce any patches for the embedded OS and applications, making them ripe for compromise. A recent report distributed by Forescout Technologies identified how easy it was to compromise home IoT devices, especially security cameras. These devices contributed to the creation and proliferation of the Mirai botnet. It was wholly comprised of IoT devices across the globe. Attackers can now rent access to 100,000 IoT-based Mirai nodes for about $7,500.

With over 6.4 billion IoT devices currently connected and an expected 20 billion devices to be online by 2020, this IoT botnet business is booming.

The Spread of Cryptocurrency

To buy a service, there must be a means of payment. In the underground no one trusts credit cards. PayPal was an okay option, but it left a significant audit trail for authorities. The rise of cryptocurrency such as Bitcoin provides an accessible means of payment without a centralized documentation authority that law enforcement could use to track the sellers and buyers. This is perfect for the underground market. So long as cryptocurrency holds its value, the dark web economy has a transactional basis to thrive.

Summary

DDoS is very disruptive and relatively inexpensive. The attack on security journalist Brian Krebs’s blog site in September of 2016 severely impacted his anti-DDoS service providers’ resources . The attack lasted for about 24 hours, reaching a record bandwidth of 620Gbps. This was delivered entirely by a Mirai IoT botnet. In this particular case, it is believed that the original botnet was created and controlled by a single individual so the only cost to deliver it was time. The cost to Krebs was just a day of being offline.

Krebs is not the only one to suffer from DDoS. In attacks against Internet reliant companies like Dyn, which caused the unavailability of Twitter, the Guardian, Netflix, Reddit, CNN, Etsy, Github, Spotify, and many others, the cost is much higher. Losses can reach multi- millions of dollars. This means a site that costs several thousands of dollars to set up and maintain and generates millions of dollars in revenue can be taken offline for a few hundred dollars, making it a highly cost-effective attack. With low cost, high availability, and a resilient control infrastructure, it is sure that DDoS is not going to fade away, and some groups like Deloitte believe that attacks in excess of 1Tbps will emerge in 2017. They also believe the volume of attacks will reach as high as 10 million in the course of the year. Companies relying on their web presence for revenue need to strongly consider their DDoS strategy to understand how they are going to defend themselves to stay afloat.

33 Billion Internet Devices By 2020: Four Connected Devices For Every Person In World

22 Oct
  • Traditional connected devices like PCs, smartphones and tablets now account for less than a third of all connected devices in use.
  • Emerging categories alone will connect an additional 17.6 billion devices to the internet by 2020.
  • The Internet of Things is leading to rapid growth in new categories like M2M, smart objects, smart grid and smart cities.

“Back in 2007 PCs accounted for two thirds of internet devices – now it’s only 10 per cent,” notes David Mercer, Principal Analyst and the report’s joint author. “The impact of the internet on daily lives has increased rapidly in recent years. Huge growth potential still lies ahead, in terms of both the number of devices relying on internet connectivity and its geographic reach.”

“The Internet of Things has already connected five billion devices and we are only at the beginning of this revolution”, says Andrew Brown, Executive Director and the report’s joint author. “Smart cities and smart grid are just two of the ways in which the internet of things will touch everyone’s lives over the coming years and decades.”
Source: http://www.fiercemobileit.com/press-releases/33-billion-internet-devices-2020-four-connected-devices-every-person-world

EE unveils new 4G Mobile Broadband Devices, Tablet en Revised Plans

22 May

Given EE’s massive head start over the competition, its 4G network is coming on leaps and bounds. And today, EE has announced new mobile broadband tariffs, released three new 4G mobile broadband devices, plus a new own-brand tablet.

EE’s 4G coverage now covers 2,588 villages and small towns around the UK (many with populations of well under 10,000 – such as Silverburn in Scotland with just 65 people), following the second phase of its roll out. Meanwhile, the current ‘Double Speed’ network is being doubled in size to 40 towns and cities by the end of 2014.

Coverage is also a priority on areas of high-usage, such as airports, roads, railway lines and stations. EE announced that it has 47 major train stations covered, and 22 of the busiest airports. Coverage of the M25 London Orbital motorway and the M62 exceeds 80%.

EE is now connecting more people to 4G plans than 3G on its ‘legacy’ Orange and T-Mobile brands. Data usage is now up 66% as people watch more television and video, and other data intensive tasks, on the move.

New Mobile Broadband devices

EE already offers both dongles and portable hotspot (‘MiFi’) devices, but today it has announced three new products:

In-car Wi-Fi
Osprey: In-car Wi-Fi

Buzzard (£49.99 on PAYG and cheaper on contract) is an in-car device that connects to any 12v cigarette lighter socket, sharing a data connection with up to ten devices. It comes with a storage container designed to sit in a cup holder.

Osprey
Osprey

Kite (£69.99 on PAYG and cheaper on contract) is a more traditional portable hotspot, while Osprey is a more rugged and colourful device selling for £49.99 on PAYG (and cheaper on contract).

Eagle - 4G enabled tablet (made by Huawei)
Eagle: 4G enabled tablet (made by Huawei)

There’s a new tablet too, a rebadged Huawei unit called Eagle, available for £199 on PAYG or £49.99 on a two-year contract with a monthly plan of £15 or above.

New Mobile Broadband tariffs

EE

EE Extra 
More data and double-speed 4G

Data allowance**

1GB

3GB

15GB

25GB

50GB

24 Month

£10

£15

£20

£30

£50

1 Month

£10

£15

£20

£30

** Depending on 4G WiFi device chosen

Add-ons:

  • 100MB – £1
  • 1GB – £5
  • 10GB – £15

Video (via Recombu.com)


Original Press Release

LONDON 21 May, 2014 – EE, the UK’s most advanced digital communications company, today unveiled the next phase of its world class 4G service, including rapid network expansion andthe launch of new 4G plans and devices. The company will dramatically improve accessibility of superfast mobile internet across the UK, and set a new benchmark for the 4G user experience.

The move comes as EE 4G customer numbers hit 3.6 million and sales of EE 4G plans outstrip 3G for the first time, representing a tipping point for the business. 4G is rapidly changing mobile behaviour, with customers increasing their data usage by 66% in a year – watching more television and video, working, banking and shopping on the go.

Olaf Swantee, CEO of EE, said: “With more experience of 4G than any other UK operator, we have unique insight into how the technology is changing behaviour. Our mobile devices have effectively become mini TVs with video traffic already making up over half the data on our 4G network.

“We’re committed to remaining one step ahead – adapting our network to make 4G available where it matters most, with a focus on more rural areas, transport links and offering our customers the best network experience and great value, innovative devices and plans.”

RAPID NETWORK EXPANSION

EE is accelerating network rollout in rural areas and ontransport routes, as well doubling the footprint of its uniquedouble speed network, meeting the growing demand for consistently fast speeds across the busiest areas of the UK.

1.     Rural revolution: EE completes second phase of rural roll out

EE is bringing the UK’s fastest network to 2,588 villages and small towns with populations under 10,000, including many rural areas. From Silverburn in Scotland with less than 65 people, to Aberdulais in South Wales with 500, more than three million people in rural areas now have access to a mobile network to rival the UK’s largest cities.

Businesses and residents in many of those rural areas of the UK will now have access to high speed internet in the home or office for the first time, with 4G speeds often faster than the fixed line connection they previously depended on.

2.      4G in the fast lane

In addition to residential zones, EE is focusing on areas of high usage, including airports, roads, and train lines and stations. 47 major train stations and 22 of the busiest airports, from Bournemouth to Aberdeen, are now 4G-enabled, along with upwards of 50% 4G coverage on 50 of the busiest motorways and A-roads. Coverage of major roads in more built up areas, such as the M25 and M62 is greater than 80%.

The ongoing investment forms part of EE’s plan to offer a superfast digital network in the places customers want it the most, recognising the increasing need for a reliable, high-speed data connection on the move to support in-car navigation and passenger data usage.

By enhancing the 4G network on the busiest roads in the UK, EE will allow business customers to remain productive on the move. A programme is in place to cover the busiest motorway service stations, completing the connected journey.

3.       Extending EE’s unique double speed 4G network

EE will double the footprint of its unique, high capacity network to 40 towns and cities by the end of the year, allowing millions more customers to enjoy the UK’s fastest speeds, and targeting the parts of the country where data usage is showing the quickest growth.

EE’s double speed network ensures that its customers are guaranteed the best mobile experience, whether that’s downloading large files, uploading images or streaming video.

REDEFINING THE 4G WiFi MARKET

From 28 May, EE is introducing a range of EE-branded 4G broadband devices and plans, designed to take advantage of EE’s double speed network. Available on pay as you go (PAYG) and consumer and business pay monthly plans, the devices include:

·         The UK’s first 4G car WiFi – the ‘Buzzard’ is the first in a series of superfast in-car devices available direct from EE. The simple and affordable plug-and-play device (only £49.99 on PAYG) will enable any car with a 12v connection to instantly become a 4G WiFi hotspot for up to 10 connections, and avoid the need for expensive in-built solutions. It also comes in a unique storage container designed to sit conveniently in a cup holder.

·         Superfast 4G for work and play – EE is introducing two new 4G WiFi devices optimised for EE’s double speed 4G network. For busy professionals a new sleek pocket-sized premium   device called the ‘Kite’* (£69.99 on PAYG); and for a younger audience, the UK’s most affordable 4G WiFi unit – the colourful and rugged ‘Osprey’ (only £49.99 on PAYG).

·         The UK’s most affordable 4G tablet – with the ‘Eagle’, an Android tablet offering specifications and features traditionally associated with more expensive devices for just £199 on PAYG or £49.99 on 24 month pay monthly plans of £15 and above.

In support of the new devices, EE is also introducing the UK’s best value set of 4G WiFi plans. A new range of 24 and one month plans will be available, offering a variety of data allowances for unparalleled value and choice. New plans for small businesses will also be available.

The Buzzard, Kite and Osprey will be available on EE’s Shared plans, as well as the new 4G WiFi pay monthly plans, and are free on 24-month plans of £15-per-month and over.

THE BEST 4G EXPERIENCE

Video usage on the EE network has risen significantly in recent months, and early findings from EE’s latest Mobile Living Index[i] reveal that the video experience is now as important as making calls and web surfing for 4G customers. Video and TV are expected to increase data traffic 1100% in the next four years, and will be more than two thirds of data on the network by 2018.

To meet growing customer expectations, EE is putting the video experience at the heart of its network plans, ensuring content owners can give customers a reliable, high-quality, user experience.

On the 20th May, Minister Ed Vaizey announced the launch of the Mobile Video Alliance (MVA), founded by EE and run by the Digital TV Group (DTG), which represents the UK’s broadcast industry. The MVA connects broadcasters and content owners with mobile operators for the first time to create the best possible experience of mobile video apps. Broadcasters have mastered content delivery in the home, to the web, and now they’re focusing on the third axis – mobile platforms.

EE has also embarked on a programme for selected video and TV content owners, who desire an optimum user experience for their customers over EE’s 4G network. For example, work with the BBC iPlayer team has already seen significant improvements for their customers on the speed of programme load times.

For more information on the new plans and devices, please visit: ee.co.uk/campaigns/ee/mobile-broadband-launch-may-2014

For more information on EE’s network roll-out, please visit:ee.co.uk/ee-and-me/network/locations

Source: http://jmcomms.com/2014/05/21/ee-unveils-new-4g-mobile-broadband-devices-tablet-and-revised-plans/

The Internet of Things: Interconnectedness is the key

14 Apr

I was at an Internet of Things event a couple of weeks ago and listening to the examples it was clear there is too much focus on connecting devices, and not enough focus on interconnecting devices.

Connecting devices implies building devices that are designed specifically to work within a closed ecosystem, to report back to some central hub that manages the relationship with the purpose-built device. Interconnected devices are designed in such a way that they can learn to collaborate with devices they were never designed to work with and react to events of interest to them. So what will this look like? For one possible scenario, let’s start with the ubiquitous “smart fridge” example and expand this to look at the way we buy our food. There has been talk for years about how fridges will be telling us about the contents, how old they are, whether anything in them has been reserved for a special meal, what is on the shopping list etc. Even to the idea of placing automatic orders with the food suppliers, but what if we want to still be involved in the physical purchasing process, how will the Internet of Things, with interconnected devices work in that scenario? Here’s a chain of steps involved:

  1. Assuming our fridge is the central point for our shopping list, and we want to physically do the shopping ourselves, we can tap the fridge with our phones and the shopping list will be transferred to the phone.
  2. The fridge or our phone can tell us how busy the nearby supermarkets currently are, and based on regular shopping patterns, how many people will likely be there at certain times in the immediate future. Sensors in the checkout will let us know what the average time is for people to be cleared. Any specials that we regularly buy will be listed for us to help make the decision about which store to visit.
  3. We go to the supermarket and the first thing that happens is the supermarket re-orders our shopping list in accordance with the layout of the store.
  4. The phone notifies our family members that we are at the supermarket and lets them know we are there so they can modify our shopping list.
  5. We get a shopping trolley, which immediately introduces itself to our phone. It checks with our preferences in the phone as to whether we want its assistance, whether it is allowed to record our shopping experience for our use, or to assist the store with store planning
  6. As we walk around the store, the phone or the trolley alerts us to the fact that we are near one of the items on our shopping list.
  7. If we have allowed it, the trolley can make recommendations based on our shopping list of related products, compatible recipes, with current costs, and offer to place the additional products into the shopping list on the phone and even into our shopping list template stored in the fridge if we want.
  8. As we make our way to the checkout, the trolley checks its contents against what is on our shopping list and alerts us to anything missing. Clever incentives might also be offered at this time based on the current purchase.
  9. As soon as the trolley is told by the cash register that the goods have been paid for, it will clear its memory, first uploading any pertinent information you have allowed.
  10. Independent of the shopping experience and the identifiability of the shopper and their habits, the store will be able to store the movements of the trolley through the store, and identify how fast, any stopping points to identify interest and analyse for product placement.
  11. Once we get home, we stock the cupboard and the fridge, both of which update our shopping list.
  12. As soon as we put the empty wrapper in the trash, the trash can will read the wrapper and add the item to a provisional entry in the shopping list, unless we have explicitly pre-authorised that product for future purchase.

Another example would be linking an airline live schedule to your alarm clock and taxi booking, to give you extra sleep in the morning if the flight is delayed. Or having your car notify the home that it looks like it is heading home and to have the air conditioner check whether it should turn on. While we focus only on pre-ordaining the way devices should work during their design, we limit their ability to improve our lives. By building devices that are capable of being  interconnected with other devices in ways that can be exploited at run time we open up a world of possibilities we haven’t begun to imagine. Source: http://cloud81.com/2014/04/14/the-internet-of-things-interconnectedness-is-the-key/

Gartner predicts the presence of 26 billion devices in the ‘Internet of Things’ by 2020

19 Mar

Gartner, a globally recognized research firm dealing with technological innovations and businesses has come up with a prediction recently. The American Information Technology Research and Advisory firm has projected that by the year 2020; around 26 billion devices will make “Internet of Things” a definitive source. The Connecticut based firm assures that this large number of sensors and device connections will surely open up an array of business opportunities to data centers and companies that address that market.

Gartner predicts that around $300 billion revenue will be racked up by vendors and service providers which rely on internet till the specified period.

For those who are interested in knowing what “Internet of Things” is in simple terms, here is a definitive answer. This buzz worth term is nothing but to define a vast array of Internet enabled gadgets and remote sensors connected to web. It also relates the IT systems and services that enable organizations to collect, store, manage and analyze the vast amounts of data generated from billions of devices.

Gartner’s research also reveals that data center operators will feel the impact on a more propounding note. And that is due to the fact that it will not be an easy task to technically and economically transfer massive amounts of input data into their entirety which is a central processing location.

Joe Skorupa, Vice President of Garter has come up with a solution and that is to distribute the data into multiple small mini datacenters, where initial processing can occur and then relevant data can be pushed to a central site for additional processing.

However, one area which needs a fresh approach will be to look into the needs of data center network. Gartner argues that current data center bandwidths are sized in such a way that they can moderately cater to the needs of human interactions with applications. But when billions of devices need to interact a bandwidth increase of atleast 1000 times from present becomes truly essential.

For this reason, Gartner wants the data center heads to look into these issues in time and come up with an apt solution in next couple of years. The research firm also insists on revamping of present data center design and architecture by 2018, in order to reduce the complexity and boost of on-demand capacity to deliver reliability and business continuity.

But with so much predicted about Internet of Things” will consumer privacy remain intact in this commotion? Hmmmm…..hard to predict. Isn’t it?

 

Source: http://storageservers.wordpress.com/2014/03/19/gartner-predicts-the-presence-of-26-billion-devices-in-the-internet-of-things-by-2020/

How To Build Habits In A Multi-Device World

9 Mar
Allow me to take liberties with a philosophical question reworked for our digital age. If an app fails in the App Store and no one is around to use it, does it make a difference? Unlike the age-old thought experiment involving trees in forests, the answer to this riddle is easy. No!

Without engagement, your product might as well not exist. No matter how tastefully designed or ingeniously viral, without users coming back, your app is toast.

How, then, to design for engagement? And as if that were not challenging enough, how should products that touch users across multiple devices, like smartphones, tablets, and laptops, keep people coming back?

The answer is habits. For the past several years, I have studiedwritten, and lectured on how products form habits, and my work has uncovered some conclusions I hope will prove helpful to product designers.

 If the company’s business model requires users to come back on their own accord, unprompted by calls to action, a habit must be formed.

 

To be clear, not every product requires user habits; plenty of businesses drive traffic through emails, search engine optimization, advertising, and other means. However, if the company’s business model requires users to come back on their own accord, unprompted by calls to action, a habit must be formed.

The good news is that in today’s multi-screen world, the ability to interact with multiple devices has the potential to increase the odds of forming lasting user habits. By designing across devices, developers have a unique opportunity to leverage an ecosystem approachto drive higher engagement.

Through my research, I have found a recurring pattern endemic to these products, which I call “the Hook Model.” This simple four-phase model is intended to help designers build more engaging products.

Building for habits boils down to the four fundamental elements of the Hook: a trigger, an action, a reward, and an investment. This pattern can be found in any number of products we use automatically, almost without thinking.

Trigger

Designing for multiple interfaces means your product is more readily accessible throughout the day. The more often the user chooses a particular solution to meet her needs, the faster a habit is formed. A trigger is the event in the user’s life that prompts her to use the product.

It is important that companies understand the users’ internal triggers so they can build the product to meet those needs.

 

Sometimes the trigger can be external, such as when a user receives a notification with a call to action. Other times, the trigger is internal and the information for what to do next is imprinted in the users’ memory through an association. For example, many products cue off of emotions as internal triggers. We use Facebook to socially connect with friends and family when we’re lonely and check ESPN or Pinterest when we’re bored.

It is important that companies understand the users’ internal triggers so they can build the product to meet those needs. Designers should be able to fill in the blank for the phrase, “Every time the user (______), they use my app.” The blank should be the internal trigger.

Take, for example, the experience Nike has constructed for its aspiring athlete customers. Nike’s suite of products includes wearable monitors, which track physical activity throughout the day, as well as a host of smartphone apps to be used while running, playing basketball, or golfing.

For Nike, it is critical that users attach the company’s products to a discrete moment in their lives. To succeed, Nike has to own the instant just before the user heads out the door to work out. Athletes want to know their effort matters and Nike helps them meet that need. By digitally recording the workout, Nike’s apps tap into a deeper emotional need to feel that all that sweating is not going to waste, that the amateur athlete is making progress.

By creating an association with a moment in time—in this case, every time the user exercises—Nike begins the process of creating a habit.

Action

When it comes to multi-screen experiences, it is important to design a narrative for how the product is actually used. Knowing the sequence of behaviors leading up to using the products, as well as the deeper emotional user needs, is critical for successfully executing the next step of the Hook, the action phase.

The action is the simplest behavior the user can take in anticipation of reward. Minimizing the effort to get to the payoff is a critical aspect of habit-forming design. The sooner users can get to the reward, the faster they can form automatic behaviors.

Knowing the sequence of behaviors leading up to using the products, as well as the deeper emotional user needs, is critical for successfully executing the next step of the Hook, the action phase.

 

In Nike’s case, simply opening the app or wearing one of their body-mounted devices alleviates the user’s fear that the exercise will be in vain. Clicking a button marked Run in the Nike+ running app, for example, begins tracking the workout and gets the user closer to the relief he was looking for.

Finding ways to minimize the effort, be it by eliminating unnecessary logins or distracting functionality, improves the experience both on mobile and web interfaces. Nike makes the action of tracking exercise easier by building products designed to make recording even easier — for example, shoe-mounted devices that passively collect information.

Designers should consider how many steps they put in the way of users getting what they came for. The more complex the actions, the less likely users are to complete the intended behavior.

Reward

The reward phase of the Hook is where the user finally gets relief. After being triggered and taking the intended action, the user expects to have the internal trigger satisfied. If the user came to relieve boredom, she should be entertained. If the trigger was curiosity, she expects to find answers.

Thus, the reward phase gives the user what she came for, and quickly! When the athlete uses the Nike app, for example, a 3-2-1 countdown displays to signify that the workout is about to begin. The user can get on with her run, knowing it is being recorded. But the Nike suite of products layers on more rewards. The apps not only record the workout, they also motivate it.

When products have an element of variability or surprise, they become more interesting and engaging.

 

 To boost their habit-forming effects, many products utilize what psychologists call intermittent reinforcement. When products have an element of variability or surprise, they become more interesting and engaging. For example, scrolling on Twitter or Pinterest offers the allure of what might be found with the next flick of the thumb.

In Nike’s case, the element of variability can be found in various forms throughout its product experience. For example, when athletes connect to Facebook, the app posts to the social network and runners hear the sound of a cheering crowd every time one of their friends “likes” their update. The athlete never knows when they’ll hear the encouragement and the social rewards help them keep pushing forward.

Nike also implements a point system called NikeFuel, which is meant to be a quantification of physical activity. However, the mechanics of how rapidly points are earned is intentionally opaque, giving it an element of variability. Finally, exercising itself has an element of surprise, which Nike’s products accentuate by encouraging users to complete new and increasingly challenging activities.

Investment

Lastly, a critical aspect of products that keep users coming back is their ability to ask for an investment. This phase of the Hook involves inviting the user to do a bit of work to personalize the experience. By asking the user to add some effort into the app, the product increases in value with use, getting better the more the user commits to it.

Investments are actions that increase the likelihood of the next pass through the Hook by loading the next trigger, storing value, and creating preference for using the product. It is important that the four phases of the Hook are followed in sequential order for maximum impact.

Every time the user exercises with a Nike app or body monitor, she accrues a history of performance. The product becomes her digital logbook, which becomes more valuable as a way of tracking progress the more entries she makes. Additionally, each purchase of a Nike+ device—like a FuelBand, for example—is a further financial and psychological investment in the ecosystem.

Nike and other exercise training apps, like Strava, allow athletes to follow other athletes to compare performance. The action of selecting and following other users is a form of investment; it improves the product experience with use and increases the user’s likelihood of using the product again.

In the future, products like Nike+ could automatically collect information from multiple touchpoints to create an individualized workout plan. The product could improve and adapt the more the user invests in using it.

An Engagement Advantage

For multi-interface products that rely upon repeated user engagement, understanding the fundamentals of designing habits is critical. By following the Hook Model of a trigger, an action, a reward, and finally an investment, product designers can ensure they have the requisite components of a habit-forming technology.

By building products that follow users throughout their day, on smartphones, tablets, and more recently wearable devices, companies have an opportunity to cycle users through the four phases of the Hook more frequently and increase the odds of creating products people love.

Source: http://techcrunch.com/2014/03/08/how-to-build-habits-in-a-multi-device-world/

Cyber Security is Not Prepared for the Growth of Internet Connected Devices

3 Mar

The estimated growth of devices connected to the Internet is staggering.  By 2020 Cisco estimates that 99% of devices (50 billion) will be connected to the Internet.  In contrast, currently only around 1% is connected today. The sheer numbers as well as the complexity of new types of devices will be problematic. Although traditional computing devices such as personal computers, tablets and smartphones will increase, it is the Internet of Things (IoT) which will grow significantly, to around 26 billion units. That represents nearly a 30-fold increase according to Gartner.

Device Estimates.jpg

The industry is in a vicious fight protecting current platforms, such as PC’s from malware and compromise. New malware is generated at a mind boggling rate of ~200k unique samples each day. With the rise of smartphones and tablets, we are witnessing the fastest growth of malware in this sector and expect the complexity of attacks to increase. Security companies work tirelessly to keep up with the increasing pace.
But the wildcards to this equation will be the radical growth of IoT devices which have different architectures, software, and usages. Wearables, transportation, and smart appliances which will grow at an alarming rate. These represent challenges as they will differ greatly from familiar computers and longstanding security controls will need to be reworked or rethought entirely. The processes and tools currently in use by security organizations are not easily extensible to meet the new challenge. This will give attackers a diverse area to scrutinize for vulnerabilities and new opportunities to exploit for their gain.
Security resources across the industry are already stretched thin. It will be very difficult to adapt to the new scope, requiring new tools, expertise, and ways of thinking. The security industry is not giving up and throwing in the towel just yet, but the challenge they face is undeniable.
Product vendors can play an important role by designing and testing products with security in mind.  Such hardening techniques can reinforce both hardware and software to deny attackers opportunities of compromise. Hardware features, software capabilities, and security services must be designed to work together for maximum effect. This holistic strategy is necessary to establish a common front of cooperative defenses. Security services must look ahead and begin adaptation to serve emerging form factors, supporting infrastructures, and user demands.
Perhaps most importantly, the everyday user must begin to take responsibility for their own security. Users have a tremendous amount of control over their security and can strongly influence the industry by demanding proper embedded controls. User behaviors must shift to more reasonable actions.  Not every link must be clicked. Not every survey or request for personal information must be fulfilled. Not every application, including those from untrustworthy sources, must be installed. Socially, we must act with more discretion to protect our valuables.
Our world is changing quickly with the staggering increase of interconnected devices melding into cyberspace. The security risks rise equally as fast. We will face challenges, but it is up to all of us to determine how secure we will be.

Matthew Rosenquist is an information security strategist, with a passion for his chosen profession. Benefiting from nearly 20 years of experience in Fortune 100 corporations, he has thrived on establishing strategic organizations and capabilities which deliver cost effective information security services.

Source: https://communities.intel.com/community/itpeernetwork/blog/2014/02/08/cyber-security-is-not-prepared-for-the-growth-of-internet-connected-devices

%d bloggers like this: