When Disaster Strikes the IoT: Risks and Solutions
The Internet of Things (IoT) is a well-established computing concept that produces an ever-expanding network of physical devices with Internet connectivity. These Internet-connected physical devices, such as sensors, consumer products (ie: “smart” -watches, coffee machines, lights, etc), and manufacturing equipment are directly integrated into cloud powered Apps intended to improve efficiency and decision-making. The IoT has several exciting and useful applications, from the small-scale individual maker level to entrepreneurial business ventures, all the way up to society and “smart cities” as a whole.
Systematic Use Cases:
- Makers: An alarm clock that wakes a person up and notifies their coffee machine to begin brewing coffee.
- IoT Entrepreneurs: IoT Entrepreneurs and Engineers that connect sensors, actuators, and beacons to better identify abnormal conditions (present or predicted) and automate tasks to increase efficiency or reduce error; for example, re-ordering supplies before they run out or break.
- Society: “Smart cities” are embracing local networks of IoT sensors that monitor air quality and traffic indicators to take pre-emptive data-driven measures to reduce air pollution and traffic congestion based on the information gleaned from sensors all around.
According to forecasted market growth figures published by Statista, the IoT market value worldwide will reach $1.7 trillion with over 20 billion connected devices by 2020. With so many people, businesses, and even entire cities becoming reliant on the sensor data, it makes sense to wonder what happens if an unplanned outage occurs, be it the sensors themselves or the database systems that collate the data that powers each App?
One such solution for when things go wrong is a Disaster Recovery Plan.
In the following article, we will define disaster recovery generally, then address the range of risks to IoT networks, and finally, conclude with some best practices for mitigating potential risks.
Disaster Recovery: Overview
Disaster recovery is a set of procedures and tools used to minimize data loss and enable the swift recovery of vital technology infrastructure after a natural- or human-caused disaster. Organizations normally document these procedures and tools in a Disaster Recovery Plan (DRP).
Some familiar vendors and names that dominate the disaster recovery market include Microsoft Azure Site Recovery, Dell EMC Recoverpoint, and N2WS for AWS cloud disaster recovery are some of the main vendors supporting recovery for infrastructure clouds.
For example, Ubidots, an IoT Application Development and Deployment Platform powering over 4,000 IoT Apps around the globe utilize a Global IP recovery plan. And, according to Ubidots CTO, Gustavo Angulo, “this allows all the traffic to be redirected and balanced to any IBM Datacenter, in case of an emergency at one of our satellites or core data centers. Then, once the crisis is averted, Ubidots reingests all failover data to its core system to backfills emergency data that was rerouted.” With this redirection and recovery program, Ubidots cloud is able to reingest traffic, even during periods of failure, no matter what.
Disaster Recovery and IoT
For entrepreneurs and engineers that depend on IoT solutions for the provision of services or for streamlining operations, some data-driven Apps are mission-critical, and there is a real need to ensure smooth and swift failover in the post-outage phase.
Consider a healthcare provider that uses IoT sensors to collect diagnostic information on patients by transmitting patient vital signs to a cloud computing system. The cloud provides application logic in this setup in the form of running cloud instances. If the cloud system suffers an unexpected outage, can the IoT devices continue communicating patient vital signs? In the absence of an IoT disaster recovery plan that includes immediate failover to a secondary system, the answer is no, and patient safety becomes a risk.
In addition to IoT application risks, there are also network risks from cyber attacks. Consider a DDoS attack that hacks IoT sensors and forms a botnet. Given the huge number of Internet-connected devices, such attacks could wreak havoc and proliferate rapidly across the Internet, taking down entire websites.
Lastly, you have IoT analytics risks. While the application logic works to collect the data from different devices and send it to storage databases, the actual value of an IoT solution is derived from the data using various tools and frameworks to deliver insights that drive decision making. IoT analytics are normally performed in a hybrid setup combining “the edge”; where data is processed and analyzed close to the sensors at a network gateway, and in cloud computing environments where Application software and end-user engagement exist.
Best Practices to Avoid App Downtime and Secure your Data
- From the company or organization’s perspective, it’s imperative to ensure the IoT devices and sensors on your network are not left unsecured. Be sure to apply a data encryption certificate into hardware firmware; SSL is ideal for communication with HTTPS and TLS for communications utilizing MQTT.
- On-premise App will benefit from a DDoS protection tool that monitors traffic in real-time to warn of an impending attack for failover to a secondary network infrastructure.
- Treat your primary IoT data storage as mission-critical and ensure frequent snapshots and backup solutions are deployed for such databases. For example, if you store data in AWS, use an AWS backup service. If you work with a vendor, be sure they have a data backup failsafe in place.
- Consider utilizing IoT Application platform vendors to efficiently develop and launch a solution. Trusted App and cloud service providers are sure to utilize some form of a backup service for data collection and retention. If you do not know – ask them!
Disasters don’t only strike due to earthquakes, power failures, and accidental fat-finger mistakes by employees. The concept of a disaster recovery plan is essential to all IoT Application hosts and should be kept up-to-date and include actions that combat purposeful, human-caused outages, such as cyber attacks, particularly in an IoT world containing billions of Internet-connected devices.
The range of users, use cases, and increasingly mission-critical nature of IoT solutions for businesses and governments make it necessary to incorporate disaster recovery plans for IoT Apps and Services. Look closely at the architecture of your IoT Solution and be sure to take the required steps to ensure optimum disaster recovery tools and procedures are used to mitigate risks at each stage of an Apps development and integration.