How Will Campus Networks Handle the Internet of Things' 26 Billion Devices?
The exponential growth of the Internet of Things will challenge college and university wireless networks with large quantities of data, security concerns, bandwidth demands and more.
- By James Vautravers
The "Internet of Things" (IoT), the network of devices with embedded sensors and wireless technology, is already present on most college campuses in the form of security cameras, HVAC controls, building access, lights, power and more. But predictions call for an explosion in the number of IoT devices in the near future, and campus IT departments are already bracing for the impact on their wireless infrastructures.
According to a Gartner study published in December of last year, the Internet of Things will grow to 26 billion units installed by 2020, representing a 30-fold increase from 0.9 billion units in 2009. The IoT is expanding at a much faster rate than that of PCs, tablets, and smartphones, which are expected to number 7.3 billion units by 2020. "The enormous number of devices, coupled with the sheer volume, velocity and structure of IoT data, creates challenges, particularly in the areas of security, data, storage management, servers and the data center network," said Joe Skorupa, a vice president and analyst at Gartner.
The IoT connects remote devices and provides a data stream between the devices and centralized management systems. Each device can provide information on its own status, location and functionality, and real-time information enables more accurate understanding of these things. "IoT deployments will generate large quantities of data that need to be processed and analyzed in real time," noted Fabrizio Biscotti, research director at Gartner. "Processing large quantities of IoT data in real time will increase as a proportion of workloads at data centers, leaving providers facing new security, capacity and analytics challenges."
"The IoT threatens to generate massive amounts of input data from sources that are globally distributed. Transferring the entirety of that data to a single location for processing will not be technically and economically feasible," said Skorupa. "The recent trend to centralize applications to reduce costs and increase security is incompatible with the IoT. Organizations will be forced to aggregate data in multiple distributed mini data centers where initial processing can occur. Relevant data will then be forwarded to a central site for additional processing."
Gartner recommends a forward-looking capacity management approach that aligns IT and operational technology (OT) standards and planning so as to be able to provide data processing based on priorities and needs.
If the explosion of devices and data isn't alarming enough, another study, this one published by Hewlett Packard in July, has found that most IoT devices have exploitable security flaws. Researchers reviewed devices in 10 of the most popular IoT niches:
- Remote power outlets
- Sprinkler controls
- Hubs for controlling multiple devices
- Door locks
- Garage door openers
All devices included mobile applications for remote access or control. The study found that 80 percent of the devices, along with their cloud and mobile-application components, failed to require passwords of a "sufficient complexity and length." Insufficient authentication/authorization leaves a device vulnerable to access by hackers. And 70 percent of the devices used unencrypted network services.
Bandwidth Demands and More
College and university IT departments have been dealing with the ever-increasing wireless demands of end-user devices for years, while facing budget restrictions and even cutbacks. Could an explosion in the number of IoT devices accessing institutional networks over the next few years be the 26 billion straws that break the camel's back?
"Everyone wants to use the wireless network for everything now," said Mike Russell, assistant vice chancellor for enterprise services operations at the Virginia Community College System. That includes end users' mobile devices, but also security cameras, HVAC controls, door locks, lighting systems, clocks and more. Russell's office assists a system of 23 colleges, 40 campuses, and 400,000 students, and each of the colleges has its own wireless solution.
The Virginia Community College System faces 5 percent budget cuts across the board this year, and 7 percent next year, so keeping up with the ever-growing demand for bandwidth is a challenge. The colleges don't have the money to replace their systems, so the focus is on expanding what they have. Some colleges are still using first-generation wireless networks that cannot support new devices. And at some of the colleges, the wireless networks get overwhelmed at times and cease to work.
Expecting greater wireless demand and smaller budgets, Russell said, "The colleges haven't had to limit the usage of certain devices, but they may have to in the future." Each college is required to have technical plans for the future, and the CIOs of the colleges come together quarterly to discuss IT strategy and goals. Russell said that "wireless capabilities, wireless access, new wireless devices and BYOD consistently top the list of concerns."
It's a similar story at the Los Angeles Community College District, where, as CIO Jorge Mata told Campus Technology last year, bandwidth has had to grow by a factor of 2,000 over the previous 15 years to keep up with the demand, and the need for more capacity is actually accelerating. New construction now comes with "smart" installations that use the wireless network, such as building and inventory automation, security and access control, and power. "We're building 'smart' everything," Mata said. "What that means is it uses more bandwidth."
Mata's strategies for dealing with increasing wireless demands include bandwidth control such as caching and rate limiting; building a calendar to estimate how much bandwidth new initiatives might require; and staying on top of those new initiatives by paying attention to strategic plans across departments. He looks at board agendas and contracts that are in the works, monitors Web usage data for each of the colleges and stays in touch with college IT managers. Staying ahead of bandwidth demand is, "part science, part art, part politics," he said.
But Deke Kassabian, senior information technology director, information systems and computing, University of Pennsylvania, is not very worried about bandwidth when it comes to IoT devices. IoT devices at Penn currently number in the hundreds, but that number could be tens of thousands in the near future. Even at that rate, however, Kassabian said such devices will not affect bandwidth as much as the still increasing demands of end-user devices. He said, "The challenges in integrating these devices have more to do with granting them appropriate access to networks, and limiting access by others, than concerns about bandwidth. Another possible challenge involves the sheer number that might eventually be in use and the resulting impact on network address space."
Traditional access control approaches on college campuses often can't easily authenticate IoT devices. "Access control mechanisms commonly used on campus, such as user name and password authentication to WiFi networks, do not apply for these devices in a very natural way," said Kassabian. So currently, his institution has "assigned what look like user credentials to devices," but he said this is a short-term, suboptimal solution. For the future, he is looking at the installation of a client side certificate.
Kassabian pointed out that thousands of devices per building in the near future "would take a big bite out of [IP] address space, and even non-routable addresses could feel the strain." But as he noted, this problem should eventually take care of itself with the transition from IPv4 (Internet Protocol version 4) to IPv6, a transition driven primarily by limited address space in the first place.
Penn's Information Systems and Computing group has published its strategies for wireless networks on the Web, which include continuing investigation into new wireless technologies and working with other departments to consult on new installations of IoT devices. IT also recommends to "hardwire [IoT] devices first when and wherever possible," meaning when it's both economically and technologically possible.
The Internet of Things is here to stay, and it is about to grow into a far bigger and hungrier creature. The best way to feed it is to plan ahead rather than try to handle it after the fact. Of course, you don't have to feed it. The coming flood of IoT-capable products is due to the low cost of adding IoT capability to products rather than a demand for it, and Gartner predicts that "ghost" devices, IoT devices whose connectivity goes unused, will be common. In other words, just because your janitorial department buys a fleet of vacuum cleaners with IoT capability, doesn't mean you have to actually use that capability.