At global IoT Tech Expo Global 2023 yesterday (30th November) Karim Jaser of Vodafone told attendees of his talk how the telecom giant uses non-intrusive methods to monitor data and protect its customers that utilise its connectivity platform.
And there is no dearth of data, as Jaser tells the audience that Vodafone manage millions of SIMs, all producing huge quantities of data. Vodafone currently run the largest global IoT platform, offering a range of features for IoT device management and analysis.
But how is this data from devices managed, and how does it help Vodafone develop security? Jaser put the question to the audience.
“We’re doing analytics in a new way, we are using the data to monitor data,” Jaser said.
As mentioned above, Vodafone do not look at individual device data. Yet Using a combination of approaches, but summarised in a few points, Jaser explained Vodafone will see things like usage times, amounts, frequency and then use ML methods in the platform where the data comes into to identify what it sees is ‘abnormal behaviour’, ‘anomalies’, and ‘deviations from the baseline’.
Just by examining this, Vodafone can tell users if their device may have been hacked or even if the device is not working properly. This information learned from a breach or issue on a single company is then used in the collective canon of Vodafone to deploy should something similar happen to another of its customers.
Jaser told the audience of case studies they added to their arsenal following their experience with a customer. An automotive customer was worried that their cars were being sold on the second-hand market to sanctioned countries, which could result in them being penalised. Working with the customer, they managed to devise a way to mitigate these risks and see when assets crossed borders; a service their platform currently offers is compliance regulation, alerting when assets are outside a domain with limited roaming agreements past a certain time period.
This idea of providing a service without having to access a customer’s data is appealing due to the growing threat cybersecurity presents in the IoT sphere. If the provider views the data rather than just their data traffic or use, concerns about confidentiality, data integrity, and trust issues are doubled as if a potential information leakage, accidental or intentional data mishandling, and security breaches happen with the security provider, then they are also compromised. Also, allowing third-party access could lead to regulatory compliance challenges in industries with strict data privacy laws, further contributing to the hesitancy in sharing sensitive data with external security providers.
With 20% of global IoT connections being cellular, and with Vodafone being the biggest platform for this, then this standard of a hands-off approach, using data to monitor data, could become the standard way IoT connectivity providers offer add-ons to customers without asking for any additional data.