Speak to the right people and Africa is about much more than just the digital divide

Yesteryear’s conversation in Africa was all about balancing the commercial realities of bridging the digital divide, but this year’s AfricaCom has showcased the bigger ambitions of South Africa.

Perhaps we haven’t been giving the right people the podium in the past, but the conversation in Africa has always been focused on the same thing. How do you deliver connectivity to the masses on a continent which has significantly lower ARPU than more developed regions? While this is still a priority, this year’s AfricaCom conference is demonstrating there are bigger ambitions than simply enhancing coverage.

Yesterday we heard MTN’s ambitions to create a more agile organization which operates in the OTT space and can be branded as a digital services beast, and this morning’s presentations had a smart city twist. It might seem odd that we’re discussing such advanced ideas when basic connectivity is an issue, but why not? If Africa is going to compete in the digital era these conversations need to happen now, and these individuals need to be given their time in the limelight. The smart city segment in South Africa is an excellent example.

Looking at Cape Town, Omeshnee Naidoo, the city’s Director of Information Systems, told the audience the city has a fibre spine 1000km long but the project is still at the starting gate. The infrastructure rollout is set to finish in 2021, while the team has recently signed a memorandum of understanding with Google to provide public wifi. The next step is figuring out how the initiative can now incorporate the citizens.

Johannesburg is in a similar position. Lawrence Boya, the smart city Director, said the city also has a fibre spine 1000km long, and currently more than 1500 public wifi spots. The challenge now is optimising the infrastructure and making sure government services are making use of the assets not going down the private route. Boya also highlighted the team are trying to figure out how to take the concept of smart cities down to a personal level for the citizens.

In both of these examples, steady progress is being made and the idea of the smart city might not be that far away. More government help is needed, both from a policy side as Boya highlighted South Africa currently lacks the framework to make smart cities sustainable, but also collaboration. Naidoo suggested public sector across the board in South Africa is far too siloed. To be fair to some local governments however, data sets have been opened up to the general public, providing the fuel for these new ideas.

It shouldn’t come as a surprise to be honest, but perhaps we are guilty of pigeon holing Africa. Too many people, and admittedly Telecoms.com does this too often, suggest the only challenges in Africa are focused on expanding the connectivity footprint. This is patronising and ignores the excellent work which is happening further up the stack. It’s not the case that these initiatives are difficult to find, but maybe we need to give them more airtime instead of taking the easy ‘Africa needs to improve connectivity’ angle.

Orange hits green button on LTE-M network

Orange has unveiled its Long Term Evolution for Machines (LTE-M) network in France, with plans to launch in Spain and Romania by the end of the year.

Having launched its first LTE-M network in Belgium in May 2018, the French deployment will enable Orange to build new products and services in anticipation of boomtime in the IoT market. Technology will be deployed in each market dependent on the demand for particular services.

Orange will now begin offering services to all enterprise customers who have subscribed to the Orange full IOT offering, focusing particularly on logistical monitoring, telemonitoring, remote assistance and fleet management. The move underpins Orange’s efforts to diversify its core business, with the ‘connected economy’ high up on the list.

With France and Belgium up and running, plans to open up new networks in Spain and Romania, and other tests running throughout Europe, a pan-European offering does offer Orange an edge in the enterprise IOT game. Looking at the enterprise side of Orange, this is certainly an area which has been given attention in recent months.

Back in August, the cloud armoury was given a shot in the arm with the acquisition of  infrastructure and critical application services company Basefarm for €350 million. Alongside the additional skills, with a presence in Norway, Sweden, the Netherlands, Austria and Germany, the pan-European ambitions are being met.

O2 bags Midlands driverless gig

O2 has announced a partnership with Wireless Infrastructure Group (WIG) to deliver connectivity for driverless vehicle test bed trials in the West Midlands.

With the UK government foolishly promising driverless cars will be on the roads by 2021, this is one of a number of trials located in the Midlands to make the wayward ambition a reality. As part of the agreement, O2 claims it will deliver Europe’s largest fibre connected small cell network along a 50-mile route that runs through Birmingham and Coventry.

“Following our successful deployment of the UK’s first centralised radio network (C-RAN) in Aberdeen, in partnership with WIG, we will be using this same cutting-edge technology across what we expect to be Europe’s largest fibre connected small cell network,” said Brendan O’Reilly, CTO at O2. “Mobile powers our modern world and 5G has even more potential to move Britain forward which is why we’re excited to be working together with WIG to continue to build this technology into the fabric of our cities and communities.”

“We are delighted to be working with O2 and WIG to test autonomous vehicles on roads here in the West Midlands,” said Andy Street, Mayor of the West Midlands. “As the heart of the UK’s future mobility research and development, and the UK’s first region-wide 5G testbed, the West Midlands is well-positioned to create thousands of new jobs in the industries of the future.”

With the UK desperate to prove it is at the forefront of the technology world, the UK government has promised driverless cars will be commercially available by 2021, a laughable ambition when you think of the work, both from a technological and administrative perspective, which will have to be done ahead of this point. The Midlands is certainly a beneficiary here, as the region has been attempted to create a regionalised technology hub around electric and driverless vehicles.

We’re sceptical driverless cars will be anywhere near a reality in the near future, though at least it is another usecase for 5G ROI.

The iStore is a perfect example of how we can make money – Vodafone

Many around the world will use Apple as a benchmark of how to successfully engage the digitally native consumer, though it’s the development of the iStore ecosystem which can be used as a model for the telcos.

Speaking at Light Reading’s Software Defined Operations and the Autonomous Network event in London, Atul Purohit from Vodafone Group pointed towards the slow-burning and long-term investments made in creating the app store as the way to make money in the digital economy. This is ultimately one question which will frustrate a lot of telcos, how will the vast expenses on 5G be recaptured over the next decade?

With 5G, MEC and IoT trends starting to make more concrete impacts on the real world, Purohit suggested a platform model should be built these technologies, with the telcos forming the centre of the ecosystem. This is not the blockbuster cash generator, a silver bullet to recoup lost billions, which some investors might want, but it is a sensible, sustainable business model. In fact, you can already see the benefits today.

Apple’s iStore and Google’s Play Store are excellent examples of careful development of an ecosystem and the rewards which can be realised when a segment matures, but the smart home is another. Most would have presumed the telco would be an excellent focal point for the smart home ecosystem, primarily because the router is already an accepted fixture in the living room, though the likes of Amazon and Google has imposed the smart speaker in its place.

This is an example of inaction than anything else, as the proactive internet giants wrestled the focus of the smart home away from the router and the cumbersome telcos, and onto the speaker. Services and products are being built around the smart speaker, and the financial rewards will be claimed by Amazon and Google. With personalised experienced and IoT trends of tomorrow, the telco still has an opportunity to stake its claim to be the focal point of these ecosystems.

This is a business model which will mature over time, requiring long-term investment and patience above all else, though it is a model proven successful time after time.

5G – more than just a RAN on steroids

The metamorphosis currently underway in the communications networking industry is unprecedented, and while for some the evolution to a 5G world is akin to a caterpillar transforming into a butterfly, others are worried it will turn a functioning (but flawed) industry into something more frightening.

Of course, we don’t know how 5G is going to turn out. What we do know, though, is that it’s about much more than some souped-up new devices and a radio access network (RAN) on steroids. And while we are witnessing an increasing number of claims about 5G service ‘firsts’ in the industry, these initial launches are only scratching the surface of what is possible and, importantly, are basing their claims on the deployment of a limited number of next generation networking elements.

And that’s fine for 2018 and 2019 – it’s understandable that for some competitive and marketing reasons, being first with a 5G offer can be important. But what about in 10 years’ time? What technology and operational process advances will be needed to fulfil the full potential of 5G?

In our view, a successful 5G strategy will require network operators to address, in some way, a very broad range of technologies and processes, all of which will play a critical role in enabling them to capitalize on the full potential that a 5G deployment will offer.

All of these are pieces in the Big 5G Picture jigsaw puzzle: Miss, or dismiss, any of the 20 elements, many of which are interdependent, and the picture will be incomplete and opportunities lost. Deploy them together and there just might be something for 5G business case doubters to chew on.

What are these 20 elements? (And yes, that’s a suspiciously round number…)

We’re talking about the likes of SDN and NFV, “anyhaul” transport, edge computing, AI/analytics, IoT and C-V2X platforms and more, as well as the 5G radio access network (RAN), 5G core and devices. Here’s what our 5G Big Picture looks like:

5G puzzle image 1

And with each of these elements ultimately playing a critical role in full 5G deployments, that, in turn, is creating new opportunities for (and threats to) the thousands of companies that are aiming to become the technology and professional services partners for the world’s communications network operators.

Many vendors have already shifted to a 5G-oriented strategy, one that positions them to fulfill the needs of operators in relation to one or more of the puzzle pieces: Explaining to the market, staff, partners and investors their role in 5G, and why that’s important, is not so easy when there is often such a myopic view about what 5G is and what it ultimately entails.

So what are we trying to achieve with this presentation of the 5G Big Picture? It’s not an attempt to explain everything about the underlying technologies or dig deep into standards developments or software code — instead we’re trying to provide a relatively simple view of how important 5G is to so many industry developments.

And to be clear — this is just about the underlying technology elements and supporting processes that will make 5G services and applications possible: It’s not an attempt to identify the resulting services themselves. That’s why there’s no reference to gigabit broadband, interactive gaming, automated industrial robotics or remote surgery — this is all about the underlying and supporting tech.

It’s also very broad-brush — that’s why there’s no reference to specific virtual networking functions or to network slicing: these are capabilities enabled by the underlying technologies and supporting processes.

Before we get to the list of elements and provide a brief word about each of them, it’s worth taking a quick look at the underlying reasons why each of these elements is an important part of the 5G Big Picture.

To enhanced Mobile Broadband (eMBB) and beyond!

The 5G noise has been building to an almost deafening crescendo for several years and we’re about to hit the first phase of significant service launches in major markets.

The first year (or even first few years) will be a public relations battle, but the early action will largely revolve around the delivery of enhanced Mobile Broadband (eMBB), which in itself will be a step forward and, in fixed wireless scenarios, likely to shake up the broadband services market in general. In time it will also enable emerging services such as augmented and virtual reality (AR/VR) and 8K video to mobile devices — and that will be a significant challenge in itself.

Such services require, at the very minimum, network upgrades in the radio access network (RAN) and supporting “anyhaul” (fronthaul and backhaul) packet and optical transport networks that carry video and data traffic to and from end-user devices. These launches do not require a full 5G Big Picture deployment.

But enhanced Mobile Broadband is just one of the now familiar three points of the 5G services triangle, a version of which you can see below.

5G puzzle image 2

Moving anticlockwise from eMBB we have the massive Machine Type Communications (mMTC) that will be enabled by an extensive Internet of Things (IoT). All those billions of devices — 20 billion by 2023, according to a forecast from Ericsson — will need to be managed and while some of them will require very little in the way of data traffic flows, either to or from, some will put strain on networks, especially once high-resolution streaming video surveillance cameras become the norm in smart cities. These mMTC applications will require a significant number, but not the full suite, of elements.

But the major challenges come down the line when autonomous vehicles are let loose on the roads, and when the range of services dubbed Ultra Reliable Low Latency Communications (URLLC) — aka “Critical Communications” — including industrial robot automation and remote surgery are launched: That’s when all the puzzle pieces need to be in place.

So let’s take a look at the 5G Big Picture piece by piece…

  • 5G Radio Access Network: There isn’t going to be much happening in the 5G world without next-generation radio access network deployments and the early 3GPP specs are out… this is the element that defines most references to 5G and will continue to do so.
  • 5G core: The intelligent heart of the 5G network that will allow capabilities such as network slicing.
  • 5G devices: Coming soon! And more than just smartphones of course — end-user devices could be just about anything you can fit a 5G chip into.
  • AI/next-gen analytics: Vast volumes of data will need to be sorted and analyzed, at the edge of the network as well as in central repositories, for advanced business and consumer services, particularly the Ultra Reliable Low Latency Communications (URLLC) services, to be delivered. Machine-learning tools will underpin automated network management and operational processes: Manual processes will not be able to keep pace with requirements.
  • NFV: To enable to rapid implementation/instantiation of services, 5G networks will be cloud-native NFV infrastructure (NFVi) architectures hosting virtual network functions (VNFs).
  • SDN: Software-defined networking will be required to efficiently and effectively control the network and service delivery platform resources used to deliver services over the telco cloud and provide customers with control of the services they use.
  • Next-gen network security: Manual network security processes will be pointless in a full 5G deployment — machine learning-enabled security systems will pre-empt and mitigate all manner of security threats across the distributed 5G network landscape.
  • Identity management/authentication: A scalable approach to identity management and authentication, including the ability to support information exchange between distributed databases, will be needed to support services across billions of devices and multiple network slices without overloading the signaling infrastructure.
  • ‘Anyhaul’ transport: The data traffic volumes and disaggregated nature of 5G radio access networks will require high-capacity, low-latency fronthaul (links from remote radios to baseband processing pools) and backhaul connectivity (links from access aggregation points to the metro network). Collectively, fronthaul and backhaul is referred to as “anyhaul.”
  • Edge computing: The latency requirements of many services running over 5G can only be met by the deployment of a distributed cloud architecture, including the deployment of compute and storage resources at the network edge — at cell tower and basestation sites, in revamped central offices, and even in time at the “street furniture” level. What a great term that is — street furniture…
  • 4K/8K video delivery platform: High-definition video will need to be delivered and managed as part of 5G service offerings, so the appropriate video infrastructure will be required.
  • 5G test and measurement tools: Neither the vendors nor operators will get too far without being able to test and verify their new 5G systems and services, making these tools essential.
  • IoT platform: Dedicated IoT platforms will be needed to manage and monitor the billions of devices that will be connected in a 5G world.
  • C-V2X system: Cellular Vehicle-to-Everything (C-V2X) is a dedicated cellular specification designed to connect vehicles to each other and anything else that’s relevant, so it looks to be an essential component of advanced 5G service deployments.
  • Distributed ledger technology/blockchain: Blockchain technology is looking increasingly likely to play a role, alongside and supporting traditional databases, in helping to manage and secure transactions and identities once 5G is fully deployed.
  • Next-gen BSS: Cloud-native business support systems with APIs to network and service controllers will be required to “monetize” and provide customer experience management for the broad array of cloud-based 5G services.
  • Next-gen OSS: Silos of legacy operations support systems (OSS) are not going to cut it in a 5G world — like the BSS systems, cloud-based management tools will be required.
  • Cloud-native development: There is a growing realization among network operators that DevOps processes, including Continuous Integration/Continuous Delivery (CI/CD), will need to be adopted to ensure service support and delivery once the 5G telco cloud is deployed, so the massive cultural shift required is already underway at many operators.
  • Process automation: Without automated processes, whether in the back office or at the front line, service providers will lack the speed and efficiency needed to survive in a 5G world. The shift towards automation will be slow but continuous as operators find the processes they can identify and break down into piece parts that can be replicated in code — and operators are already finding that placing their trust in machines rather than humans can deliver improved results.
  • Great coffee: Yeah, we went there. The evolution to a fully functioning 5G network with all its bells and whistles is going to be a gargantuan task, one that cannot be undertaken without a ready supply of top-class roasted Arabica and Robusta and that, of course, requires the use of some dedicated hardware that absolutely cannot be hosted in the cloud…

5G puzzle image 3

So, that’s a brief run-down of the 5G Big Picture elements. Telecoms.com will be reporting on the development and deployment of all these, and no doubt more, in the months and years to come.

— Ray Le Maistre, Editor-in-Chief, Light Reading, for Telecoms.com

Share price drops for both Amazon and Google after quarterlies

Despite reporting quarterly numbers most companies would kill for Amazon and Alphabet share prices dropped by 8.6% and 5% respectively due to investor disappointment.

More than anything else it shows the high demands of investors but also the confidence which is being placed in the internet giants. With Amazon reporting a revenue increase of 29% to $56.6 billion for the quarter, while Google parent company Alphabet reported $33.7 billion, up 21%, the expectations are certainly high.

Starting with Amazon, the revenue increase of 29% paled in comparison to the more than 10X lift in net income to $2.9 billion. While this would be a regular cash bonanza for most companies around the world, sales guidance between $66.5 billion and $72.5 billion for final quarter were lower than what the market wanted to hear. The more coy guidance for Amazon’s busiest quarter resulted in the 8.6% drop, after confidence during the day sent stock up 7%.

In Google’s HQ the story was slightly different. Revenues of $33.7 billion, up 21%, and net income of $9.1 billion, compared to $6.7 billion in 2017. Shares were down 5%, following a 4.4% rise across the day, after sales figures did not hit the expected heights. The last three months have been a tough period for investors to swallow with various scandals dropping share price by 8.8% over the last three months.

Of course, it wasn’t all bad news. The cloud unit for both businesses is continuing to rack up revenues with AWS up 45% to $6.7 billion across the quarter and Google’s other revenues segment, which features cloud up 29% to $4.6 billion. Encouragingly for both, Gartner estimates the worldwide public cloud services market is projected to grow 17% percent in 2019 to total $206.2 billion, up from $175.8 billion in 2018. IaaS is set to get the largest boost, forecast to grow 27.6% in 2019 to reach $39.5 billion. With so many businesses around the world citing a cloud-first approach, it’s amazing to think only 10% of workloads have been moved into the cloud.

The relatively new venture into the world of smart speakers and virtual assistants is proving to be a continued success story as well. For Amazon, the number of Alexa-compatible smart home devices has quintupled to more than 20,000 devices from 3,500, while the team have also started to launch new products such as a smart home security solution (Alexa Guard), and Alexa is expanding what it can give updates on as well, such sports with predictions, live streams, cooking instructions and maths homework. For Google. the Assistant has expanded to 20 languages and 76 countries, while the devices with screens will help YouTube business, which is attempting to blend in more direct response adverts as well as branding to its proposition.

There will of course be short-term wins for the pair in this space, but this is a long-term bet. Once the idea has been adopted by the mass market, the opportunities to make money through third-party relationships will be quite remarkable. Search revenues can be moved into the voice domain (effectively anywhere) and look how profitable search has been for Google. This is only one way to make money, but both Amazon and Google are putting themselves in a remarkably strong position for the future.

Both businesses might have suffered in the last 24 hours but they are still in incredibly dominant positions. The cloud units still have incredible growth potential, while the smart speaker ecosystem is starting to become a reality. For Google, the is delivering amazing profitability but sales growth does seem to be slowing slightly. Amazon is delivering on the North American market but the business is not as effective on the international scene, posting a loss of $385 million.

There are issues, but these are nothing compared to the billions being raked in and the growth potential in new, lucrative markets.

BBWF 2018: Open data is the key to nailing smart cities

In an entertaining session at Broadband World Forum, a common theme emerged; open data, which is a key component of any successful smart city programme.

The format was an interesting one. Four smart cities were given seven minutes to explain their proposition, and then three minutes to answer questions. Featured were Milan, Athens, Helsinki and Amsterdam, though thanks to your correspondent getting lost on the show floor, the Amsterdam pitch was missed and will not get the attention it deserves. That said, the common theme throughout was open data.

Starting in Milan, data is being used to create a hub of intrigue for start-ups. There isn’t necessarily a focus on segment or vertical, more a top-line ambition to create jobs and value for the economy. As part of the initiative, more than 300 data sets have been made available for citizens and businesses to create new applications and services. Looking at the numbers, the scheme should be deemed a success.

There are currently 1600 start-ups based in the city, out of the total of roughly 8000 across the whole of Italy. 10,000 people are directly employed (or own) start-ups, 80% of which survive the first two years of operation, the most dangerous time for any business. These are certainly promising numbers.

In Helsinki the message is the same. The Mayor has an ambition to create the world’s ‘most functional city’ through digital, with tourism a key factor. Part of this story is opening data up to the community and local businesses to create value.

Finally, over in Athens, open data has been used in a different way. Thanks to financial difficulties in Greece, governments are not trusted. This makes it incredibly difficult to launch new schemes, though by opening up data to the general public and businesses, Konstantinos Champidis, the Chief Digital Officer for Athens, said the team are regaining credibility. The aim here is not only to try and help those citizens create something new, but develop a culture of transparency to regain the trust.

Trust is a key element in these smart cities strategies, as while open data does fuel innovation, the data has to be sourced in the first place. Should citizens not be open to having information about them or their activities collecting and analysed, the whole concept of the data economy runs dry.

We’re sure the presentation from the city of Amsterdam was equally as interesting as the three we saw, but the theme was plainly clear here; open data is a critical component of the smart cities mix.

BBWF 2018: Autonomous cars are progressing, but still a lot of work to do

Predicting when self-driving cars will hit the streets is turning into a real-life version of roulette, which is always a worrying sign.

Last year, UK Chancellor of the Exchequer Philip Hammond set out his bold ambitions; autonomous vehicles to be on UK streets by 2021. If you listen to those testing out the solutions across the world, this is certainly achievable. But then again, there are always the neigh-sayers.

At Broadband World Forum in Berlin, Alexandros Kaloxylos, Assistant Professor at University of the Peloponnese, was one of those who poured a little bit of water on the ambitious fires of progress. From Kaloxylos’ perspective, there is still a lot of work which needs to be done on developing network slicing for autonomous vehicles, and also on the roaming side of things as well.

Looking first at the network slicing, this is an important aspect of the technology as these are applications which are safety orientated. Cars can hurt people, which is why network slicing becomes paramount. Having a ‘dedicated network’ to facilitate the communications of these vehicles is an important step towards the realisation of this dream.

This in itself is a problem, as Kaloxylos pointed out the specific V2X (vehicle-to-everything) usecase for network slicing has not been discussed or examined closely enough. This is a different type of usecase and cannot be bundled together with the rest of the exciting applications. Remote surgery is another excellent example of a usecase which needs network slicing, but the operating theatre does not move, vehicles will, and they will very quickly. The industry has addressed this challenge yet.

The second challenge which was highlighted during the session is roaming. If an autonomous vehicle moves from Germany to Switzerland for instance, or from one network to another, will the handover be efficient? As it stands, this handover can take up to seven seconds. When 20 m/s latency has been targeted for the successful implementation of autonomous vehicles, this is clearly not good enough.

Some might be excited about autonomous vehicles, but it is worth getting a reality check every now and then.

Intel takes the autonomous euphoria to the seas

Self-driving cars might not be with us for decades, but that hasn’t stopped Intel from partnering Rolls-Royce to take the autonomous trends to the high-seas.

The new partnership between the pair will combine the engineering know-how of Rolls-Royce and Intel’s AI smarts to create autonomous ships. With 90% of world trade is carried out by international shipping we’re surprised this idea hasn’t be raised earlier.

“We’re delighted to sign this agreement with Intel, and look forward to working together on developing exciting new technologies and products, which will play a big part in enabling the safe operation of autonomous ships,” said Kevin Daffey, Director, Engineering & Technology and Ship Intelligence at Rolls Royce. “This collaboration can help us to support ship owners in the automation of their navigation and operations, reducing the opportunity for human error and allowing crews to focus on more valuable tasks.”

“Delivering these systems is all about processing, moving and storing huge volumes of data, and that is where Intel comes in,” said Lisa Spelman, GM of Xeon Products at Intel. “Rolls-Royce is a key driver of innovation in the shipping industry and together we are creating the foundation for safe shipping operations around the world.”

While it might still be decades before autonomous vehicles hit the roads in any notable fashion, the seas and oceans seem a perfect environment for the autonomous technology. Not only do the ships rarely have to content with human beings crossing their paths, the dangers of shipping and the premeditated natures of shipping routes seem to make it a simpler task. We’re sure we are completely underestimating the complexities of the operations, but the biggest challenge for self-driving cars will be dealing with human operated vehicles and pedestrians; humans are unpredictable.

In terms of how the technology will work, the ships will have dedicated Xeon Gold servers onboard, turning them into floating data centres with heavy computation and AI inference capabilities. Unlike cars, these are vehicles which do not have to worry as much about being weight and space efficient so the compute problem becomes simpler. Rolls Royce’s Intelligent Awareness System uses AI-powered sensor fusion and decision making to provide situational awareness to the vessels, improving safety and allowing the ships to detect objects several kilometres away, while the data collected by the vessels will be stored using Intel’ 3D NAND SSDs, acting as a ‘black box’ in case of an accident.

UK Gov makes bold steps to tackle long-ignored security problem

The Department for Digital, Culture, Media and Sport (DCMS) and the National Cyber Security Centre (NCSC) have jointly released new guidelines for the manufacture of smart devices, intended to build security into the foundations.

The issue of digital security is one which has been long-running and frequently brushed aside. While it is now generally accepted 100% secure is an impossible ambition, embedding security into the building blocks of every product or service is a way to mitigate as much risk as possible. This idea has also been aired numerous times, with little apparent action, though new Code of Practice aims to correct this oversight.

“From smartwatches to children’s toys, internet-connected devices have positively impacted our lives but it is crucial they have the best possible security to keep us safe from invasions of privacy or cyber-attacks,” said Minister for Digital, Margot James. “The UK is taking the lead globally on product safety and shifting the burden away from consumers having to secure their devices.”

“With the amount of connected devices we all use expanding, this world-leading Code of Practice couldn’t come at a more important time,” said Ian Levy, the NCSC’s Technical Director. “The NCSC is committed to empowering consumers to make informed decisions about security whether they’re buying a smartwatch, kettle or doll. We want retailers to only stock internet-connected devices that meet these principles, so that UK consumers can trust that the technology they bring into their homes will be properly supported throughout its lifetime.”

As it stands, the digital world is not secure. Innovation is progressing at an exciting speed, though advancements in security or even investments in security departments and products, are not keeping pace. The world is currently sleep-walking into a digital environment tailor made for hackers and other nefarious actors to thrive in. These individuals might be in the vast minority, but that does not make the threat any less real.

The new guidelines are as follows:

  1. No default passwords
  2. Implement a vulnerability disclosure policy
  3. Keep software updated
  4. Securely store credentials and security-sensitive data
  5. Communicate securely
  6. Minimise exposed attack surfaces
  7. Ensure software integrity
  8. Ensure that personal data is protected
  9. Make systems resilient to outages
  10. Monitor system telemetry data
  11. Make it easy for users to delete personal data
  12. Make installation and maintenance of devices easy
  13. Validate input data

Should the UK Government and the NCSC be able to nudge manufacturers into maintaining these principles, protections will certainly increase. This is not to say everything will be rosy, but by ensuring security is more than an afterthought in the design and manufacturing process, the right foundations are set.

“This government initiative is exactly what many in the industry have been craving for years,” said John Smith of CA Veracode. “Manufacturers have not really felt any market pressure to improve the security of these devices because consumers still have a lack of understanding of the security implications of IoT devices. Providing concrete guidance to manufacturers while also raising public awareness of these issues can only help address the gap that currently exists. It’s not just about the hardware anymore, it’s about the software behind it, and it’s really encouraging to see that the UK government wake up to the potential vulnerabilities in consumer IoT devices.”

These ideas are not new, more it is promising to see proactive action from the Government. Security experts have long discussed the merit of building security into the foundations of products, for example, Rik Ferguson of Trend Micro has previously suggested an official badge or certification for products which have been designed with the right security protocols and concepts in mind, similar to batteries. People don’t need to know the process of achieving the validation, but a properly audited process can provide peace of mind for the consumer.

However, it is critical the process is embraced by the majority and soon becomes an industry standard. Energy company Centrica has become one of the first to embrace the guidelines with its Hive smart energy devices, while HPE has also committed. This is a good start, and potentially sets the ball rolling for a process which is more official. Right now, the Code of Practice is voluntary.

Security has long been an ignored issue in the industry, mainly because it is incredibly difficult to deal with. If companies were honest with consumers about the threats of the digital economy, many would be turned off from taking more of their lives online. At least there is some positive action to addressing the significant problem of cybersecurity.