Working Blindly – The Challenges of Managing Encrypted Mobile Network Data and How Service Providers Can Overcome Them
28 SEPTEMBER 2017
Mobile networks in Latin and North America have seen encrypted over-the-top (OTT) data traffic reach 60%, and some networks will see that rise to 80% this year. Why the rush to encrypt? Encryption provides an added layer of security and privacy by scrambling data sent over network connections, hiding information from other people, while still allowing computers at the other end to properly decipher the messages. The large social network sites, applications and video providers are moving in this direction.
All Good – in Theory
This seems like a win-win all around, right? Unfortunately, along with the benefits of added security and privacy, there are actual drawbacks to mobile data encryption that are often left out of the conversation. Drawbacks that impact both the service provider, and the customer.
Although most network operators are reluctant to admit it, the ability to ‘see’ what is traveling across their networks provides valuable information. While many consumers and privacy advocates think mobile operators just want this insight to sell the information or use it as a marketing tool, the reality is that operators need to know what is traveling across their networks for a more basic reason – to provide quality service.
Imagine if you were put in the middle of Times Square to direct traffic with a blind-fold on. While you would be able to tell from your other senses that there was traffic all around you, you wouldn’t know who needed to turn right, who needed to turn left, which trucks required a larger lane, where the pedestrian and bike traffic was coming from, what the traffic signals were saying, and so on. The flow of traffic would quickly become inefficient, to say the least. And while people might eventually get to where they are going, the quality of their trip would be significantly impacted. They might even arrive a little banged up. The same is true for content traveling on mobile networks.
The Impact of ‘Going Dark’
When networks ‘go dark’, every bit of encrypted data crossing the network looks the same. Why does this matter? This means service providers cannot inspect, protect, prioritize, optimize or load-balance traffic effectively. To put it simply, the video you watch on your phone screen may have been modified to a lower bit-rate suited to network conditions, or compressed so your device can support it. But if the data is encrypted, chances are this isn’t happening. In other words, the normal processes service providers take to manage content are rendered unworkable, and that’s a problem for three reasons:
- Poor Customer Experience: It negatively impacts the level of service quality the end customer receives. Videos buffer for too long, IP voice calls are jittery, web pages won’t load…
- Inability to Optimize Networks: It makes it difficult for service providers to effectively plan for the future, if they can’t see the services they are delivering today.
Misplaced Blame: Customers typically blame the service provider – not the app or content provider – for poor performance.
With the increase in data encryption, OTT app and content providers are making it nearly impossible for network providers to do their job well, which is to be the trusted provider of quality communication services and content. With the rise of critical IoT services that require guaranteed connectivity and enforceable SLA’s, this arrangement becomes a bit frightening. While we all want to ensure our connected cars can’t be hacked, we also want to be sure someone downloading Game of Thrones isn’t getting the bandwidth needed to avoid an accident with the car in the next lane.
HTTP 2.0 and Google’s SPDY (speedy) protocol are industry standards that are meant to provide a better, more secure service between the content provider to the end customer – but it doesn’t consider the network. I’m sorry, but would you start a long road trip without giving any thought to how your journey might be impacted by traffic, weather, construction or the amount of gas in your tank? In the mobile network, you have different needs, and network service providers need to be able optimize traffic based on the current state of their available resources. To do this effectively, they need to be part of the discussion.
While meaning well, by encrypting your apps and data, these OTT providers have effectively put the blindfold on the traffic cop in Times Square.
While encryption does have its benefits, the downsides outlined in this paper have become increasingly apparent. With the use of encryption growing rapidly, how can service providers embrace this trend and yet run their business and services effectively?
Instead of taking the network completely ‘dark’, the industry has developed tools that let in just enough information to allow service providers to run their networks more effectively, while keeping data encrypted. To ‘peek out’ through the blindfold, so to speak. Just enough so that privacy and security concerns aren’t compromised while service providers gain insight into what is coming across their network. With this method, service providers can’t tell what video you are watching, just that you are watching a video… or using a messaging app… or driving your connected car… or having a Skype call. Critical knowledge that will allow them to manage network traffic more effectively and deliver a better experience to their customers, all while keeping the data encryption layer intact.
Staying INsync with the Network
At TEOCO, our INsync software solution deployed at a North America Tier 1 operator does just that. Helping service providers to better understand the trends & impact that encrypted data has on their networks and their subscribers. Fundamentally built on the premise that 100% of the traffic will be encrypted, INsync leverages state-of-the-art, advanced heuristics and machine learning to detect apps that utilize encrypted flows, so that service level objectives can be enforced and quality can be ensured. It monitors, diagnoses, predicts and protects networks, providing real-time insight, performing root cause analysis and trouble-shooting to isolate issues across network vs. content provider vs device vs location dimensions.
INsync supports mobile (2G,3G, LTE, LTE-A, 5G), Wi-Fi, video and fixed line services across the same analytics platform for all stakeholders, using advanced analysis with machine learning, anomaly detection, proactive notifications, auto discovery, MOS and forecasting for delivering actionable intelligence to enable service providers around the globe do more with less CAPEX and OPEX.
INsync utilizes powerful analytics to answers critical business and operational questions that are not possible with legacy tools and traditional big data solutions. Besides providing actionable intelligence to better manage ever-increasing network complexity, INsync also enables customer care and monetization functions.
For more information on how we can help you stay more INsync with your network in the age of encryption, and to learn how this solution can answer today’s (and tomorrow’s) questions around Video, VoLTE, IOT and Over-the-Top application traffic, visit www.teoco.com.