As more products become connected they are also exposed to potential ‘hacking’ attacks, fraud or misuse. Hence, as Stephen Bryant writes, improving privacy, integrity and security becomes a critical part of an M2M service deployment programme.
One of my favourite quotations is Henry David Thoreau’s, “Men have become the tools of their tools.” As a technologist and firm believer that technology can bring a multitude of benefits for businesses and consumers, I’m also a skeptic as more often than not product and service offerings are shaped around the often awkward mix of technology and suppliers, which comprise the key building blocks of many of our customers’ offerings.
In my view, it is the product or service offering that should shape how the technology is delivered. At Telenor Connexion we pride ourselves on customer service and the ability to help our customers get their offerings to market, and we’re now turning our eyes towards the total business case around security as an area where we can help our customers simplify their connectivity strategy and increase security levels.
The de facto M2M set-up for connectivity involves both a private APN and VPN for security which at present is viewed as a basic and uninteresting M2M hygiene factor. But we believe it is time to look past these as the primary means of securing connectivity, so that we can help customers turn security into a solution which helps them reduce their costs, allows for additional revenue channels and provides them with more flexibility in their overall connectivity strategy. And most importantly raises the level of security from the APN and VPN set-up provided by today’s technology. So how do we achieve these ambitious aspirations?
Protection from data dangers
Security as it is traditionally presented is a ‘must have’ hygiene factor to protect your data from the dangers that are lurking out there. Indeed, there have been a number of security-related incidents involving M2M devices – but from experience I don’t like to make decisions motivated purely by fear. I also want to reduce complexity, see savings where possible and have the security support the business going forward. To these ends we have introduced our embedded Security Enabled Communications (eSEC) service, which enables end-to-end encryption all the way from the M2M device through any connectivity channel to a security gateway. This is effectively ‘over the top’ of any communications technology and sees the need for APNs and VPNs removed.
We believe this is important as most business offering services using M2M have multiple connectivity providers and may also rely on tether devices such as smartphones. The operational overhead and costs for these various security methods is then reduced by using a single end-to-end encryption solution. And by reducing the complexity of a number of security setups the overall security level is increased.
Stephen Bryant, CTO of Telenor Connexion
Stephen Bryant has worked with Telenor Connexion since 2010. He is responsible for Telenor Connexion’s technology and operations including customer service. Stephen worked for over 10 years across the Occident delivering large scale IT and Telecoms solutions in many verticals whilst working for systems integrators such as Logica, Fujitsu Services and BearingPoint – solutions including Telenor Connexion’s M2M platform.
Secure Walled Garden
Having an end-to-end security solution also means a Walled Garden where content, applications, payments and other services can securely be made available to open new revenue possibilities.
To accomplish this there are four key criteria – banking grade security, lightweight encryption methods, open roadmap and manageability. All are addressed in the eSEC service. We use accepted and internationally recognised encryption suites and methods, which only add a few bytes of overhead to every packet. We provide a managed service and support products which have a supported and maintained roadmap.
Moreover, the eSEC services are not limited to use with Telenor Connexion’s SIM or connectivity, meaning all IP and SMS connectivity can be secured regardless of supplier of connectivity channel. As important as the technology, we provide a full managed security service providing alarms, reporting and 24/7 surveillance and service desk that is ready to act!
This holistic approach of achieving end-to-end security in M2M solutions helps customers reduce complexity, increase security and simplify M2M.