Category: Access Control

If you’ve read part one, you’ll know that there’s a persistent problem with passwords. Despite the continued warnings, data breaches and endless guidance – weak and easily hackable passwords still guard a sobering number of online accounts and identities. Past experience tells us this is unlikely to change.

If we journey back to 2004, at the RSA Conference, Bill Gates predicted the death of the password stating: “There is no doubt that over time, people are going to rely less and less on passwords. People use the same password on different systems, they write them down and they just don’t meet the challenge for anything you really want to secure.”

18 years on and we’re still at the stage where passwords are the dominant means of securing digital identities. With cyber-attacks and data breaches increasing in frequency, and cybercriminals becoming increasingly sophisticated – it’s vital that we head towards a password-less future.

The good news is this isn’t a futuristic pipe dream, but the technology is already there to make this happen – and there are already some good examples in use already.

Digital IDs gives consumers control and convenience

As discussed in our previous blog, it’s highly likely that that average consumer has passwords in the hundreds. These passwords will guard anything from their Netflix account, through to their online banking – and while the security risks are very real, so is the temptation to use easy to remember phrases. In today’s digital age we all value privacy and control – but also convenience and efficiency.

Thankfully, the rise of Digital IDs mean that consumers get this level of control over their digital identities, all through one single point of access. At the same time, it provides authorities with the opportunity to create companions for physical identity documents that are straightforward to issue, manage and verify, delivering a powerful tool to fight ID fraud, reduce red tape and boost efficiency.

Across the globe, digital identification is increasingly becoming more mainstream, with new measures constantly coming to fruition to make this the norm. For example, if we look to the EU we have the introduction of the latest legislation on European Digital Identity – eIDAS2. The eIDAS2 means that by September 2023, each EU Member State must make a digital ‘wallet’ available to every citizen who wants one. Service providers in both public and private sector organisations, such as banks and telcos, will have to accept it as proof of ID.

This acceleration isn’t just taking place in  the EU – just earlier on this month the UK government proposed legislation to secure digital identify, even creating a  the Office for Digital Identities and Attributes.

Bolstering security with behavioural biometrics

Most of us have become accustomed to using biometrics in some form in recent years, with facial recognition, or fingerprint readers becoming increasingly prevalent on most smartphones today. In many instances, these biometrics can also be used to verify purchases.

The virtues of biometrics as opposed to text-based passwords are well accepted – and recent advances in this technology means that we can look beyond fingerprint and facial recognition to an approach based on each individuals’ unique characteristics.

Behavioural biometrics is an innovative approach to user authentication and can identify a user (or an imposter) based on a set of unique patterns, from the way someone moves a mouse, the way they type on a keyboard, or the time spent on an activity. These traits are also reinforced with device-based indicators such as IP addresses and geo-location data.

Risk assessment rules can then be applied to each transaction, ensuring that an appropriate authentication level is always actioned. For example, a low-value purchase made by a consumer near their home can be processed instantly. But, if a high-value purchase is attempted, not in keeping with that user’s normal behaviour the the transaction can be blocked, or additional authentication is requested. ​

The business case for a password free future

Our recent Data Threat Report found that nearly a third of businesses across the globe have experienced a data breach in the last 12 months. More often than not, the weakest link in the security chain is the employee, through often small but harmful mistakes – such as an easy to guess password. In this post-pandemic, the new normal of hybrid working also opens up a new host of cyber security challenges.

Considering this new normal, organisations should consider adopting access management solutions such as password-less verification which identifies users through other methods such as an IP address or multi-factor authentication. This will overcome the inherent vulnerabilities of text-based passwords, while improving levels of assurance and convenience.

In conjunction with this, adoption of a Zero Trust model, based on the principle “Never Trust, Always Verify”, requires employees to only access data they’re authorised to do so, while ensuring they verify who they are each time they require access.

Heading towards a password-free future

Throughout this two-part blog series, we have highlighted the various problems with passwords – but not without solutions. The technology is here, and already in use to help us do away with them for good.

But that said, in the meantime – please don’t use 123456, qwerty, password or 654321 to guard any of your online accounts!

Click here to read part one

The post World Password Day: Why we need a password-less future appeared first on Cybersecurity Insiders.

This April 22^nd marks the 42^nd annual Earth Day. Created in 1970, Earth Day is an annual event designed to demonstrate support and encourage activism for environmental protection. Widely lauded as the largest secular observance in the world – Earth Day is followed by over a billion people every year who aim to change behaviour, both on an individual, company and policy level.

Recent landmark events have brought this to attention to record levels – whether it was adoption of the Paris Agreement in 2015, or more recently, the spotlight on COP26 in November 2021 – the sense of urgency is growing.

Invest in Our Planet

The theme for this year’s Earth Day is ‘Invest in our Planet’, with organisers calling on us all to take action. Now more than ever there’s a greater emphasis for businesses to reassess, double down or create new ESG efforts.

Beyond the environmental impacts, there’s no shortage of other reasons why businesses should be investing in ESG initiatives. According to a PWC survey, 86% of employees prefer to work for companies that care about the same issues they do and 83% of consumers think companies should be actively shaping ESG best practices. Organizations do share this sentiment, with 91% of business leaders stating that their company has a responsibility to act on ESG issues.

Why Financial Services Needs to Invest in ESG

While researching this piece I came across this article by John Nyström, Global Business Manager at Econans – which explored the power that the financial services sector holds in fighting the climate crisis, specifically retail banking. Nyström’s piece argues that banks are in a great position to help fight climate change because they are present in consumer’s everyday lives – giving them prime opportunity to influence customer behaviour for the better.

Aside from the impact the financial organisations can have on consumer behaviour, another reason why banks should take ESG seriously is the priorities of the Millennial and Gen Z generations. Millennials are currently slated to receive one of the valuable transfers of inheritable wealth (estimated to be close to $68 trillion by 2030), and are known to be very environmentally conscious.

A recent survey suggests that Millennials are twice as likely to invest in a fund or stock if social responsibility is a component of the value creation narrative. Further, it found up to two-thirds of Millennials view their investment decisions as an important component of their social and environmental principles. The sooner banks and businesses relay their intention to embed ESG criteria in their corporate practice, fund allocation and investment portfolios, the better will they be in acquiring this important client base.

Eco-Friendly Cards

Another example of sustainable efforts in the banking sector relates to card payments. Every year 6 billion new bank cards are produced – the amount of plastic this uses weighs roughly the same as the Eiffel Tower twice over – that’s a lot of plastic.

To counteract this, there are efforts being made to create eco-friendly cards with innovative and sustainable components. For example an innovative approach reduces the amount of new plastic while fighting sea pollution, with a card made of Ocean Plastic® collected by Parley for the Oceans. This innovative material comes from plastic waste collected from coastal clean-up operations, in partnership with “Parley for the Oceans”. Banks can also reduce their first-use plastic with a recycled PVC card that is made entirely with plastic waste from the packaging and printing industries.

Another cool example of using eco-friendly materials to avoid plastic waste is the Thales Gemalto Bio Sourced PLA cards. These cards replaced 84% of fossil-based PVC with bio-sourced PLA made from non-edible corn of all things. The material is non-petroleum-based and non-toxic if incinerated. The product is the 1^st bio-sourced payment card certified by UL ECV Program in the world. Providing third-party credibility to the environmental claims of the card. It’s now listed on the platform  SPOT UL, a database for customers to seek out ‘green’ products and solutions.

This is an initiative that my colleagues have made great strides in. To date, Thales has deployed 30 million eco-friendly payment cards for banks and card issuers without compromising the user experience. In fact, we became the first company with a full portfolio of cards certified by the Mastercard Sustainable Card Program. By assessing sustainability claims on behalf of the industry, the Mastercard Sustainable Card Program aims to pivot all card selection programs towards eco-friendly solutions, making sustainable choice the default rather than the exception.

This is just one example, in just one sector of the initiatives being taken to take action and invest in the future of planet. There are countless others out there, which should be shared and discussed – especially on a day like today.

The post Earth Day 2022: Why the Financial Services Sector Should Invest in ESG Initiatives Now appeared first on Cybersecurity Insiders.

It was great to be back in Barcelona for MWC this year – first time back since the pandemic and it really felt like no time had passed at all. 3 weeks on and my mind is still abuzz with the announcements, learnings and themes coming out from the show.

5G powers more than the Metaverse

Whether you were on the ground, or just observing from afar, the theme that likely jumped out at you is the Metaverse. Not just constrained to the halls of the Fira, the Metaverse has dominated headlines for a while now – quite an impressive feat considering there’s still a lack of clear consensus about its future, applications, and value. This article from CNBC encapsulates the sentiment perfectly; despite being the buzzword of the moment, it’s still quite a nebulous term.

That said, it still appeared to dominate the conference, especially when it came to 5G. Mark Zuckerberg addressed the mobile industry on day one of the conference – a statement that made it perfectly clear that the future of the Metaverse depends on 5G connectivity. This was followed by the announcement of a new partnership with Telefónica to establish a Metaverse Innovation Hub in Madrid; just one of the many Metaverse-related announcements made at MWC this year (we even jumped on the bandwagon in our post-show report).

That said, for me and many others in the industry, this is not what stood out the most at MWC 22. During my post-conference reading I came across this wrap up post from James Blackman, and I couldn’t agree with his sentiments more – despite the hype and headlines, this year’s show was actually about enterprise IoT and private 5G networks.

Shining some publicity on private networks

As mentioned in a previous MWC reflection post, 5G connectivity really does possess the power to unlock the potential of IoT – and this is true when we really focus on private networking too.

We’ve spoken at length before, about the transformative impact IoT can have within the enterprise, the importance for these networks to be private and why 5G is the network to enable this – so one of the announcements that caught our attention was the news that AT&T and Microsoft had penned a private network deal. The deal highlighted the benefits for multiple sectors, including manufacturing– where cameras and AI tools can assist in everything from robotic assembly to “event detection” – such as when a worker has been injured or a fire has started – and then alert first responders or activate fire suppression systems almost instantly.

As shown by this announcement, private networks give businesses the chance to connect their facilities and manufacturing. And, during MWC other big players like Cisco made similar headlines with their Private 5G solution. In fact, manufacturing had its own conference track at the event this year with a big focus on connectivity for Industry 4.0. Beyond manufacturing, there are many other sectors that will benefit from 5G enabled private networks – whether it’s healthcare, emergency services or the railways.

In case you missed them, here were some of the other key private network announcements made at the show this year:

• HPE introduced a new private 5G solution that “offers seamless interworking across both private 5G and Wi-Fi networks. The solution is based on the HPE 5G Core Stack and comes pre-integrated with RAN solutions from Airspan and other leading vendors.”
• Qualcomm announced a partnership with Microsoft to deliver an end-to-end, easy-to-deploy, scalable 5G private network solution that aims to reduce adoption barriers and operating costs for high-performance 5G connectivity solutions
• Capgemini’s private network solutions are set to become integrated with Microsoft Azure’s Private 5G Core with Qualcomm’s advanced 5G technologies and Capgemini’s MEC platform to bring end-to-end simplified solutions for enterprises. The solution will be validated in Capgemini’s 5G Lab in Portugal.

Battle for the $64 billion market

It’s fair to say that private networks are still classed as an emerging market – but a rapidly developing one, and one that provides an opportunity to MNOS. According to ABI Research, demand for private network capability from multiple industry verticals could generate revenues of $64 billion by 2030.

Harking back to James Blackman’s MWC wrap up – he said that we need to steer clear of the narrative that there is a battle between three industries for the ‘soul of 5G’, and the battle for supremacy to capitalize on this market is not as simple as it’s made out to be.

These sentiments echo our thoughts; earlier on in the year we spoke about the shift in this narrative.

In the past operators were played off against GAFAMs, however 5G has changed the rules of this game and made it a much more nuanced space. The regulation governing spectrum access is a patchwork, allowing newcomers to bid in auctions for the right to run 4G and private 5G networks. Specialized system integrators are also aware of the huge potential returns and are now competing with the telcos. These new entrants include disruptive equipment manufacturers and so-called ‘hyperscalers’ such as AWS, Microsoft, and Google.

While 3G and 4G were built on hardware-based network functions, 5G is ‘cloud-native’. In other words, the network functions that would traditionally be delivered by hardware are instead run as software applications on remote servers. It’s a new way to run a network, and it will require operators and hyperscalers to collaborate closely.

The future of private networks

Earlier on this year, GlobalData predicted that most 5G business-to-business (B2B) market activity this year would focus on private 5G/LTE networks for industry. And it’s safe to say that this was an accurate prediction, as this conference was the moment where a significant level of companies threw their hat into the private networking arena.

So, what does this mean for MNOs? It’s certainly true that they face strong competition to private services to private networks – but they do have a advantages in their favour which we have spoken on before.

MWC may be over for another year but expect further analysis and updated from us on the private network market as it continues to evolve.

For further reading:

How can MNOs ‘win’ $64 Billion private networks opportunity? 

Think private networking is a future tech?  Here are 7 live deployments 

3 Reasons to be optimistic about data privacy in the 5G era 

The post More than the Metaverse: IoT and Private Networks are in the 5G spotlight appeared first on Cybersecurity Insiders.

5G connectivity will power a world of new services. By 2025, it will account for 21% of the world’s mobile connections – and has the power to truly unlock the potential of the Internet of Things (IoT), connecting billions of objects.

5G unleashes a powerful combination of extraordinary speed, expanded bandwidth, low latency, and increased power efficiency perfect for connecting objects. It will make our cities smarter and our entertainment more immersive.

I spoke at the 5G IoT Summit with other industry experts to share the growth, challenges and opportunities of IoT in the 5G era. And, we met many players in and around our stand. Here’s a few of the things we saw.

The evolution of the Internet of Things 

The IoT revolution began with simple remote monitoring of things like first-generation smart refrigerators or machine telematics. In just a short space of time we’re now talking about connected cars, smart grids that span entire cities and countries, and telehealth. Forecasts suggest there could be as many as 75 billion IoT connected devices by 2025.

The potential market for 5G & IoT is massive and will probably see use cases that we haven’t even imagined today – I mean who would have thought that a connected cat litter tray existed (yes it does and we saw it at MWC!). Almost anything can now be connected and many of these new smart objects will be small, with no user interface and could be delivered anywhere around the world.

This raises three questions:

1. How do we connect millions of discrete objects with no human intervention?
2. How do we protect the device and data it transmits – and ultimately the wider IoT?
3. How can smart device makers optimize logistics and connectivity costs?

How to connect hundreds of millions of objects?

IoT OEMs and Service Providers have traditionally managed multiple SIM configurations and roaming agreements. They also need to know in advance more or less where the product would be sold. This doesn’t just create lots of complexity in terms of logistics but also generates high connectivity costs. Smart device makers are therefore increasingly turning to eSIMs to connect objects at first boot up  to allow them to securely and remotely manage the lifecycle of cellular subscriptions, wherever the machine ends up. A combination of secure hardware and a service platform means that one SIM SKU is all an OEM needs to manage connectivity.

The eSIM connectivity solutions for IoT also have the advantage of bringing certified security and a trusted hardware element that helps save precious space in smaller devices. You can see more on eSIM solutions in a recent blog post by my colleague Antoine Thomas who presented at the eSIM summit at MWC.

Securing the IoT

As the number of connected devices increases, so do the number of threats. Since 5G networks are software defined and provide unique features such as network slicing, virtualization and IoT cloud interworking, new security approaches are required with many elements being built into devices and ecosystem architecture.

One of the flexible approaches for preventing security breaches on show at MWC on the Thales booth was IoT SAFE. By leveraging the eSIM this allows for provisioning of the security credentials (keys and certificate) when the device is booted up and connected to the network for the first time. This protects both the device and the data exchanges with an IoT cloud which will only grow with the wider roll-out of 5G.

A holistic approach to security is required, with next generation solutions to secure devices, data, and to manage device lifecycles as well as protecting the 5G network itself. Some of the key discussions at MWC this year have focused on how the likes of SIMs, eSIM, cellular IoT modules, and other cybersecurity platforms, can provide advanced security for the 5G ecosystem and help unlock its potential.

With connectivity and security taken care of, smart device makers can let their imagination run free.

The post Unlocking the true potential of IoT with 5G appeared first on Cybersecurity Insiders.

It’s back! After two years of pandemic restrictions, one of the largest and most influential events in the mobile connectivity industry resumes in Barcelona.

After two years of Zoom conferences and postponed events, it will be overwhelming even for the most experienced of attendees. With this is mind we’ve pulled together an MWC survival guide – whether it’s your first time, or you’re a MWC veteran.

Entry requirements

It’s always been a stringent process to register for MWC, and Covid-19 has only increased the steps you need to take before attending. The GSMA have outlined here very clear guidelines on how to register for your badge, plus requirements on testing and vaccination certificates. And, if you’re a Brit on your first post-Brexit trip to Spain, don’t forget you need at least six months left on your passport.

Don’t forget the right face masks

MWC event organisers have stated that it is mandatory to wear a face mask that “complies with all applicable event regulations”. They have dubbed acceptable face masks as:

Filtering Facepiece Respirators (FFP2) masks, without a valve, satisfying European Standard EN 149:2001 and bearing the CE mark.

Surgical masks and cloth face masks are NOT deemed acceptable.

Those without the correct face mask (who don’t have exemption) may be denied entry – so it’s best to stock up and have some spare.

Have food and water on hand

In Barcelona you won’t struggle to find great dining options in the city, and there’s plenty on site in the Fira to choose from. However, the days (and queues) can be long, and you might find yourself running from one meeting or talk to another at the last minute. Keep a bottle of water on you at all times, and some snacks to tide you over depending on how busy your timetable is during the day.

Create a team WhatsApp group

Whether you’re on the ground yourself or managing people who are there in person – it’s a good idea to create a team WhatsApp group. For those last-minute questions, or simply to communicate how it’s going – it’ll be less of a headache than managing several email chains.

Bring an energy pack

It goes without saying that you should ensure your mobile device is fully charged each day, but that might not be enough if you’re checking emails, taking photos, recording a meeting. There are charger ports in the venue, but never enough to go around. To be safe, bring a fully charged energy pack with you so you don’t get caught short.

Wear comfortable shoes

This is something that every past MWC attendee will attest to. It’s a 20-minute walk from one side of the Fira conference centre to the other, and you could easily find yourself clocking north of 20,000 steps in a single day.

Leave time in between meetings

As stated above, the Fira is big – and busy. Where possible try and leave in at least a half hour buffer time between meetings to ensure you’re not having to run from one end of the Fira to another.

Keep your valuables safe

Barcelona is a great city, but it’s notorious for pick-pocketing – and the thousands of visitors attending a technology conference is a tempting target. Keep your possessions close to you, and don’t flash your valuables outside of the venue.  To that end, make sure that all your devices are secured with secure and complex passwords – if not two-factor authentication.

Book in advance

If you’re looking for evening entertainment, you’ll be spoilt for choice in Barcelona. However, with some 40-60,000 people expected to flock to the city this year – it’d be wise to book restaurants or entertainment in advance to avoid disappointment (and to avoid pacing up and down the Ramblas to find an free table).

Don’t forget to explore Barcelona

No matter where you are in the world, most conference centres look the same – and it’s easy to forget where you are. Barcelona is a bustling, cosmopolitan city – famous for its art, architecture, and food. Before you fly home try and catch some of the sights if you can.

Drop by and say hello

We’ve been at the show for many years, so come by the booth (Hall 2 – Stand 2J30) for the latest in trusted mobile and IoT solutions, or just for a rest and a chat. If you want a preview, or can’t make it to the show then take a look over here.

The post Back to Barcelona: MWC 2022 Survival Guide appeared first on Cybersecurity Insiders.

As countries worldwide look to slow the effects of climate change, many governments are now introducing legislation aimed at limiting the sale of diesel and petrol cars – with many of these plans due to kick in from 2030. This has led to wider adoption of greener forms of transport, including electric cars, which offer a number of benefits including zero emissions, energy efficiency and lower maintenance costs.

What’s more, the expansion of 5G technology means that electric cars will be connected to smart city infrastructure more seamlessly, allowing for faster journey times, reduced emissions and less congestion. With 10 million electric vehicles (EVs) currently being driven around the world, demand for greener and quicker transport is set to soar.

However, for electric cars to be adopted on a wider scale, a number of important issues need to be addressed. From a lack of charging infrastructure to a limited journey range, here are four key challenges currently facing EVs that need to be addressed:

1. Lack of charging infrastructure

The first challenge facing manufacturers is a lack of charging infrastructure. Within a recent survey by Kwik Fit, 37% of respondents cited a lack of charging points in their area as the most important reason for preventing them from buying an EV. Furthermore, the distribution of charging infrastructure widely varies by country. For example, the European Automobile Manufacturers’ Association (ACEA) has found that existing EV networks are unequally concentrated in Western Europe, with the Netherlands, France, Germany and the UK accounting for more than 75% of all charging points on the continent.

Unequal access to charging infrastructure could result in an unequal uptake of EVs worldwide, slowing the switch to more greener forms of transport. While increasing the number and visibility of charging networks could increase user confidence in electric cars, manufacturers cannot drive this adoption alone. Only a collaboration between industry bodies, government, third parties and businesses will help the deployment of charging points at a scale needed to meet this burgeoning demand for EVs.

2. Low capacity charging points

Another issue manufacturers need to address is low capacity charging points. While charging capacity largely depends on the size of the battery and the speed of the charging point, it can take anywhere between 30 minutes to 24 hours to fully charge an electric car. For example, while the Nissan Leaf model takes an hour to recharge a battery to 80% capacity, other cars could take up to 12 hours to reach the same amount. Recent analysis has also found that just 1 in 7 charging points in the EU are either fast or rapid chargers, meaning they are capable of charging cars in 20-30 minutes. The vast majority are slow chargers, meaning they can take considerably longer to charge an EV.

With EV adoption rising rapidly worldwide, manufacturers, operators and governments need to consider increasing the number of high capacity charging points to not only support faster charging, but to accommodate demand. However, it’s also important to ensure that high capacity charging points are accessible and rolled out equally across both rural and urban areas. For example, the UK government has recently introduced a range of initiatives designed to support businesses and local authorities in rolling out more faster charging points in their communities, with more countries set to follow.

3. Fragmented EV charging ecosystem

Furthermore, manufacturers are also faced with a fragmented charging ecosystem. This ecosystem consists of a number of different parties, including the charge point operator (CPO), often associated to a specific car brand and who is responsible for maintaining charging stations and setting prices for the infrastructure used, and an e-Mobility Service Provider (eMSP) who provides access to their specific charging station network through an RFiD card, credit card or app.

This means that both the access to charging points and the payment methods are not harmonized, , complicating and slowing the charging process. Introducing a single, uniform charging framework can help simplify the integration of electric vehicles into smart energy grids. To move into this direction, the international ISO 15118 standard (also called “PlugNcharge”) has been developed to enable the automatic identification of EVs with a large network of compliant charging points, for a wider access to recharge and automatic billing.  This can provide a seamless and secure charging experience for users as deployment increases worldwide.

4. Limited journey range

The final challenge facing manufacturers is the perception of limited journey ranges of EVs, meaning the distance the car can travel on a single charge before the battery runs out. With many electric cars able to travel around 181 miles (or about 290 kms) on a single charge, making the switch to an EV should be fine for the majority of everyday commuters.

However, for those needing to travel long distances on a regular basis, the journey range of most EVs could make opting for an electric car more difficult. With many consumers worried about their ability to travel long distance compared to a petrol or diesel car – known as range anxiety – continuing to improve the battery capacity, alongside making charging points more accessible, could help increase consumer confidence in EVs, driving a switch to greener transport for years to come.

Interested and want to learn more? Leave a comment below and make sure to also follow us on Twitter at @ThalesDigiSec!

The post Electric cars: Four challenges manufacturers need to address to drive adoption appeared first on Cybersecurity Insiders.

By 2025, 2.4 billion smartphone connections will use eSIMs globally, and as this adoption continues to grow, having a clear strategy will be vital to capitalise and make best use of the new opportunities that this technology presents.

We’re starting to see an increasing number of mobile devices that have eSIM functionality built in – and it’s safe to say that more mainstream manufacturers are embracing eSIMS than not. The latest iPhone, iPad, Oppo, Samsung and Pixel models are just a few examples of devices with eSIM capability.

This week at Mobile World Congress 2022, we’ve been meeting with operators, service providers, device manufacturers and other experts in the industry at MWC. And, yesterday here in Barcelona, I spoke during the eSIM summit with many of my peers. Discussions have centred on why it’s time to embrace this technology, how it can meet new and existing challenges, how it will benefit consumers as well as simplify the access & management of cellular connectivity for the massification of IoT. Here’s a few of the talking points:

Benefits for Consumers

eSIMS are built into the device providing easier connectivity and by removing the need for a SIM card slot it also saves valuable space – bringing with it many advantages for the consumer.

• Greater choice and flexibility: eSIM functionality means that consumers could store multiple operator profiles on a single device simultaneously, and switch between them remotely. Manufacturers and operators can now enable consumers to select the operator of their choice and then securely download that operator’s SIM application to any device. This undoubtedly gives consumers greater choice and flexibility and can make it easier to stay connected when travelling abroad.
• Easier sign-up: people want to buy consumer devices online and sign up to new mobile packages from home, this is even truer since the start of the pandemic. The eSIM, linked with an instant activation service, satisfies the needs of today’s consumers for immediate access to new services. This can all be done from an app, which can also handle the wider digital customer onboarding (eKYC) including the required identity checks.
• Smaller design, more features: Removing the need for a physical SIM card and its tray opens possibilities for manufacturers to enhance features on a device – such as a bigger battery – or create more discrete wearables. The removal of a physical SIM could also decrease the risk of water or dust damage, due to fewer holes in the device

The Rise of eSIMs for IOT

Alongside the benefits for consumers, eSIMs are increasingly adapted to addressing many of the pain points facing IoT deployments.

As part of their digital transformation, enterprise OEMs need to bring connectivity to ever more devices. However, deploying IoT projects poses a number of challenges – not least due to the complexity of integrating multiple technologies and suppliers. From the initial prototyping phase, as well as during development and manufacturing prior to deployment, enterprise OEMs are facing multiple challenges, particularly in selecting the right partner and providers.

Enterprise OEMs are finding it a challenge to interface with multiple Connectivity Service Providers (CSPs), which require time consuming and costly roaming agreements, to properly connect their devices across multiple countries. The key business need is for a simple and secure way to connect their devices, and to benefit from a single SKU (Stock Keeping Unit) approach that avoids unnecessary supply chain costs.

eSIM technology service providers have the opportunity to simplify IoT device activation while saving costs and time. Here are three core ways an all-encompassing solution can help service providers achieve this when it comes to IoT connectivity activation:

• Simplified manufacturing processes and logistics: Thanks to eSIMs, any device installed by a service provider can connect to any Mobile Network operator (MNO), regardless of the product type. For service providers, this removes the need to manufacture multiple product variants to support different networks.
• Remote management: Instead of regularly sending out technicians to update both devices and SIM cards at the expiration of MNO contracts, eSIM technology gives service providers the ability to update their devices remotely. Using a web portal, technicians can update a device’s network provider from the comfort of their office, saving costs and time from unnecessary maintenance trips.
• Streamlined installation: Devices with embedded SIMs can automatically select the optimal MNO network for any given deployment site. As a result, technicians no-longer need to spend hours travelling to sites and testing devices for their connectivity requirements.

The IoT industry is in constant evolution. With millions of new connections made every day, we are still progressing to a smarter world. However, maintaining strong and reliable connectivity will be critical if we are to reap the benefits of IoT. With the help of eSIM technology, the activation and management of IoT devices can be simplified across the business landscape.

Learn more about our eSIM solutions.

The post MWC 2022 – Unleashing the Power of eSIMs appeared first on Cybersecurity Insiders.

After a two-year hiatus we’re back in Barcelona this week for MWC, ready to showcase our key solutions that support the mobile industry’s digital transformation.

Why we’re here:

5G will count for 21% of mobile connections by 2025 – presenting a huge opportunity for mobile operators but introducing new vulnerabilities and data privacy challenges.

We’re helping in the mobile industry to:

• Connect and manage devices on 5G networks
• Protect devices and the data they handle
• Predict network anomalies and the growing number of cyberattacks through powerful AI analytics to build a 5G world that we can all trust

So, what are the key issues and trends and news announcements we’re talking about at this year’s conference? At our stand Hall 2 – Stand 2J30, we’ll be talking about, and giving demonstrations on – the following:

Digitalisation – Trusted Digital Telcos

Unleash the power of eSIM to launch your digital-first brand with Thales Trusted Digital Telco and put your customer at the centre of the experience. This solution powered by Tripica covers every step of the consumer journey, from ordering and subscription activation through to service usage and customer care. Our disruptive digital solution leverages innovative technologies including eSIMs, eKYC and digital BSS (Business Support System).

We’ll be demonstrating the process for subscribers as they choose their plan and different subscription options, as well as performing the full enrolment process, including ID document verification and facial matching – all from the application. The demo also offers the possibility to activate either SIM or preferably eSIM for a full digital journey.

Powering a Trusted 5G World

5G connectivity will power a world of new services. It creates new opportunities for people, enterprises and societies by enabling services like e-health, autonomous cars, smart cities or smart manufacturing. For consumers, 5G will revolutionize entertainment with streaming games and enable them to connect new devices such as drones. We show the latest solutions for connecting millions of people and things as well as protecting the 5G network and the data it holds.

eSIM for Massive IoT Deployments

Technology is transforming, moving from simple mobility solutions to hyper-connectivity in the Internet of Things (IoT).  According to the GSMA, mobile connectivity will contribute about 5% of the world economy by 2023. Global connectivity and security are the two pillars, which will make this hyper-connected world possible. Thales provides innovative solutions that enable Connectivity and IoT Service Providers to enjoy global coverage and industry-acknowledged application security for IoT devices in a resilient, scalable, and cost-effective manner.

Where you can see us speaking:

eSIM Adoption and Global Market Trends

Join Antoine Thomas, eSIM Solution Director and François Bogusz, Digital Telco Director, in the session: Unleash the Power of eSIM.

• When: March 2nd, 11:40 CET
• Where: Hall 7, Theatre 3

5G IoT Summit 

Join Stéphane Quetglas, Embedded Solutions Marketing Director, in the panel discussion: Next Generation of IoT Enabled by eSIM: the Business Landscape.

• When: March 2nd, 18:35 CET
• Where: Hall 7, Theatre 3

Where to find us:

Reminder that you can find us at our stand, Hall 2 – Stand 2J30. Our demos will be running throughout the day.

Headed to MWC this year? Be sure to check out our survival guide.

The post Back to Barcelona: What to expect from us at MWC this year appeared first on Cybersecurity Insiders.

Two years ago, the Covid-19 pandemic forced millions of workers across the globe into remote working and turned the way we work on its head. Prior to the pandemic, flexible or remote working arrangements had been the exception in most organisations – yet overnight it became the norm.

Since then, you couldn’t move for endless (and varied) commentary about the ‘future of work’ – with predictions ranging from the complete abolition of offices, collapse of co-working spaces through to the return of full time office presence. Two years on and we’ve settled on a more middle ground – hybrid work.

The New Normal

As lockdown restrictions ease across the globe, we’ve witnessed many different approaches to hybrid working – whether a formal company policy, or a ‘choose how you work’ model. However, no matter the approach, one thing remains clear – flexibility is here to stay.

There have been many studies that reinforce this – and all of them put the onus on the employer. Global research from The Adecco Group found that 40% of workers are considering moving to jobs with more flexible options, 80% of employees said they’d be more loyal to their employer if they provided flexible working options according to Flexjobs, and the Gartner 2021 Digital Worker Experience Survey found that 43% said that flexible working hours helped them be more productive.

The benefits of a more hybrid model of working is therefore clear and resound – yet, as with any new trend, it brings with it a fresh and unique set of challenges from a security perspective.

Security Challenges of Hybrid Working

Risks in the connected home

IoT devices continue to grow in popularity – whether it’s smart assistants, fridges, doorbells, or thermostats. While they seem unconnected to working life, these devices create more entry points for cyber criminals. If a cybercriminal can hack a smart device (which aren’t always designed with safety in mind), they gain entry to any other device on the same network – including corporate devices. Luckily, many manufacturers are now taking IoT security a lot more seriously and adopting a security by design approach. For consumers, device security starts and ends with the router, and recent research which revealed that one in 16 home Wi-Fi routers still supports the manufacturer’s default admin password should be a cause for concern.

Trusted remote access and cloud transformation

To mitigate against insecure home networks and devices pre-pandemic, many organizations would have systems in place to secure corporate devices outside of the office. However, many of these legacy on-premises solutions were not designed to accommodate for large numbers of personnel working remotely – nor were Enterprise VPN services. While this presented an initial scalability challenge when lockdowns were first enforced, this continues to be of vital importance. Whether at home or in the office, employees need secure access to company files and applications, and most organisations are turning to cloud access management and authentication solutions. This has increased the speed at which operations and security technologies are being moved to the cloud, and the need for trusted cloud environments.

Public Wi-Fi concerns

Remote working doesn’t just mean home working. The rise of ‘third spaces’ is a trend to be aware of – whereby workers are flocking to cafes, libraries and even pubs. Those that flock to these locations, often when offices aren’t open or available to them, claim they get a buzz and sense of community that they just can’t get when working from home. However, despite the productivity gains – it could be opening up company data to a whole host of risks.

A lot of these environments have open and public Wi-Fi networks. These networks are easy and convenient for those looking to log on, however they carry risks. Any device connected to public Wi-Fi is visible to anyone else on the network. Organisations might not be a position to dictate where an employee works when they are remote, but provision of VPNs, multi-factor authentication, access management solutions and education on the risks of public Wi-Fi is encouraged in this new hybrid working era.

The rise of consumer collaboration tools

The pandemic forced us all to change how we collaborate. You could no longer walk over to a teammate to discuss feedback on a piece of work, or head into a meeting room to talk about company confidential updates; everything had to take place virtually. Tools like Zoom, Slack and Asana are just a handful of the tools businesses turned to day to day collaboration, and we’ve previously discussed the growth of consumer platforms being used for messaging and collaborating. The danger with some of these tools – many are not secure and are prime targets for cyber-attacks. This informative article from TechTarget provides an in-depth overview on collaboration tool security.

Work -Life ‘Blurrance’

As the lines between home and working environments started to blur – so did attitudes to corporate device security. There are many studies on this, but one that caught our attention was this one from Avast which found that, a third of SMBs in the UK are connecting to corporate networks using personal devices that do not have any security controls in place. Over a quarter of employees admitted that they had connected a personal computer to a company network, and 15% had connected a personal smartphone. Of those who did this, many didn’t get permission to do so.

People don’t do this because they don’t care about security but rather they’re just looking to do their jobs with the tools at their disposal. Home working has made logistics for getting corporate IT and mobile devices to employees more complicated. It’s of paramount importance that employees’ connection is

reliable and easy to set up even in a complex logistics context. This way they can connect their devices easily and securely when they first turn them on.

Two Years On

Our recent Data Threat Report revealed that navigating these various challenges continues to plague businesses. After two full years since the pandemic started, 79% are still concerned about the security risks and threats that posed by remote working.

Flexible working will continue to dominate, as will the security risks that come with it.

The post Pandemic Two Years On: The Security Challenge of Hybrid Working appeared first on Cybersecurity Insiders.