Unveiling the Secrets of IoT Security: A Chat with Grant Proctor, Head of Service & Product Delivery!

A few weeks back, we threw the doors wide open and invited you to shoot us your burning questions about IoT security in our debut Ask Grant series. And guess what? The response we had was electrifying! So, we sat down with the man himself ready to dive into the intriguing world of IoT security, the first question you wanted to know the answer to?

What security do you get by default from a GSMA compliant cellular operator?

“So at the top level, there’s the GSMA’s Fraud and Security Group (FASG). This group is entrusted with the management of mobile technology, networks, and services, and it’s stated aim is to elevate the protection of infrastructure, security, and privacy within the industry. To give you an idea of the breadth of what they review, the group focus encompasses critical areas from detecting and preventing fraudulent access to securing mobile devices and applications, right down to the specifications for security of things like Universal Integrated Circuit Cards (UICCs – basically the chip on your SIM card).

At the network level, GSMA have the Network Equipment Security Assurance Scheme (NESAS). This scheme is intended to provide network equipment vendors with a set of standards they can test their processes and products against to show they’re compliant with a GSMA defined baseline. Similarly it allows Network Operators to have an assurance that the vendors they’re working with are providing a good level of security out-of-the-box and that their development processes comply with secure-by-design principles.”

But what are the benefits of GSMA NESAS?

“For vendors it’s having a single, industry defined and high quality baseline they can validate themselves against, reducing potential duplication of effort in trying to comply with multiple standards. For potential customers of the vendors, it enhances transparency and comparability among the myriad products available in the market, helping speed up product selection. And for the consumers and wider industry, it raises the collective bar to help ensure a higher standard of security across the whole network.”

In the realm of IoT security, understanding the intricacies of GSMA’s initiatives is paramount. Grant’s insights reveal the comprehensive efforts undertaken by the Fraud and Security Group and the pivotal role of the NESAS in establishing a secure foundation for cellular networks. As we navigate the evolving landscape of IoT, these standardised security measures become instrumental in ensuring a resilient and secure interconnected future.

So, there you have it – a sneak peek into the exciting world of IoT security, served with a side of Grant’s wisdom. Stay tuned for more thrilling revelations in our Ask Grant blog series! Until next time, techies!

‍