All Stories
Follow
Subscribe to ONEKEY GmbH

ONEKEY GmbH

Protection against critical security gaps in telecommunication networks

Protection against critical security gaps in telecommunication networks

IoT Inspector saves Swisscom €350,000 per avoided faulty software rollout and update

Bad Homburg/Germany, October 28th 2021 – With a turnover of over 10 billion euros and almost 20,000 employees, Switzerland’s technology and telecommunications company Swisscom is the industry leader in its country. Any defective rollout of routers, hotspots, repeaters and other device firmware would not only damage the company's reputation, but also generate massive expenses. On average, each defective rollout is estimated to cost €350,000. Swisscom carries out several dozen such rollouts per year, and in the case of serious errors such as critical vulnerabilities, the company would have to repeat the entire process. Using technology from IoT Inspector, a company specializing in automated IoT security, Swisscom checks every piece of firmware and any updates for security breaches, risks, and gateways for potential hacker attacks. Swisscom currently has close to two million such devices in circulation among its customers. "We use the IoT Inspector platform to check every piece of software for potential risks before it even reaches release candidate status, at which point they are immediately analyzed and fixed. This allows us to effectively secure new features and interfaces," says Giulio Grazzi, Senior Security Consultant at Swisscom.

Supply chain for IT products, often questionable

There is a risk associated with almost all IT products as the technologies they integrate are purchased from a variety of suppliers and then installed, among which are chipsets, Wi-Fi modules, and many other electronic components. "Many manufacturers' components are used in the production of IT devices without the respective firmware being subjected to a comprehensive security check. By using a module from a third-party manufacturer, for example, a purchased Wi-Fi module becomes a potentially unacceptable risk. Our analysis also uncovers these vulnerabilities and facilitates their remediation," explains Jan Wendenburg, CEO of IoT Inspector. Swisscom has already been using the technology since 2015 and has been able to increase the level of security and prevent additional costs due to faulty firmware images. IoT Inspector's testing procedure is automated and integrated into Swisscom's standard development process. With a 60% market share in mobile and broadband, the use of IoT devices will continue to grow.

Swisscom's own IoT business model

For business customers, Swisscom is going one step further by implementing IoT Inspector's security checks into its own solutions. This way, the telecommunications service provider creates its proper IoT ecosystem with gateways as well as IoT management. This is made possible through the in-depth security checks for all components in the chain between provider and customer, which take place during planning, implementation and ongoing operation. As a result, Swisscom can also provide critical IT services such as remote maintenance of machinery and equipment. "All facilities in the IoT field need a new and integral security thinking to seal off supplier devices against risks. It applies to the setup as well as to any update of the IoT devices in use," outlines Wendenburg. IoT Inspector is one of the largest security platforms for IoT security and regularly exposes major vulnerabilities in technology products that would otherwise have been overlooked due to unclear component supply chains.

About IoT Inspector:

IoT Inspector is the leading European platform for IoT security analysis and enables automated firmware testing of IoT devices for critical security vulnerabilities in just a few clicks. The integrated Compliance Checker simultaneously uncovers violations of international compliance requirements. Vulnerabilities for external attacks and security risks are identified in the shortest possible time and can be remedied in a targeted manner. The solution, which is easy to use via the web interface, detects unknown security risks for manufacturers and distributors of IoT technology. This is especially true for products manufactured by an OEM partner. Infrastructure providers, consulting companies, scientists and system houses also benefit from the offering and can provide added value to their customers. With IoT Inspector Edu, universities and research institutions can access the entire platform free of charge: https://www.iot-inspector.com/iot-inspector-edu-students-academia/.

Company Contact: IoT Inspector GmbH,
Tannenwaldallee 2, 61348 Bad Homburg, Germany,
Julia Alunovic, E-Mail:  julia@iot-inspector.com,
Web:  https://www.iot-inspector.com
 
PR-Agency: euromarcom public relations GmbH,
Mühlhohle 2, 65205 Wiesbaden, Germany,
Tel.: +49 (0)611 9731 50, E-Mail:  team@euromarcom.de,
Web:  www.euromarcom.de

- - - -

More stories: ONEKEY GmbH
More stories: ONEKEY GmbH