The role of private companies in the telco space is changing.
They are connecting millions of smart devices – and even running their own private 5G networks. Telcos must help them resolve questions around identity and security.
In Sindelfingen, Germany, Mercedes-Benz builds a production plant in which all machines will be connected over a private 5G network. It is one of the earliest examples of network slicing, which gives enterprises the ability to set up high speed, low latency connections in a self-contained environment.
Network slicing opens up a world of possibilities for enterprises.
Networks generate data, which must be encrypted at rest and in motion. Only authorised personnel should be able to access this data.
Obviously, many tenants lack the internal expertise to manage all these security demands.
The good news?
Private 5G networks: An opportunity for Telcos
It's an opportunity for telcos to offer ‘Security-as-a-Service’ as a companion to 5G Slices. These services should include identity and access management, key management, intrusion detection, and so on.
There are five key principles for creating a fabric of trust in network slicing:
- Every slice must be fully autonomous, even if it shares the same underlying physical infrastructure.
- Enterprises need to authenticate securely onto every slice.
- There should be a guarantee of isolation of each unique slice and Virtual Network Functions (VNF) within it. There should be no way for a VNF to gain access to another slice.
- MNOs must ensure they cannot view the enterprise’s data.
- Elasticity will drive demand for stateless VNFs. Those cases will require localized storage, which will require protection.
Thales can help
Encryption and key management in the cloud
Thales offers a variety of products such as CipherTrust Manager and Network Encryptors to address these private 5G principles.
Of course, no system is 100 percent secure.
So is there anything more enterprises can do to resist attacks?
24/7 network monitoring
One strategy is to monitor the network for anomalies.
Thales can help with this too. Our Critical Information Systems (CIS) division can observe threat activity 24/7.
On a more day-to-day level, Thales can also protect enterprise employees.
Access management and single sign-on
Most companies now use cloud-based software to do everything from word processing to CRM. The downside is obvious: it puts sensitive enterprise data on remote servers.
This presents the risk that outsiders will get access to it.
Strong authentication is the answer.
But as the number of cloud subscriptions grows, employees lose track of their many usernames and passwords.
Thales has a solution. SafeNet Trusted Access is a ‘central access management system.’
It gives employees a highly secure single sign-in to multiple SaaS accounts from a single dashboard.