tanaonte - stock.adobe.com
While 5G security is a major concern for network vendors, wireless carriers and governments worldwide, it is prudent for business users of 5G to understand what the next-generation wireless technology means to them as it relates to security and privacy.
The obvious value 5G brings is increased bandwidth, capacity and reliability of broadband services -- attributes consumers and businesses can perceive instantly. The security and privacy impact of these innovations is less obvious but cannot be understated.
Here are three key areas to focus on to ensure a secure 5G deployment.
1. Focus on the supply chain
The insatiable need to collect data -- as raw material for AI algorithms, among other uses -- with the ubiquitous bandwidth and availability that 5G heralds implies a 5G-enabled sensor tsunami is happening or is about to. This will pervade every vertical, from transportation to utilities to agriculture and more.
Security teams in enterprises upgrading to these connected and embedded sensors and machines have a number of questions to ask potential supply chain and third-party vendors.
For logistics, these questions include the following:
- What is the identity of the manufacturer?
- What is the location of the manufacturer?
- Has the manufacturer had any past public snafus?
- What is its ability to update software over the air?
For tamperproofing and baselining, these questions include the following:
- What controls are in place to prevent tampering with the sensor?
- Is there a baseline configuration that can be periodically compared against to detect interference?
2. Focus on data
Getting ahead of the 5G data tsunami involves not only understanding the deluge of data, but also 5G security concerns related to that data. Enterprises must be sure they can answer questions, including the following:
- How is the data collected?
- Where is it stored?
- Can it be transferred to a different jurisdiction with looser rights, revocability and ownership?
Periodic data classification and assigning value to the data are critical. This enables proper data lifecycle management and adherence to increasingly strict standards related to data privacy, including revocation and shredding.
Next, securing the data from the point of collection, in transit and, ultimately, to its final destination and beyond -- until it is ultimately shredded -- is imperative. This will inherently go against the ubiquity and the bandwidth floodgates that 5G opens up because encryption is compute-intensive and will latency and cost. Many sensors may not support encryption natively, so it might need to be an add-on hardware or software module as close to the point of collection as possible. This thinking must extend into the cloud or wherever data is headed.
Secure the data in transit. Encrypt the data at its final destination and until the data kicks the bucket -- i.e., until it is shredded.
3. Focus on network characteristics
Be sure to consider 5G network latency and reliability. Lowered latency enables previously impractical use cases to suddenly become viable. In healthcare, for example, real-time vitals monitoring of seniors and alerting caregivers when there are deviations from normal levels lower the overall cost of caregiving and enable greater scale. However, a bad actor introducing latency through packet rerouting or introducing noise could literally impact lives.
Enterprises must understand how much 5G latency is a factor in its business lifecycle and proactively incorporate actions to address it, such as measuring latency periodically and initiating corrective action as needed -- like alerting the caregiver in the case of the senior monitoring example. Likewise, if 5G is the business's digital lifeline, having more than one provider or opting for redundancy of connections would be prudent.
Address 5G security early and your enterprise will surely -- and safely -- reap its business benefits.