Report

IoT Security Guidelines – for Network Operators

Free Report

Log in as a GSA user to access the free summary report. If you haven’t got an account, you can sign up for free.

This document should act as a checklist in the supplier agreements between IoT Service Providers and their Network Operator partner(s).

The scope of the document is limited to:

  • Security guidelines related to IoT Services.
  • Recommendations pertaining to the security services offered by a Network Operator.
  • Cellular network technologies.

This document is not intended to create new IoT specifications or standards, but will refer to currently available solutions, standards and best practice.

This document is not intended to accelerate the obsolescence of existing IoT Services.

Backwards compatibility with the Network Operator’s existing IoT Services should be maintained when they are considered to be adequately secured.

This document does not address the security issues associated with the interfaces and APIs implemented on the IoT Service Platform (or IoT Connectivity Management Platform) in order for the IoT Service Platform to share its data with end users (for example to share data with an end user via a smartphone or PC application) or other entities within the ecosystem.

Such interfaces and APIs shall be secured using ‘best practice’ internet security technologies and protocols. It is noted that adherence to national laws and regulations for a particular territory may, where necessary, overrule the guidelines stated in this document.

This document should act as a checklist in the supplier agreements between IoT Service Providers and their Network Operator partner(s).

The scope of the document is limited to:

  • Security guidelines related to IoT Services.
  • Recommendations pertaining to the security services offered by a Network Operator.
  • Cellular network technologies.

This document is not intended to create new IoT specifications or standards, but will refer to currently available solutions, standards and best practice.

This document is not intended to accelerate the obsolescence of existing IoT Services.

Backwards compatibility with the Network Operator’s existing IoT Services should be maintained when they are considered to be adequately secured.

This document does not address the security issues associated with the interfaces and APIs implemented on the IoT Service Platform (or IoT Connectivity Management Platform) in order for the IoT Service Platform to share its data with end users (for example to share data with an end user via a smartphone or PC application) or other entities within the ecosystem.

Such interfaces and APIs shall be secured using ‘best practice’ internet security technologies and protocols. It is noted that adherence to national laws and regulations for a particular territory may, where necessary, overrule the guidelines stated in this document.

Date: 6th Sep 2018
Type: Report
Technology: Narrow Band IoT & M2M
Originator: GSMA