Gabriele Lieser

CUSTOMER SUCCESS MANAGER

Summary

Configurations errors can cause severe problems within any network, and they are not only annoying: cleaning up goes along with substantial loss of time, revenue and subscriber trust. Configuration hardening by introducing smart firewall rules first, can be extremely time-consuming. But in order to secure the network and maintain a high level of security, it’s indispensable to understand how the traffic flows into and out of the network. This includes updating firewall rules consistently and proactively. Establishing regular firewall reviews can be of great help as well as combining these reviews with third party intelligence feeds to stay vigilant about new emerging threat vectors.

Configuration errors – a scourge of mankind. Prior to COVID-19, MNOs already faced serious challenges with cyber security and fraud prevention. With the coronavirus, data breaches and misconfigurations have increased, and not only due to the disruption of changing work practices, such as working from home. The shortage of security personnel and minimized budgets are taking their toll. Of course, the lack of automation and visibility across various tools and systems are not easing the problem.

Maintaining security requires “configuration hardening”, i.e. creating secure and compliant configuration settings and finding suitable tools to automate the monitoring, configuration and assessment of the firewall body of rules.

So, the question is: how can MNOs do more with less? How can they mobilise resources and break the wave of data breaches during these challenging times?

RoamsysNext Insights

In RoamsysNext Insights our experts share their views on extensive industry topics and possible solutions we can offer.

Introduce Smart Firewall Rules

In order to fully harden a network, hundreds of configuration changes may be required. The initial pass should examine the default settings, which are always made for easy setup, not security. Firewall rules should immediately be setup for “deny all, allow some” where the default action is to block. As traffic flows are verified and authorized, they are then permitted in the firewall configuration on a case by case basis.

This process can be intensely time consuming, but understanding the nature of the traffic flows into and out of the network is key to securing the network and maintaining a high level of security going forward. Firewalls really should grant only minimum access needed by each user and shouldn’t risk vulnerabilities. Isn’t it easier to expand firewall rules and allow additional access rather than having a mess on one’s hands after a security breach?

employ smart firewall rules to stay on top of things

Update Firewall Rules Consistently

Don’t rest on your laurels once you have defined and set adequate firewall rules. The next step is to monitor and update the firewall regularly. In a vibrant business environment, the network is always growing and changing, and so should your firewall. Adding and removing new devices and users is job routine, as well as implementing new technologies and rules. Sometimes, multiple rules may serve the same or a similar function in the firewall and may start to pile up and overlap.

Third party intelligence feeds are highly recommended!

Reviewing and updating firewall rules includes removing duplicates, and by doing so, the IT team will also speed up the network. The proactive approach to things has always been more challenging than waiting for something to break and then fixing it. Establishing regular firewall reviews can be of great help to keeping things running smoothly even when the network is not going through ups and downs in the market. Combining these reviews with third party intelligence feeds to remain vigilant about all of the new threat vectors emerging is highly recommended.

security specialist working late

It’s a Steady and a Dynamic Process

If data breaches are common because of misconfigurations, then MNOs must take control by quickly and automatically prevent, detect and cut out these errors. There are already a wide variety of security controls at hand, but just turning them on is not the end of the game. Firewall configuration and the prevention of misconfigurations must be performed continuously, dynamically and on a high level. Already today, our tools help to simplify the initial and ongoing correct configuration of every roaming relevant network element. This enables MNOs to block any unwanted or unauthorized traffic with very little effort.

Enjoy correct configurations of every roaming relevant network element

It spoils nothing to say that since the beginning of the COVID-19 crises, it’s prime time for fraudsters to exploit human nature in these times of fragility. Likewise, we are increasingly keeping an eye on upgrading security aspects. Since we are experienced in developing the InfoCentre RAEX Tools application on behalf of the GSMA, our tools are fully compliant to GSMA requirements and can be most easily implemented and aligned to the specific needs of any customer. Talk to us, we will listen to you.

Gabriele Lieser joined RoamsysNext in 2020 as Customer Success Manager to strengthen the bonds with our increasing number of customers and to support the marketing team. Gabriele has a strong background in corporate sales. She studied at the Universities of Trier (Germany) and Manitoba (Canada) and is incorporated in the RoamsysNext Client Service team.

Two-Factor Authentication rules!

For some time now, we have introduced 2FA and have contributed our share to provide more secure access to our tools. Nobert Becker, Head of Software Development, picks up the thread and provides engaging insights into his area of responsibility.

  • RoamsysNext Insights - Wholesale Roaming Manager

Introducing: The RoamsysNext Wholesale Roaming Manager

The RoamsysNext Wholesale Roaming Manager provides powerful collaboration and reporting tools for all roaming partner relationships by converging everything from service openings to the user’s roaming footprint, test SIM cards and tariffs, document and contact management.

We’re in this together

In the second part of our interview with Alexandre De Oliveira, POST Luxembourg Cyberforce, he highlights major pain points in fraud detection and stresses the importance of global information sharing via the GSMA T-ISAC initiative.

Mastering today’s Fraud Landscape

Learn how Alexandre De Oliveira’s team at POST Luxembourg Cyberforce is mastering today’s fraud landscape with penetration tests, security assessments, the Telecom Intrusion Detection System (TIDS) and the Telecom Security Scanner (TSS).

How to avoid configuration errors

Hardening the network is a good way to get configuration errors under control. Introducing smart firewall rules and consistently updating these rules can be very time-consuming, but it’s a crucial measure to be taken.

  • RoamsysNext Insights 9: Interview with Hendrik Hoehndorf

Making a Stand against Fraud

In an insightful interview, our CTO, Hendrik Hoehndorf, speaks about further GSMA initiatives on fraud detection and prevention such as the MISP (Malware Information Sharing Platform) and T-ISAC (Telecommunication Information Sharing and Analysis Centre).

  • RoamsysNext Insights

Let’s talk about data quality

Most fraud and security issues are caused by misconfigured network nodes. This article shows, how RoamsysNext treats this problem on their quest for data quality.