Gabriele Lieser

CUSTOMER SUCCESS MANAGER

Summary

As the COVID-19 quick-and-urgent action stage is gone, infection protection makes the majority of employees stay at home and work from there. As smart as these measures are, the level of cyber security at home is generally not as high as in the corporate network. Starting with transferring sensitive data or conducting confidential conversations online, literally all activities are carried out in virtual space. This opens many opportunities for cybercriminals to steal passwords and corporate information that can later be used for fraud and blackmail. Due to the broad introduction of remote working, businesses need to rethink their current cyber security measures and consider how they need to be adapted or further developed.

With a high level of professionalization cyber criminals attack lucrative targets across all industries. Government agencies and research labs, where working from home has never been an option, are targeted, and also universities, clinics and medical practices, market-listed companies and corporations, retailers and mid-sized businesses. The risk is particularly high for small companies because a cyber-attack can quickly threaten their economic existence.

RoamsysNext Insights

In RoamsysNext Insights our experts share their views on extensive industry topics and possible solutions we can offer.

While working from home, the gates of opportunity are often opened by communication with the company network via private and rudimentary protected internet connections. Wherever company computers are not available, no professional data should be sent or shared via private software. Also, the isolated and fragile situation of home office workers makes it easy for fraudsters to steal data using phishing emails, fake websites and booby-trapped mobile applications.

This can be done right away

Luckily, there are a number of ways to make the working environment at home safe. It is a no-brainer to activate password protection of your PC or laptop, and also to lock the screen while away. Switch off voice-controlled devices (e.g. Alexa or Siri) while working. Use a webcam cover when the webcam is not in use. Keep your software up to date. Activate the virus scanner and keep the antivirus software up to date. Check whether the firewall integrated in your operating system is activated. Encrypt portable IT systems and data media.

Hygiene also with passwords

Use a different and secure password for each account. Complex passwords can already fend off a large part of threat vectors. Nowadays, security experts recommend complex passwords that consist of a long string of numbers, upper and lower-case letters and special characters. A complex ten-character password, for example, is hard to brute force and will take years to crack.
Protect your router and your WLAN against unauthorized access and keep its software up to date. Wherever possible, activate 2FA (two-factor authentication), and you contribute to a safe working environment and at the same time to a good balance between security and usability. This means for RoamsysNext solutions that once 2FA is enabled, users keep their usual password, but they will install a dedicated authentication app on a mobile device. Common authenticator apps are Google Authenticator or LastPass Authenticator. Then the settings of the Launchpad need to be opened, click “Settings > Account Security”, enable “App authentication” and enter the given code in the app. With the next login the user is asked to insert a code from the authenticator app, and that’s it.
For secure remote access always use a VPN (Virtual Private Network). Since not all VPNs are set up in the same way, more secure options such as L2TP (Layer 2 Tunneling Protocol) with IPSec (Internet Protocol security) also exist. Another common option is to connect via the RDP (Remote Desktop Protocol). Use unencrypted, public WLAN connections (e.g. in a park or train) for business purposes only in combination with activated VPN. If in doubt, connect via the mobile network or via your smartphone as a hotspot (LTE). Ideally, you should always store data on the central systems of your institution and not locally. If you still want or need to store data locally, make regular backups of the data. Store unused devices safely and protect them from unauthorized access.

The vigilant stay safe

Do not open attachments and links in e-mails from unknown senders. Pay attention to discrepancies even in e-mails from supposedly trustworthy senders. It can also be useful to perform dynamic scanning of incoming e-mail attachments within a sandbox. Attempts by “CEO-fraud” succeed when the fraudster pretends to be a superior and asks you to disclose sensitive information. Verify potentially critical requests, e.g. by a callback.

Make value-driven decisions

And how about the actual tools that are used to get your work at home done? As our loyal customers know, RoamsysNext’s main concern is to help MNOs create a perfect environment for their employees so they can work with the right tools and handle sensitive information on roaming partners correctly and efficiently. And of course, the overarching requirement to any tool is a positive ROI (return on investment).
There is good news: with our tools, our customers already generate additional roaming revenue that exceeds the expenditures. The Wholesale Roaming Manager, for example, is a powerful tool that fits the needs of roaming coordinators, commercial teams, operation teams and the management. Business goals can be achieved more easily if more roaming agreements are launched in less time. With this in mind, we created this all-in-one solution to make one central place for all relevant information and documents. With this, you can monitor roaming activity, provide users with the appropriate access permissions, enforce custom password policies and benefit from end-to-end encryption to keep data private.

Cybersecurity is close to our hearts

Some corporations like to keep the lead, so they also connect with the RoamsysNext Network Configuration Optimizer to fully automate IR.21 related processes and improve the communication between different teams. We help with strengthening the user’s core network by spotting missing and incorrect configurations and vulnerabilities by configuring only relevant data to protect SS7 and IP networks. Audits are essential to make sure that the correct configurations are implemented in every network node. They also help to avoid misconfigurations in billing, steering or in online charging databases so that unavailable services or revenue leakage will not occur.
Great accessibility for inbound and outbound roamers creates better quality perception, a better subscriber experience and less contract hoppers. Make room for more subscribers!

RoamsysNext tools already help more than 700 MNOs across the globe; our strength is the creation of effective data management tools with a secure, well-designed system that simplifies the user’s working life significantly. Cybersecurity is really close to our hearts, so we are increasingly keeping an eye on upgrading security aspects. Stay tuned for more advanced developments from the house of RoamsysNext.

Gabriele Lieser joined RoamsysNext in 2020 as Customer Success Manager to strengthen the bonds with our increasing number of customers and to support the marketing team. Gabriele has a strong background in corporate sales. She studied at the Universities of Trier (Germany) and Manitoba (Canada) and is incorporated in the RoamsysNext Client Service team.

Two-Factor Authentication rules!

For some time now, we have introduced 2FA and have contributed our share to provide more secure access to our tools. Nobert Becker, Head of Software Development, picks up the thread and provides engaging insights into his area of responsibility.

  • RoamsysNext Insights - Wholesale Roaming Manager

Introducing: The RoamsysNext Wholesale Roaming Manager

The RoamsysNext Wholesale Roaming Manager provides powerful collaboration and reporting tools for all roaming partner relationships by converging everything from service openings to the user’s roaming footprint, test SIM cards and tariffs, document and contact management.

We’re in this together

In the second part of our interview with Alexandre De Oliveira, POST Luxembourg Cyberforce, he highlights major pain points in fraud detection and stresses the importance of global information sharing via the GSMA T-ISAC initiative.

Mastering today’s Fraud Landscape

Learn how Alexandre De Oliveira’s team at POST Luxembourg Cyberforce is mastering today’s fraud landscape with penetration tests, security assessments, the Telecom Intrusion Detection System (TIDS) and the Telecom Security Scanner (TSS).

How to avoid configuration errors

Hardening the network is a good way to get configuration errors under control. Introducing smart firewall rules and consistently updating these rules can be very time-consuming, but it’s a crucial measure to be taken.

  • RoamsysNext Insights 9: Interview with Hendrik Hoehndorf

Making a Stand against Fraud

In an insightful interview, our CTO, Hendrik Hoehndorf, speaks about further GSMA initiatives on fraud detection and prevention such as the MISP (Malware Information Sharing Platform) and T-ISAC (Telecommunication Information Sharing and Analysis Centre).

  • RoamsysNext Insights

Let’s talk about data quality

Most fraud and security issues are caused by misconfigured network nodes. This article shows, how RoamsysNext treats this problem on their quest for data quality.