|Topic:||A holistic view of network security|
When the subject is network security, most of us think of hackers, phishers, crackers, firewalls, anti-virus software and the like. In remote regions, network security means keeping criminals from stealing diesel generators, radio equipment and copper cabling. Managers of these networks worry about the cost of physical security for their networks. The extra cost of ‘green’ network solutions – of solar and wind powered energy – is hard to justify since it increases the risk of equipment theft and raises insurance costs.
William Tickner is CEO of Omnix Software; he has over 20 years experience in building specialist technology businesses including communications operators’ billing, customer care, operational support and user services needs. Before joining Omnix, Mr Tickner was Vice-President, EMEA of Clarity, a provider of telco operational support systems (OSS). Mr Tickner previously served as a Vice-President at Convergys Corporation where he led business development teams in Europe and Asia Pacific. Prior to Convergys, Mr Tickner led EMEA business development for Geneva Technology. Geneva was later acquired by Convergys. Mr Tickner also has held senior commercial management roles at two technology start-ups. Mr Tickner currently also acts as a non-executive director at three Powerlan Group companies providing strategic and commercial support to the management teams. William Tickner holds an Executive MBA from Henley Business School, UK.
With mobile communications now an integral part of life the world over, mobile operators have had to adapt to the safety and security challenges of many different markets. While the top priority for operators has always been the safety of workers, customers and the general public, they also face on-going challenges to the security of their equipment and business structures. In this chilly economic climate, many operators have to cut costs; they are increasingly focussing on avoiding expensive pitfalls associated with network safety and security. Careful preparation for these problems through tying the network together with ongoing network planning and monitoring, holds the key to reducing lost revenue and unnecessarily high operational expenditure (OPEX). Securing the network While theft and vandalism are challenges operators face in every market, their specific targets can vary wildly. In many African countries the unreliability of the national electricity grid has meant that operators often rely on diesel generators to provide the primary power for base stations and other communications sites. However, the unstable power supply has also raised the value of power generating equipment, increasing the incidence of generator, diesel and transformer theft. One operator in Nigeria is currently replacing 5-10 generators a month due to theft. In addition, Mr. Ahmad Farroukh, CEO of MTN Nigeria, has commented that, “all MTN sites are manned by private security agencies, but thefts occur because thieves tend to be adequately armed with ammunition, guns [and] self-loading trucks”.1 Some of the popular ‘green’ solutions offered by vendors can even add to the risk of theft of power supply equipment. While the marketing and ethical arguments for providing green solutions are convincing, the additional expense of solar and wind powered sources is hard to justify since it increases the likelihood of the equipment’s theft. Vandalism is also a growing problem in many African communities. Local residents are often unhappy with telecoms operators for paying ‘insufficient’ site rental, for generating noise pollution or for accidental diesel spillages. Local communities can even become angry that mobile operators do not provide services outside of their remit, such as for road construction and community power supplies. Operators have experienced intimidation of their site maintenance contractors and, as well, the severing of optic fibre cables and the destruction of generators.2 Nevertheless, many African populations now regard their mobile phones as indispensable – indeed telecoms is often their only reliably functioning utility – and react badly to any drop in the quality of service (QoS). It is imperative then that operators not only respond quickly to site outages, but also ensure they have deployed adequate security to protect both their personnel and equipment, keeping OPEX as low as possible while guaranteeing QoS, thereby attracting new subscribers and decreasing churn. Other common targets of theft are the large and expensive copper co-axial feeder cable and the components running up the towers to connect the base station antennas. The soaring price of copper has made telecoms infrastructure an ideal target for thieves. Although the price of copper fell during the last few months of 2008 (from over US$3 a pound to today’s price of around US$2), it remains an attractive target for thieves. South Africa spends 500 million Rand (US $67 million) on replacing stolen cables every year, while the cost to firms whose power has been cut or phone lines stolen is perhaps ten times that.3 For mobile operators, as previously mentioned, the expensive co-axial copper feeder cable, acting as a waveguide, connecting either the mobile operator’s RF base station or microwave transmission antennas are often targeted by thieves. Even optic fibre cable links are damaged when thieves mistake it for standard copper cabling. In the past, the ability to accurately monitor and report on assets has largely been a question of honesty on the part of the operators’ network departments. Now, this is a matter of board concern that requires integration into financial management processes to guarantee accuracy and confidence. If assets are undeclared or their whereabouts are unknown, penalties can also be enforced for breaches of legislation. It is imperative that network infrastructure is monitored to provide a real-time and realistic view of assets in order to comply with legislation. Continuous external audit programmes can ensure that network assets are in place and that fraudulent transactions have not occurred. Site planning is essential to ensure that communications sites have all the appropriate security precautions, from site fencing to security guards, they require. These types of thefts can create power outages, phone outages and equipment failures. Very often the damage is sufficient to shut down multiple base stations, repeaters or other communications sites, and customers might even be in real danger and, for example, be unable to call emergency services. In developed markets, base station and other communications sites are subject to a rigorous clearance procedure that addresses issues like worker safety, radio interference, aviation safety and the need to minimise the number of sites, towers and other constructions. During the planning of new sites, operators must consider elements like anti-climbing defences on communications towers, warning beacons on masts near flight paths, safety railings around rooftop base stations and compliance with non-ionising radiation legislation to take public safety fears into account. Tower sites in emerging markets often face similar legislation, but more lax enforcement. It is not uncommon for mobile towers in developing countries to be over-loaded with equipment, have non-functioning aircraft warning lights and other serious breaches of safety norms. During the planning and construction of sites, operators often fail to carry out quality assurance audits, checking elements like the site’s foundation to guarantee sufficient wind tolerance and structural integrity. This is essential, given that communications towers can consist of more than ten tons of galvanized iron and many hundreds of components that must be bolted together correctly with the right torque for the tower to remain erect. Solutions Operators who are proactive about maintaining their assets are the first to benefit from knowing when damaged or stolen technology must be replaced, what it should be replaced with, whether or not the equipment is under warranty and if the required replacement component is in a warehouse somewhere waiting to be deployed. Making sure that existing equipment remains functional and that new equipment is brought ‘on-air’ as soon as possible also ensures that assets are generating revenue rather than remaining idle. This keeps inventory levels down and leverages real return from fixed assets. Mobile operators must also track and manage high-value assets throughout their networks to ensure they can account for all their base-station and transmission equipment widely dispersed among hundreds, or even thousands of sites. Without such tracking and management, equipment can be stolen or damaged, adding unnecessary costs to the operator and eating into vital revenues. In addition, without an accurate picture of their infrastructure assets data including for example equipment parameter detail, operators must dispatch a survey team to physically review each site, causing delays and inefficiencies for even minor upgrades or site alterations. The last line of defence for mobile operators is the insurance claim. Network auditing is essential if operators are to provide an accurate view of their assets and secure insurance policies for the best value. Insurance can protect the operator against losses resulting from vandalism or the theft of equipment. When insurance companies don’t have precise per site equipment asset data for evaluation, insurance brokers underwriting network assets often overestimate a quotation to ensure it is buffered, as a precaution, to cover the value of the site should a claim be made. The operator, though, has to pay an ongoing unnecessary price for this precautionary overvaluation. On the other hand, if the operator can provide a very precise, computerised record of all its assets, including relevant depreciation, then it will stand in a good position to negotiate a substantial discount from the insurance provider, which might typically represent 10-20 per cent of the total site insurance premium. While no mobile operator can entirely protect themselves against theft, vandalism or regulatory and legal penalties, a cohesive, holistic approach to network management is essential. If factors like theft and vandalism are taken into account during the planning stage of a network rollout, asset-tracking systems can ensure that masts deployed in high-risk areas have the maximum possible protection. These systems can also ensure that all mast sites receive the safety equipment and certification they require, as well as reminding operators to keep these clearances up to date. In confronting these challenges, project planning, asset management and maintenance tracking are often overlooked weapons in an operator’s arsenal – yet they may also be their most powerful ones.