Cybersecurity Testing and Certification
Cybersecurity Testing and Certification offers comprehensive testing to help safeguard IoT devices from growing cybersecurity threats, enabling our customers to build more secure wireless IoT ecosystems with confidence.
As the number and diversity of IoT devices continues to grow rapidly, ensuring the cybersecurity of these devices is of paramount importance. Through the Ericsson Cybersecurity Testing and Certification program, we offer comprehensive cybersecurity testing to help safeguard IoT devices from exposure to threats, enabling our customers to build more secure wireless IoT ecosystems with confidence.
As an accredited Cellular Telecommunications Industry Association (CTIA) Authorized Test Lab (CATL), we provide through Cybersecurity Testing and Certification the testing certification of devices according to industry standards as well as in accordance with regulatory bodies (such as GSMA) and local regulations.
Once testing with Cybersecurity Testing and Certification is complete, we provide a final report detailing the results of the CTIA test, registering the device(s) within the CTIA cybersecurity certification database.
OUR KEY BENEFITS
CTIA Authorized Test Lab
As an authorized test lab, Ericsson verified and certified the world’s first device using the CTIA IoT Cybersecurity Certification Program. The certification process includes verifying the device security features against a set of standard cybersecurity best practices addressing the storage of consumers’ information, rigorous password and security management standards and the availability of an over-the-air mechanism for security software updates.
Ericsson has labs and testing facilities in all major geographies to cater for the needs of local as well as global customers. These labs are corner stones in Ericsson’s global competence network , and enables the testing, certification, carrier and regulatory approval process to run efficiently across all markets and cellular technologies.
Security Management for IoT
IoT security encompasses a wide range of network and IT capabilities. Ericsson sees end to end security as vital in a connected world and applies a holistic view on ensuring security and privacy in telco networks. Ericsson’s suite of solutions brings a shift from reactive to proactive security management through automation, monitoring and analytics.
Per CTIA guidelines, IoT devices are classified into three categories. Ericsson Cybersecurity Testing and Certification performs tests on devices in accordance with these three categories, which are defined as follows:
This includes terms of service and privacy policies, password management, authentication, access controls, patch management, and software upgrades, with
examples of devices in this category including in-home cellular personal emergency response systems (PERS), traffic monitors, consumer drones, GPS trackers, and GPS dog collars.
This includes all Category 1 IoT elements in addition to the following: audit logs, encryption of data in transit, multi-factor authentication, remote deactivation, secure booting, threat monitoring, and IoT device identity.
Examples of devices in this category include connected streetlights, security controllers, industrial routers, security consoles, and mobile payment devices.
Category 3 includes all Category 1 and Category 2 IoT features in addition tothe following security features: encryption of data at rest, digital signature generation and validation, tamper evidence, and design-in features.
Examples of devices in this category include perishable-goods-tracking devices, water, gas, and electricity meters; blood glucose monitoring meters, industrial LTE gateways, and secure services gateways.