Light Dark
May 12, 2021 By Jennifer Gregory 4 min read
Mobile Security
Application Security
Network
Security Services

Employees using mobile devices for work is nothing new. From health care workers using them for patient care to a salesperson checking work email in an airport, most of us have our phones on us at all times. However, the increase in the number of remote workers due to the COVID-19 pandemic has ramped up mobile use for work even further. That includes both doing work directly on devices and connecting laptops to a network. So which is more secure for mobile work, 5G or a private LTE cellular network?

Private LTE Meets Today’s Mobile Performance Needs

Companies often used 5G as a stopgap during the quick shift to remote work, with varied results. According to the PwC U.S. Remote Work Survey released in January, there was a 22-point difference in the survey results between how employers felt they provided a mobile experience for work applications and data and how employees felt about the experience. On top of that was an increase in security issues during the pandemic, including 59% more phishing scams and a 36% increase in malware.

Overall, remote work has been a large success. The PwC survey found that 83% of employers and 71% of employees felt remote work went well, with only 6% of each group reporting it wasn’t successful. Business leaders are now planning the future of work. For many, that includes either a hybrid approach with a higher percentage of remote work than before the pandemic or 100% remote work.

A key component of designing the future of work involves enabling employees to use mobile when needed for connectivity. Both 5G and private LTE networks could be key steps on the path forward.

Why Choose 5G?

For years, 5G has been touted as the future of mobile and connectivity, while private LTE feels old-fashioned. Because of its increased speed and reliability, 5G provides many benefits. With travel restrictions opening up, employees are using their remote work status to work from anywhere. With 5G they now have the connectivity needed to work from whatever location they choose, including attending video calls over cell networks.

Companies using cellular for Internet-of-things (IoT) devices now also have the bandwidth needed to collect data reliably, such as manufacturing plants collecting real-time temperature data. If a machine is overheating, the sensor sends an alert to mobile devices so a human can take care of it. However, this only works properly with fast and consistent cellular signal. That’s why 5G is often the choice for IoT devices.

High performance is even more essential when using machine learning and artificial intelligence (AI). Processing large amounts of data quickly requires increased bandwidth and speed. Using AI over cellular requires 5G performance to perform personalization and data analytics.

Does 5G Provide Enterprise-Level Security?

However, some business leaders wonder (with good reason) if the cellular network meets their safety standards. Protocols HTTP/2 and PFCP are at risk for subscriber profile data, impersonation attacks and faking subscriber authentication. Because standalone 5G networks use these protocols, mobile connections over 5G are open to these attacks. As we’ll discuss below, a mix of 5G and private LTE may be your best bet.

Recent concerns also surfaced regarding data access and denial-of-service attacks related to network slicing. Researchers have discovered that when a 5G network uses shared and dedicated network functions, application and transport layers may be at risk, especially because of the lack of mapping. While the issue is currently only related to network slicing, the practice generates high revenue and is expected to increase.

5G networks have other problems that have been known for years. Breaking into 5G networks is very easy — often compared to being as easy as breaking into the internet. Brookings explains that the increased security risks of 5G start with the design of the network. A distributed, software-defined network is much more challenging to protect than a centralized network.

Aside from the design, the usage and scale of 5G also make the risk of attacks greater. Now that IoT devices can use AI on a cellular network, the number of devices has increased. That’s not to mention the increased use of mobile devices for more complex tasks, thanks to the improved connectivity. On top of that, the 5G network grew quickly. With that rapid expansion, the small-cell antennas used in urban areas are a bull’s-eye for threat actors.

Is Private LTE Secure?

With 5G security concerns coming to the fore as the pandemic winds down, many people are turning to private LTE networks. For some, the risks of 5G may be greater than the benefits. It might not be worth the risk for use cases that aren’t dependent on speed and performance, such as employee tasks that don’t require AI. But is LTE secure? A private LTE network is independent of cellular carriers, using its own dedicated cell sites and core network servers. This network supports only the specific company and isn’t accessible to or used by people or devices outside.

Private LTE networks provide many benefits, including accessibility even in areas not covered by cell networks. The private LTE network cost for data transfer tends to be lower than on public networks. Because the organization controls the security, private LTE networks can be way more secure than public 5G networks even when used with a virtual private network. Organizations can also set up prioritization, such as guaranteeing low latency for IoT devices, which improves the reliability and speed of the LTE network.

Combining Private LTE Architecture With Other Options

By combining a private LTE network with a zero trust strategy, the security of the network improves even further. With a zero trust approach, networks default to assuming that all users and devices attempting to access data or a network are not authorized. Every access request must be verified. Zero trust is especially useful for network configurations such as LTE, which are decentralized. Microsegmentation, which limits the access of data and apps in the event of an attack, can also boost security on a private LTE network.

As you create a new path forward in terms of networks, processes and security, LTE should be a strong consideration. For applications that require speed, performance and reliability, companies can also consider a hybrid approach. Consider using 5G for data that requires the performance but is low risk in terms of sensitivity, while using LTE for other applications. While 5G has been the hype for several years, you can take a step back and evaluate your specific needs both in terms of safety and performance. Design an approach that makes the most sense for your business needs.

 |  |  |  |  |  | 
Jennifer Gregory
Cybersecurity Writer

More from Mobile Security
August 25, 2023

Juice jacking: Is it a real issue or media hype?

4 min read - You get off a flight and realize your phone is almost out of battery, which will make getting an Uber at your destination a bit challenging. Then you see it — a public charging station at the next gate like a pot of gold at the end of the rainbow. As you run rom-com style to the USB port, you may briefly wonder if it’s actually safe from a cybersecurity perspective to plug in your phone. The answer is technically…

January 26, 2023

Third-party app stores could be a red flag for iOS security

4 min read - Even Apple can’t escape change forever. The famously restrictive company will allow third-party app stores for iOS devices, along with allowing users to “sideload” software directly. Spurring the move is the European Union’s (EU) Digital Markets Act (DMA), which looks to ensure open markets by reducing the ability of digital “gatekeepers” to restrict content on devices. While this is good news for app creators and end-users, there is a potential red flag: security. Here’s what the compliance-driven change means for…

January 10, 2023

A view into Web(View) attacks in Android

9 min read - James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware in Android uses overlay techniques to steal victims’ credentials. In 2022, IBM Security Trusteer researchers discovered a new trend in financial mobile malware that targets…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature