When Wireless Infrastructure Changes Hands

With the rollout of 5G networks, wireless infrastructure assets, such as cellular towers, are becoming one of the most valuable real estate investments. With 300,000+ towers in the US and companies such as UnitiAT&T, and Phoenix Tower entering large scale tower deals over the last 18 months, it prompts a natural question: what does buying and selling physical wireless infrastructure mean for security? 

A Short History Lesson 

20 years ago, when the mobile network industry was exploding, wireless telecom operators bought up a lot of real estate to build towers to support their networks. These real estate holdings created a bunch of assets and liabilities, independent of the primary wireless network business. Management came up with a grand idea: sell off the assets and lease them back to run their networks. And the towerco was born. 

At the same time, smart entrepreneurs saw the opportunity to buy up land, erect a tower, and enter into lucrative contracts with carriers to host their antennas and equipment.  

Where Keyless Access Control Comes In 

Telecom towers are assets, being bought and sold all the time. The average tower transaction ranges from 1 to 50,000 towers. Sellers are looking to maximize the value of their portfolio for sale; buyers are looking to buy something that integrates into their existing operations, as seamlessly as possible, even at scale.  

Buyers of telecom assets have the same concerns as buyers of a new home. They wonder if whether they have keys for all the locks, and whether they all the keys have been returned or if there are still some floating around out there. Home buyers often solve this by changing the locks. Now, imagine you’re buying many houses at once and they’re spread across the countryside, sometimes without road access. Changing the locks is expensive and time-consuming, and creates a liability for the new buyer. A keyless access control solution, like Sera4’s padlocks and Teleporte platform, can help alleviate these challenges for both buyers and sellers. 

For sellers, including a wireless access control system in the sale increases the value of the portfolio because the locks can be sold as assets, along with the towers. Buyers are often willing to pay a premium because they trust that there aren’t any loose keys post-acquisition, and they’re acquiring a more efficient operation, complete with insights to help them optimize their processes.  

The value of assets beyond the towers themselves isn’t traditionally part of the consideration process in these transactions, but it should be. If you’d like to learn more about how Sera4 is helping telecom, and other industries, safeguard their physical infrastructure assets, book a demo at https://www.sera4.com/demo/.

We sell identity (not just access control)

Security. Reliability. Scalability. These are all things that we’re proud to provide to our customers, and that our customers have come to rely on. One thing we don’t talk about enough is identity. We have a suite of hardware and software solutions to help utilities, telecom, oil & gas, and other industries provide access control to their assets and critical infrastructure. But that’s not really what we’re selling. We’re selling identity intelligence, and we think it’s the most important thing we do.

The basics of identity intelligence are easy to understand: you want to know who’s accessing your assets, and when. That’s why our customers choose Sera4 over other types of access control solutions—in addition to high-quality wireless padlocks that eliminate the inherent challenges of traditional keys, Sera4 provides insights into which individuals are accessing your critical infrastructure, when they’re accessing it, and how long they’re staying.

Hand holding phone showing Sera4 access control app

These types of insights are useful for three reasons. First, and most simply, people behave better when they know they are being identified. We’ve found that vandalism on a telecom site is reduced by 60-80% when a person is tagged on site, and is held accountable for what happens while they’re there. Even when you have no bad actors in your organization or contractor network, that level of accountability helps ensure that individuals clean up and lock up the way they’re expected to.

Second, keyless locks provide automatic, real-time audit trails, eliminating the need for manual logs that are frequently subject to human error. For businesses that require audit trails for their own security or for certifications like ISO 9001, keyless locks provide much easier collection of these activity logs.

And third, and maybe most interestingly, is that once you know who is accessing controlled assets when, and how long they’re staying, you can learn a lot about processes in your organization, and how to optimize them and make them more efficient. This is why we released Work Sessions; using Teleporte, our customers can understand the flow of on site work, and gain insight into how long specific components of a process take.

Screenshot of Sera4 access control dashboard with map and audit log

Regularly analyzing audit trails and entry/exit data allows you to create a baseline for how long specific jobs take, and use that information to make better decisions. For example, these insights can help you define scope of work and billing with contractors. They can help you reconcile invoices for work performed—in fact, one of our customers is considering adding opening and closing the Sera4 lock to the SOP for all contractors, so he can analyze the data and find areas for improvement. The insights from Teleporte can also help you determine the capacity of and forecast changes for your workforce.

Our solutions allow our customers to manage identity across any number of sites, in any location, at scale. Whether you need 10 locks and keys, or 10,000, we provide a complete feature set and predictable, transparent pricing. If you’d like to see our solution in action, or learn more about how our customers are using Sera4 to safeguard their most critical assets, contact us.

Sera4 releases Device Restriction

We just completed updates of our Teleporte Servers (3.7) and released our Mobile App (5.5). We’re excited to share that Device Restriction is now available to all our Teleporte Enterprise subscribers.

This new feature gives control to Teleporte Administrators to limit the number of mobile phones to which Teleporte users can download keys. We are aware that some users are sharing their Teleporte credentials with other contractors to share keys. This practice obviously undermines the accuracy of the access logs and may expose our customers to risk of unauthorized entry. Administrators can now easily enable Device Restriction with a selection in the admin console.

Device Restriction works despite the upgraded privacy controls in the latest mobile operating systems. Users with multiple mobile devices connected with a Teleporte account will receive a message that only their primary device will download keys. In the event that they switch devices, as simple message to their administrator will update their primary device registration.

Device Restriction is another way that Sera4 innovates to provide security in keyless access. It will also improve the accuracy of your access logs. Please visit our support portal or contact us if you are interested in training on this new feature.

We’re moving!

As of today, we’ve moved our headquarters to a new larger office. Not only does this accommodate our growth, but we now on the ground level with on-site warehouse and production areas.

Our new mailing address is

Sera4 Ltd.
100-630 Weber Street North
Waterloo, Ontario
Canada
N2V 2N2

We plan to hold an open house, but we will have to wait until it is safe, after the pandemic.

Sera4 Introduces Authorized Integrator Program

Sera4 is pleased to announce its Global Authorized Integrator Program. This program creates a reliable support structure for contractors and installers who install and service Teleporte. It provides a uniform quality of service to our end users.

Some benefits of the program include structured training for installers, access to a comprehensive knowledge base, preferential Sera4 support, and the opportunity to access the Warranty+ extended warranty program

Sera4 has already signed up our first Authorized Integrators. Contact us if you are interested to join the program or if you need to locate an Authorized Integrator.

Hidden Access Control: Security through Obscurity

Sometimes the best way to protect something is to hide it.

To some people, a keyhole or a padlock or a handle on something will act as a public notice that reads Valuables Inside. Those who are motivated to steal notice these signals. And when they’re identified by those people, they can tell the story about how to break them at a glance.

With keyless access, you can design a more secure system to protect your assets with a fully hidden mechanism. Imagine how the hood of your car opens, and you’ll have a good idea of what we mean. With a Sera4 Lock Controller, you can design a door, a panel or other secure hinged compartment that pops open by the touch of a smartphone. A door like this is more secure because it’s more hidden. It won’t have a handle, a keyhole, a padlock or other signals that it opens. And even when somebody might want to break in, it’s not clear where or how to start an attack.

Vertical Infrastructure: AX5 controlling access on a smart light pole.

5G demands denser networks in urban areas. This means that communications equipment is being installed in places like fake trees, park benches and lamp posts. These are places where people aren’t expecting to find anything valuable, and keeping access points obscure keeps them out of sight and out of mind. The only way to tell that there is an access point is to check with the Teleporte app on your phone.

Reliability

In the unfortunate event of a system failure, a door without a handle can be a difficult thing to open. The most common type of failure is a power failure: dead batteries. This is where our Access Pad can help. It provides a power connector (for a common 9V battery) to conveniently and discreetly power a dead system to get it open. In the rare case of a radio or app incompatibility, the Access Pad enables our Failsafe Unlock feature.

Sera4 Access Pad

With the latest technology, access points can be designed to be more secure and look better at the same time.

Please reach out to us. Each application is a little bit unique. We’d love to discuss how we can help conceal your access points.

The case against Remote Unlock

Every now and again we are asked the question “can we remotely unlock things with Teleporte?”  We understand where the question comes from. Most IoT devices are focused on remote sensing or control from a distance. Smart devices allow you to do things like set your home’s temperature from the other side of the world. It’s easy to assume that smart locks should behave in a similar way.

We often get asked to include this feature but we have purposefully built Teleporte so that a person is required in the physical presence of the device. We wanted to render unlocking something remotely from a command center impossible. And it is important for you, our customers to understand why.

Practical Risks

First, we do allow you to remotely enable a user, so there is no argument for someone new or unexpected needing access. In what situation then would you want to release a lock without an individual there? We can’t think of a practical scenario. Having someone on-site means that when the lock is opened the asset is being watched the whole time. Someone can close a gate behind them, reducing the time an asset is not secured. And most importantly, a person on-site can lock up again. Many locks are designed to fall or pop open when unlocked, and without someone there to close them, a remote unlock function would not guarantee a corresponding and critical lock function. 

Second, you don’t just want anyone on site when access is granted: you want to know who is getting in. With a remote unlock, there is little guarantee that the person going into a site is the one who is supposed to be. Smartphones are actually very sophisticated to identify a user with passwords and biometrics and their location with GPS. A local virtual key is much more reliable than a remote unlock process.

Cybersecurity

Finally, we want to mitigate the risks of hacking and cybercrime. In 2019, artificial intelligence designed and carried out more cyberattacks than people did. The attacks are getting more sophisticated. At Sera4, we use the best cybersecurity practices, but no one can predict everything.  If there is a logical path to remotely unlock something, there is a risk that it will happen; be it a sophisticated hacking attack or something as innocent as an error in an API integration. Imagine the catastrophe if the locks on a critical infrastructure network were all remotely opened at the same time. We designed Teleporte to ensure that this is impossible. 

We appreciate the excitement around technical feasibility and fancy features such as remote unlock, but every feature comes at a cost. Our goal is to the safety and security of our systems first, ensuring less risk and more reliability to you.

Sera4 appoints Precision Marketing as US Sales Engineers

Sera4 is pleased to announce that Precision Marketing Inc. is now the exclusive frontline Technical Sales Representative firm for the Sera4 keyless access control product line for the Telecom, Utility, Transportation and Military/Aerospace markets for the following U.S. states: AL, AR, CT, DC, DE, FL, GA, IA, IL, IN, KS, KY, LA, MA, MD, ME, MI, MN, MS, NC, ND, NE, NH, NJ, NY, OH, OK, PA, RI, SC, SD, TN, TX, VA, VT, WI, WV.

Now in it’s 46th year of operation, servicing 37 US states, and a team comprised of 16 field solutions engineers and 7 inside support staff, PMI has established itself as a technical representation leader in markets such as Telecom, Utility, Transportation and Military/Aerospace. 

The partnership with PMI is effective immediately and it is a clear demonstration of Sera4’s commitment to serve the keyless digital access control market in the United States.

Go Keyless

It may not be apparent at first glance: going keyless is about a lot more than just not having to carry around a key or a fob. It’s about added security, new concepts of control, smarter operations and reporting. 

When we say “go keyless”, we mean abandoning any physical thing that controls access rights. That means no keys, no access cards, and no fobs. The keys are virtual; digital tokens stored in smartphones and automatically transmitted over the air.

Control

Virtual keys afford greater control over who has access to your assets. Keys can be granted to or revoked from people who aren’t physically present. Virtual keys can do things that ordinary keys can’t, like only permit access within a time window or limit the number of times they can be used. And with virtual keys, they can be automatically given many people in a service team and to many sites at once. These things would be impossible or very cumbersome with traditional keys.

Security

Despite first impressions and consistent news about poorly-executed smartlock designs, virtual keys can be more secure than physical keys. Imagine how we all do internet banking today. At Sera4, we use the same security principles and architectures to keep the same levels of reliability, security and scale. Where physical keys can be mechanically cloned, it is much harder to hack a digital certificate. Physical keys can be passed from person to person, or misplaced and picked up by strangers. Even more relevant is that virtual keys identify the user, which provides a lot of practical security. Many fewer people will brazenly steal from a site when they know they are being identified in real time.

Information

When business sites go keyless, they get automatic real time access logs. This can greatly reduce the cost of security protocols or even compliance with standards like ISO 9001. The data that comes back is already digital, more accurate and more detailed than traditional paper logs. Businesses should be analyzing this data routinely to identify waste in their processes and optimize their operations. Profiling site accesses can yield valuable insight about where contractors are not doing their jobs. Imagine a contractor that has billed to do a job that will take at least 2 hours, but the access logs show them on site for only 3 minutes.

Convenience

Most people will not forget their phone at home. Their car pairs with it and it’s clear when it’s missing. So many life functions depend on it. A physical key or card can be left at home without a thought until the moment it’s needed. So much truck roll is saved by not having to drive to get keys, either ones forgotten or fetching them from a depot. Virtual keys are with you whenever you need them!

And, of course, going keyless is also about the convenience. I used to go out with a wallet, a phone and a keyring. Then the wallet was absorbed into the phone with services like Apple Pay. Now, the keyring is also absorbed, and my pockets thank me. What I like best is when I need to get into a lock that wouldn’t have been on my physical keyring. Contact us to learn more about how friendly the future can be.

BIAS against Bluetooth

Another vulnerability of the Bluetooth security stack has been revealed this week: Bluetooth Impersonation AttackS (BIAS).

Unfortunately, this highlights another concern with the Bluetooth stack and is, in-part, due to the wide range of devices and configurations that Bluetooth has to support. The suggested remedy is for “the Bluetooth SIG [to update] the Bluetooth Core Specification”. (Source: bluetooth.com)

All this implies it will be up to chipset vendors to find and work around the problem in the interim.

Credit: The Hacker News tells us more …

The biggest risk is likely to be against mobile devices (mobile phones and laptops). Previously-paired devices can no longer be trusted. i.e. you could be communicating with a bad actor (impersonator).

As a word of caution: other Bluetooth-enabled smart locks and mobile software solutions may incorporate this same flaw. This would allow you to pass the digital keys to the wrong device: A “man-in-the-middle” attack.

Rest assured: Teleporte relies on digitally signed certificates to ensure that communications are encrypted. Only true Sera4 locks or lock controllers have the decryption key. All this happens without using the Bluetooth security stack — so access to your Teleporte locks remains secure and unaffected by BIAS.