Why Tower Companies and Mobile Network Operators Should Share Keyless Access Systems

A lot of value is unlocked (no pun intended!), for both the landlord (towerco) and tenant (MNO) when they share a system, not only from a security perspective, but from an operational efficiency perspective as well.

Keyless padlock on telecom MNO towerco gate

Shared Systems = Better Security

Imagine that every time you left the house, you put a lock on the refrigerator, but left the front door open. That wouldn’t make sense; someone could break the lock in the privacy of the house, or even steal the whole fridge, without much effort. But it’s analogous to what often happens when MNOs and towercos don’t share security systems or standards. MNOs put so much effort and stringency into the security of their networks, and often less so into the security of physical sites; especially sites that they don’t own or control. It’s critical for cybersecurity that MNOs have reliable control of who accesses network elements behind firewall protection. With physical keys, it’s hard to keep track of them, and therefore hard to ensure that bad actors can’t wreak havoc on the network. In markets where theft and vandalism are common, MNOs are at risk for major disruption if the security of the site is breached. In our opinion, MNOs should not accept a security standard from a towerco that is any less than their own asset security. The risk is too high. Our experience shows that, not only does sharing a keyless system on both the towerco and MNO assets eliminate the liability of physical keys and the potential for bad actors to get their hands on them, it also reduces petty theft and inside jobs on site. Identified people tend to behave themselves, and that’s what we’re really selling: identity. Sera4 provides a reliable mechanism for identifying which individuals are accessing which site, and when.

Work Better Together

In addition to reduced vandalism and theft, a shared wireless access control system improves operational efficiencies.

Reduce access control overhead
Sera4’s Teleporte platform allows administrators to automate key issuance based on work orders, whether from the towerco or the MNO. This automation reduces the overhead that comes with maintaining an access control system, and ensures that only specified individuals are gaining access when required.

Issue keys for multiple assets at once
On a shared system, administrators can issue keys for multiple assets at once, whether owned by the towerco or the MNO. Separate keys for the gate and the panel? No problem!

Remove logistical challenges of physical keys
With some towercos managing 200,000+ sites, it’s a logistical nightmare to get physical keys to contractors/staff who need them, when they need them. These challenges are eliminated with wireless keys, allowing towercos to serve their tenants faster, thereby serving the MNOs customers faster.

Improve end-user experience
End users only have to learn one system, and only need one app to not only access the site, but the assets within, like active equipment cabinets or panels.

Gain insights into on-site processes
Teleporte provides an on-site audit trail of when locks were opened and closed, allowing operations teams to optimize SOPs, manage resources appropriately, and identify when processes aren’t being followed.

We offer special packages for MNOs and towercos looking to implement a shared wireless access control system. Visit us at https://www.sera4.com/demo/ to learn more about how we can help you work better together.

We sell identity (not just access control)

Security. Reliability. Scalability. These are all things that we’re proud to provide to our customers, and that our customers have come to rely on. One thing we don’t talk about enough is identity. We have a suite of hardware and software solutions to help utilities, telecom, oil & gas, and other industries provide access control to their assets and critical infrastructure. But that’s not really what we’re selling. We’re selling identity intelligence, and we think it’s the most important thing we do.

The basics of identity intelligence are easy to understand: you want to know who’s accessing your assets, and when. That’s why our customers choose Sera4 over other types of access control solutions—in addition to high-quality wireless padlocks that eliminate the inherent challenges of traditional keys, Sera4 provides insights into which individuals are accessing your critical infrastructure, when they’re accessing it, and how long they’re staying.

Hand holding phone showing Sera4 access control app

These types of insights are useful for three reasons. First, and most simply, people behave better when they know they are being identified. We’ve found that vandalism on a telecom site is reduced by 60-80% when a person is tagged on site, and is held accountable for what happens while they’re there. Even when you have no bad actors in your organization or contractor network, that level of accountability helps ensure that individuals clean up and lock up the way they’re expected to.

Second, keyless locks provide automatic, real-time audit trails, eliminating the need for manual logs that are frequently subject to human error. For businesses that require audit trails for their own security or for certifications like ISO 9001, keyless locks provide much easier collection of these activity logs.

And third, and maybe most interestingly, is that once you know who is accessing controlled assets when, and how long they’re staying, you can learn a lot about processes in your organization, and how to optimize them and make them more efficient. This is why we released Work Sessions; using Teleporte, our customers can understand the flow of on site work, and gain insight into how long specific components of a process take.

Screenshot of Sera4 access control dashboard with map and audit log

Regularly analyzing audit trails and entry/exit data allows you to create a baseline for how long specific jobs take, and use that information to make better decisions. For example, these insights can help you define scope of work and billing with contractors. They can help you reconcile invoices for work performed—in fact, one of our customers is considering adding opening and closing the Sera4 lock to the SOP for all contractors, so he can analyze the data and find areas for improvement. The insights from Teleporte can also help you determine the capacity of and forecast changes for your workforce.

Our solutions allow our customers to manage identity across any number of sites, in any location, at scale. Whether you need 10 locks and keys, or 10,000, we provide a complete feature set and predictable, transparent pricing. If you’d like to see our solution in action, or learn more about how our customers are using Sera4 to safeguard their most critical assets, contact us.

Sera4 releases Device Restriction

We just completed updates of our Teleporte Servers (3.7) and released our Mobile App (5.5). We’re excited to share that Device Restriction is now available to all our Teleporte Enterprise subscribers.

This new feature gives control to Teleporte Administrators to limit the number of mobile phones to which Teleporte users can download keys. We are aware that some users are sharing their Teleporte credentials with other contractors to share keys. This practice obviously undermines the accuracy of the access logs and may expose our customers to risk of unauthorized entry. Administrators can now easily enable Device Restriction with a selection in the admin console.

Device Restriction works despite the upgraded privacy controls in the latest mobile operating systems. Users with multiple mobile devices connected with a Teleporte account will receive a message that only their primary device will download keys. In the event that they switch devices, as simple message to their administrator will update their primary device registration.

Device Restriction is another way that Sera4 innovates to provide security in keyless access. It will also improve the accuracy of your access logs. Please visit our support portal or contact us if you are interested in training on this new feature.

Keyless Padlocks in Winter

Winter is hard on padlocks. We know. We live in Canada. Cold can make oil sticky. Freezing rain and a hard frost can seal moving parts. Here are some things you should be considering when deploying keyless padlocks in a winter climate.

Battery Types

Most battery types (and all rechargeable types we know of) have significantly shorter battery life as temperatures drop below freezing. A typical rechargeable battery will not only lose charge in the cold, but will not recharge well in the cold either. Batteries that can’t perform in the cold will leave you locked out in the cold.

When a battery has charge, it needs to be designed for the cold to deliver its rated current in the cold. This is why automotive batteries in cold climates advertise Cold Cranking Amps. Lower current leads to less powerful or slower internal motor operation. This may result in a lock that does not open or close as it was designed to do.

The solution is simple. Ensure a battery is designed to work in the cold for reliable winter performance operation.

Sera4’s AP3 padlock uses replaceable Lithium Thionyl Chloride batteries. These military-grade batteries are formulated to perform similarly in the coldest and hottest natural temperatures on Earth.  In the event that the battery is out of power after a time (this happens to every battery), the micro-USB port is convenient and accessible and facilitates access. An added bonus is that maintenance is a lot faster on a replaceable battery than with a rechargeable padlock. We can also deliver our products will full charge and ready-to-deploy, where rechargeable batteries need to ship at 30% charge.

Electronics

Electronics used outdoors in the winter must be designed and qualified for reliable use in cold temperatures. Consider that most consumer electronics in winter climates is still consistently used above the freezing point. Electronics require additional design and quality considerations to function reliably in deep cold. Designing electronics for the cold follows well-known quality standards (such as AEC-Q100), requiring specific attention during product development. We don’t expect consumer-grade electronics to consistently work outside in the dead of winter.

Ice Buildup

You should be concerned about ice buildup on padlocks in the winter. Humidity or water can get into parts of a lock and then freeze. Once there is solid ice around a mechanism that needs to move to open or close, the best thing to do is to melt the ice.  This is obviously inconvenient. We recommend focusing on simple installation tricks that will keep precipitation off the padlock in the first place.

AP3 is IP66-certified, so it will be fine to be left out for years in the rain. In winter climates, we recommend installing a simple vinyl flap over top of the padlock as shown below. This simple solution has proven in our tests to be more effective than more complicated approaches. 

In case you do find a padlock with significant ice deposits, try to resist the urge to hit at it with a hammer to chip away at accumulated ice. This usually only removes superficial ice and can result in surface/finish damage to the padlock body or shackle. Instead, try pressing the shackle deeper into the lock body. This will often dislodge stuck compoenents. Another smart option is to use a lock de-icer fluid. These bottles are small, inexpensive and effective.

Don’t let winter get between you and the benefits of going keyless. With the right products and a little bit of care during installation and operation, winter won’t be an issue. Feel free to talk to us if you have any questions about padlocks in winter weather.

Hidden Access Control: Security through Obscurity

Sometimes the best way to protect something is to hide it.

To some people, a keyhole or a padlock or a handle on something will act as a public notice that reads Valuables Inside. Those who are motivated to steal notice these signals. And when they’re identified by those people, they can tell the story about how to break them at a glance.

With keyless access, you can design a more secure system to protect your assets with a fully hidden mechanism. Imagine how the hood of your car opens, and you’ll have a good idea of what we mean. With a Sera4 Lock Controller, you can design a door, a panel or other secure hinged compartment that pops open by the touch of a smartphone. A door like this is more secure because it’s more hidden. It won’t have a handle, a keyhole, a padlock or other signals that it opens. And even when somebody might want to break in, it’s not clear where or how to start an attack.

Vertical Infrastructure: AX5 controlling access on a smart light pole.

5G demands denser networks in urban areas. This means that communications equipment is being installed in places like fake trees, park benches and lamp posts. These are places where people aren’t expecting to find anything valuable, and keeping access points obscure keeps them out of sight and out of mind. The only way to tell that there is an access point is to check with the Teleporte app on your phone.

Reliability

In the unfortunate event of a system failure, a door without a handle can be a difficult thing to open. The most common type of failure is a power failure: dead batteries. This is where our Access Pad can help. It provides a power connector (for a common 9V battery) to conveniently and discreetly power a dead system to get it open. In the rare case of a radio or app incompatibility, the Access Pad enables our Failsafe Unlock feature.

Sera4 Access Pad

With the latest technology, access points can be designed to be more secure and look better at the same time.

Please reach out to us. Each application is a little bit unique. We’d love to discuss how we can help conceal your access points.

Sera4 releases Work Sessions

Sera4 is thrilled to announce that we have launched Work Sessions. This represents a significant advancement of our Site Assurance module in Teleporte. Work Sessions is available now to all Teleporte Enterprise subscribers. 

Over years of digitizing access control for industrial infrastructure, we see a consistent story emerging. Access and time-on-site is more complex than it is for someone getting into a safe or opening a bicycle lock. Often, teams access sites and sometimes arrive and leave at different times. There are usually several locks or access points on a site. With Work Sessions, we are making the process of access management and site security much more fluid and powerful.

Linking Event Records

With Work Sessions, we group Teleporte activity from the moment the first person arrives on-site and checks in, to the time the last person leaves. This means that once a site is open, locks can be open and closed within a work session without opening and closing the site. A different person may close the site and mark it as secure (all locks registered closed).

The interconnectedness of events in a Work Session

A record of the links between events in a site visit can be as powerful as it is convenient.

  • Understand how long a job takes to complete on site, and even get verified timing on specific components of a job
  • Have workers take accountability for ensuring the site is secured when leaving
  • Control who gets access based on prior behavior
  • and more

All of this is automatic and in the background while you enjoy the benefits of going keyless with Teleporte.

Available Now

To access the latest features including Work Sessions, Teleporte users will upgrade to the Teleporte App version 5.4. Our servers are already updated.

Click here for access to the latest documentation on the Teleporte Features and learn more, or contact us. We would be pleased to arrange a demonstration of Site Assurance and what it can do for you.

Don’t Call Us, We’ll Call You (Webhooks Are Here)

With every security component added into a critical infrastructure, comes the inherent need for information, automation and control. As the number of critical components in your infrastructure grow, so does complexity and the necessity to stream information as it happens. Integrators and clients are now looking to being on the receiving end of data in real time in order to provide critical dashboard updates. We’ve listened and we’ve delivered.

With Teleporte Cloud server 3.5, we have added a critical component to our API capabilities: the concept of webhooks. In a “don’t call us, we’ll call you” manner, Teleporte Cloud is now capable of calling your secure endpoint with real-time data concerning events that are happening inside your system. Webhooks are to APIs as fuel is to a fire; they can ignite your integrations and get your organization on the receiving end of updates as they happen. Remember, polling APIs is so 1990’s, go real-time by enabling webhooks.

To better understand what the difference between an API and Webhooks are, consider this simple analogy:

APIs are request based. They are useful for pulling data on demand.
Webhooks are event-based. They are useful for receiving critical events when they happen.

API + Webhooks = Complete Automation Capabilities

Teleporte Cloud now supports webhooks that can be configured for updates to important events (such as the creation or deletion of digital keys), access requests to locks and even the creation, deletion or update of system users. As an example, if you’re looking to know that ‘administrator X with email [email protected] created a digital key to lock 21, on site B that is valid from Tuesday at 9am to Tuesday at 5pm’ as it happens, then webhooks are your holy grail! Get on top of and react quicker to events happening in your infrastructure by enabling webhooks.

Feel free to ask us about our Slack integration. Our webhooks support Slack out of the box and can have your team seeing the benefits of webhooks within seconds.

Get more details about webhooks at https://apidocs.sera4.com or contact us to discuss how you can get webhooks working for you.

High-Security Keyless

In protecting your assets, there is always a tradeoff between convenience and security. For example, when you go into your office every day, you want to get in through the main doors without any delay.  But when the asset requires the highest security,  added rigour such as additional security checks are necessary.

The vault application is a good example of how keyless solutions are catching up with old standards for addressing high-security requirements.

  • Vaults often include locks whereby 2 keys are required and placed more than 6 feet apart. Two individuals, each of whom have their own unique key, must open the lock at the same time for the door to open. This approach prevents a single rogue actor from opening a door when they do not have authorized access
  • Another high-security standard opens a door after several minutes of unlock delay. This delay, connected with alarms, is a strong deterrent for criminals. They know that law enforcement will be coming while they are waiting for the door to open.

Bringing these features to Keyless

Sera4 has released Teleporte Cloud server 3.5 and Teleporte Mobile application 5.2. All Teleporte Enterprise customers now have access to high-security protocols to match the use cases above. 

  • The new Multi-Authentication Unlock feature requires two or more users to unlock a lock. Each user has their own key for that one lock and each user must issue the unlock command to the same lock. The lock only opens after all required users try to open the lock on their own account.
  • The new Delayed Open feature can be enabled on a lock-by-lock basis. The administrator can configure the delay. When someone unlocks a Sera4 lock in the Teleporte Mobile application, it will open only after the specified delay.

At Sera4, we envision a fully keyless world. With these innovations, we bring keyless benefits to the highest-security applications, such as vaults. We expect that there will be many applications for these new features that we haven’t even imagined yet.

For more information on the available features on the Teleporte Cloud server, click here. Or simply and contact us to arrange for a demo. We’re excited to show off our latest innovations.

Failsafe Unlock Explained

The Teleporte keyless access control system uses digital certificates as keys and controlled through a mobile phone application.  We have proven this method to be secure, scalable and reliable. Teleporte works on practically all Android and iOS devices (over 700 models in use and counting), so we ensure great user adoption. Users access the vast majority of our locks in this way.

With the recent launch of Teleporte server 3.4, we introduced the Failsafe Unlock feature. With this, you can still get into your locks in the event your smartphone isn’t working; whether the phone’s battery is dead at the end of a long working day or somehow your phone is damaged and no longer functions. The Failsafe Unlock feature provides you with a 4-digit flash pattern that you replicate by holding the button on the lock or with our Access Pad. Entering the valid code will grant access to the lock.

How Failsafe Unlock works as a user.

Failsafe Unlock is even easier to use from the administrator’s side. The administrator will tell the user the code and record who they gave it to in the admin panel. This way, Teleporte system maintains the access logs. The code is unique to each lock and is only valid for a few hours. Failsafe Unlock is now available to all Teleporte Enterprise subscribers.

With this innovation, we are enabling the transition to digital access control by eliminating the last of the reservations for going keyless. For more information, contact us or click here for more product information.

Teleporte 5.1 for Android: French Support

We are pleased to announce the immediate availability of our Teleporte Mobile Application version 5.1 for Android. In addition to numerous minor usability and bug fixes, we now provide French language support natively in the app. Teleporte for iOS to follow shortly.