Spotlight on Tech

Security in Symworld: Stay put at your own risk says Rakuten Symphony's Paul Black

By
Paul Black
VP, Global Product Marketing
Rakuten Symphony
June 1, 2022
7
minute read

Over the past two-plus years, our approach to work has fundamentally changed, with countless new trends and working models adopted. Connectivity — now considered a prerequisite in every aspect of life — has been thrust into the spotlight. As a result, remote working and its variations have become more important than ever, with digital business continuing to flourish as employers and industries adapt to new ways of operating.

Though many of us have and will return to the office in some capacity, the pandemic has undoubtedly accelerated our transition to an online society, resulting in new opportunities and challenges for the providers of connectivity.

Today’s Security Landscape

One thing that has never slowed down during the pandemic and continues to grow year on year is concerns around security — the need to keep our companies, employees, customers, and data safe as businesses harness the value of digitalization. 

The risk of threats will continue to increase and become increasingly sophisticated in the form of how they deliver themselves. For example, with elaborate and convincing methods by email (phishing), text (smishing), or voice (vishing), the risk of data being captured and misused is a genuine concern for everybody.

With all of us adopting an increasingly digital lifestyle, our devices have become integral to what we do for pleasure and business. Not that long ago, you would check your pockets as you left for work in the morning, for keys, wallet, and in my case, glasses. If you had forgotten your wallet, you would invariably turn back. Not anymore. The only essential item for most people is their smart device, and without it, you would feel lost and abandoned in a strange land.

As such, with the encompassing role digital is playing in our lives, we seek and demand connectivity no matter where we are and what we are doing. However, we are awakening to the risks involved with an increasingly "connected" digital lifestyle, and our data must be safeguarded and sacrosanct. Data breaches and data exposure will not be tolerated and will seriously affect a company's position in the marketplace if they are found to be culpable. 

This is particularly pertinent to telecom operators as they are the backbone of all digital services. Therefore, they need to stand up and look holistically over their entire domain and ask if they are doing enough to keep their companies and customers safe.

An operator cannot stand still and allow fear, uncertainty, and doubt (FUD) to detract from its innovation and digital transformation plans. Instead, they must move forward, adapt and realize that security is an essential component in their business strategy and on an equal standing as the acquisition of a new customer.

So, as operators address new challenges and adopt new delivery models with containerization, container orchestration, open interfaces, and the latest generation of mobile standards, they should be continually asking themselves an important and valid question: Is this new world secure?

Unfortunately, you are under attack if you're an operator, and it is impossible to mitigate against everything. So how you respond, react, and what you ultimately learn will be crucial to your defense.

Symworld is the beating heart of Rakuten Symphony, a platform developed to reimagine telecom and break the shackles of the traditional approach to Telecom Networks. A modern, industrial-scale automation platform explicitly built for telecom with the ability of seamless integration to create a cloud-native marketplace.

Security has been considered in every aspect of Symworld design and functionality. Nothing has been taken to chance, with every interface and component following an extensive review to ensure security is front and center in the platform. As a result, the Symworld platform is not only thoroughly tested, but is challenged every single day as it is already deployed and successfully working in a fully functional cloud-native, software-defined 5G network in Japan.

Following a rigorous procedure of Security by Design, there is no one-size-fits-all when it comes to security. Rakuten Symphony understood early on that no single reference architecture or standard can address every possible vulnerability or detect every potential threat. Instead, we strongly believe in a pragmatic, dynamic, and always-on cyber security framework to help identify, respond, and recover from vulnerabilities or compromises to systems.

We follow a comprehensive zero-trust approach to security and follow a step-by-step process to ensure every attack vector, threat and eventuality has been considered.

  1. Design with Zero Trust, Secure Coding
  2. Immutable container images, signed container images and signature verification
  3. Continuous monitoring and remediation of vulnerabilities 
  4. Ensure strict access control for resources as well as resource limit configurations
  5. Securing cloud platforms with hardening best practices
  6. Runtime observability and security based on cloud-native best practice

Symworld has been built to maximize automation and minimize the need for human intervention. 

Symworld Zero Touch Provisioning (ZTP)

All base stations are commissioned and brought online without the need for human configuration, including the security of all node aspects, with the generation, securing and vaulting of all interfaces and involved services. Subsequent configuration changes are handled through the Symworld Automation Studio. At no stage does a human manually write and run a configuration script and at no stage does any operational staff have any direct access to any security credentials. This is just one example of how security has been embedded into the operational model of Symworld as a first-class citizen and at birth.

Rakuten Symphony's approach has been driven by our early adoption of the "new ways of building networks" and the lack of any reference implementation of a successful nationwide Open RAN, cloud-native network deployment. As a result, we had to leverage 21st-century technologies for our 21st-century networks to achieve our objectives with the utmost resilience and privacy with user and data integrity in mind.

In the area of security, standing still is a much riskier strategy than moving forward. Actors are becoming increasingly sophisticated, and you must constantly evolve, as failure to evolve will sadly end with drastic consequences. Therefore, security cannot be an afterthought and needs to be designed into the fabric of the operator's business processes and procedures.

Security
Automation
Zero Touch Provisioning
Runtime Observability
Cyber Security Framework
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Notice for more information.