Combining private 5G networks with cloud architecture can strengthen government IT systems

From education and healthcare to urban planning and traffic management, the public sector is increasingly adopting 5G to tap into its flexible and fast performance to improve citizen-centric service delivery.

Beyond being merely “just another upgrade in the connectivity realm,” 5G offers another key benefit to public organisations, which is network slicing, said Ericsson’s ASEAN Regional Director, Enterprise Wireless Solutions, Ken Poh.

Modern 5G networks can support a wide range of services that have varying needs, ranging from high-speed consumer Internet to critical applications like autonomous vehicles or emergency services drones.

Network slicing allows carriers to create multiple networks on top of common physical infrastructures, which organisations can then purchase to meet their specific application or organisational requirements.

"These slices customise network resources to match the specific demands of applications — all from the same underlying infrastructure,” he added.

To subscribe to the GovInsider bulletin click here.

Taking a SASE approach to securing 5G

But there is a caveat there amidst the benefits. The more endpoints attached to a 5G network, the larger the organisation’s attack surface, said Poh.

To this end, Ericsson made the case to converge both 5G and secure access service edge (SASE) solution to effectively secure networks.

Why SASE? Poh touted the ability of a cloud-based architecture to secure organisations with increasing networks and distributed workforces.

5G also enables robust connection to implement network security features – without taking up bandwidth and hampering network performance.

Poh pointed to two factors that when combined, create an effective solution to secure networks: One is microtunneling, which creates a network security approach that protects data in transport without hampering performance and bandwidth utilisation.

The second is SIM authentication, which helps to secure endpoints in 5G and wide area networks (WANs). “For Internet-of-Things (IoT) devices, laptops, and mobile devices, SIM authentication enables a secure but simple way to provide an identity source, through the identity of the SIM card, that can be used to create a security policy.

“This allows for a clientless security solution across both unmanaged and managed devices,” he explained.

Not only securing 5G – 5G also to boost security

Wifi security may be acceptable for logging in at a coffee shop, but not within the framework of a large organisation or government department’s network, said Poh.

“While Wifi 6 has made improvements, the presence of sensitive data and critical IoT devices underscores the need for additional layers of security,” he noted.

He recommended government organisations to tap into private 5G networks for both security and efficiency advantages.

“Additionally, the network architecture of private 5G or private LTE usually includes on-site servers, enabling organisations to keep traffic between IoT devices and corporate servers on their internal network rather than routing it through the public network,” he explained.

In terms of security, private 5G and 4G long-term evolution (LTE) deployments provide additional layers of security through encryption, such as SIM/eSIM authentication and edge devices, that Wifi cannot provide.

Government agencies can also have full control over the network’s configuration, security policies, and access controls.

To subscribe to the GovInsider bulletin click here.

5G SASE for public data privacy and security

Under the amended Cybersecurity Act, critical information infrastructure (CII) operators – including government departments - in Singapore will need to declare any cyber-security outage and attack experienced on their premises and along their supply chain.

To respond to the security risks associated with shared applications, including Office 365, Zoom, WhatsApp, and others, many Singaporean organisations have banned or blocked the use of these applications in a bid to remove risks.

But security breaches are still taking place, with Cradlepoint’s annual State of Connectivity Survey 2024 finding that more than two-thirds of organisations in Singapore were subjected to a network security attack in the past 12 months.

Nearly one-quarter of those were a major security breach which resulted in loss of data and more than 14 per cent resulted in significant company fines.

“Appification” has resulted in customers, contractors, and partners – the whole supply chain - accessing applications from devices that are unmanaged and therefore risky, not to mention employees using their own devices to access sensitive data,” said Poh.

“As part of its 5G SASE, Ericsson offers Web Application Isolation, which enables employees to access public cloud applications and private or web-based corporate applications while providing secure access from unmanaged devices of third parties and employee bring your own devices (BYOD),” he explained.

Poh also added that air-gapping applications and data from malware or security threats on a device means users on any managed or unmanaged device can still access applications.

Easy-to-set granular policy controls can restrict access and data usage on a least-privilege basis and enforce per-user browser controls to prevent data loss.

This means that for instance, if you have an employee working from a BYOD, they may be permitted to edit a file within O365 but not to download it onto their unmanaged device. In contrast, a contractor may be limited solely to viewing data within an app.

Interested in learning more? Join Ericsson at Asia’s premier cybersecurity event, GovWare Conference & Exhibition October 15-17 at the Sands Expo and Convention Centre in Singapore. Schedule a meeting with the Ericsson team, or stop by Booth S21 to discover the latest in 5G SASE technology from Ericsson.