By Jacob Jagger, Head of Data Safety at Onomondo.
You’re deploying an IoT undertaking. You’re heading into your first dialog with a connectivity supplier. If you happen to attended Onomondo’s Asset Monitoring Digital Summit 2025, it’s unlikely that you’ll choose up the previous playbook – leaping straight into the pricing dialogue. However in case you missed it and your first query to a potential connectivity supplier is “what’s the value”, it’s time to shut this playbook. And throw it away to make sure, as a result of your backside line depends upon it.
The world of IoT and real-world information assortment has modified, and so should the community that helps it. The demand for always-on protection is rising quick, with international IoT connections projected to hit 30 billion by 2030. All this real-time information is feeding operational AI initiatives with large effectivity positive aspects. Inside this circulation, expectations from employers, prospects, customers have shifted – all of us need extra with much less: sooner, cheaper, and safer. {Hardware} and software program have caught up and IoT units can do greater than ever; they’re smarter, more durable, and extra versatile. Even the SIM area is evolving, with long-awaited developments like eSIM IoT (SGP.32) redefining what flexibility seems like. Up to now, so good – However are you able to wholeheartedly and confidently say that connectivity suppliers have advanced to answer these adjustments?
That’s why we encourage you to scrutinize your potential connectivity supplier.
As a result of neither suppliers nor you may afford to deal with connectivity like a commodity. You’re not shopping for SIM playing cards and information plans; you’re shopping for infrastructure. Your whole information technique depends upon connectivity working, and when it doesn’t, it’s binary: no connection means no information, no visibility, and a direct hit to your backside line. IoT deployments are filled with shared tasks, however connectivity sits on the middle of all of them.
So in that first half-hour along with your potential supplier, right here’s what to ask, what’s an appropriate reply – and what’s unacceptable.
1) Am I assured the very best sign?
Earlier than we even contact upon uptime, let’s unpack how units connect with the community at present – and the way it impacts each the lifetime of the machine and your backside line.
Within the eyes of 3GPP, the edge for “prime quality sign” is -85 dBm. However whether or not your machine really connects to a community above this threshold or makes use of one other criterion lies along with your connectivity supplier. Welcome to the spooky world of steering, in any other case often known as the Public Land Cell Community (PLMN) precedence record.
A PLMN record, typically hardcoded into the SIM, dictates the networks your machine connects to – not primarily based on sign power, however on business agreements suppliers have with operators. In follow, this implies your machine could also be compelled to hook up with a weaker sign just because it’s greater on the PLMN record. This course of, referred to as steering, helps the supplier – not you.
Because of steering, your machine can lose wherever between 10% and 50% of its battery effectivity whereas struggling to keep up a weak connection enforced by the PLMN. It might additionally undergo dropped packets and retransmission makes an attempt, inflating each your information invoice and your frustration.
Let’s visualize it for a second. Under you may see an imaginary location together with all of the accessible radio towers.
Within the annotated map beneath, you see a steered connection state of affairs:
Following the SIM’s PLMN, your machine connects to ACME MNO regardless of a number of close by towers providing stronger indicators.
And right here’s the choice.
This can be a non-steered map. The machine robotically connects to the closest and strongest sign and tower, your protection is best all through and the chance of dropped packages is minimized.
Steering is, fairly actually, your supplier including a rule in your machine for his or her business achieve. It’s the SIM overriding the logic of the radio module. Consider any occasion of roaming in your personal life. We now have all been in a state of affairs of roaming, the place our sign is tanked and our good friend’s sign is stellar, regardless that we’re in exactly the identical location. That is the results of the respective suppliers steering the units in several networks due to the PLMN – not due to sign power. We’ve come to simply accept it as a result of it’s the business norm – however that doesn’t make it acceptable.
So dare to problem the possible supplier and ask instantly: Are my SIMs steered?
And right here’s learn how to interpret the reply. Some IoT suppliers will say “no,” solely to disclose later that their SIMs have dynamic or versatile precedence lists. That is nonetheless steered connectivity — simply with an extended leash. The one acceptable reply is easy: No steering, no precedence record. The machine connects purely primarily based on sign power, pushed by the radio module, with “good sign” outlined by precise radio metrics, not business ones.
2) What occurs when my machine goes offline?
Let’s return to the change drivers for a second: Efficiency calls for are greater, and we count on info sooner. Nobody desires a report of what occurred yesterday – what we wish is a visible of what’s taking place proper now. When one thing goes flawed, ready to repair it’s a luxurious – fixing it because it happens is the norm.
Anybody who has operated even one IoT machine is aware of this state of affairs. Abruptly, there’s an unplanned lack of connectivity, a service interruption. Somebody notices it – hopefully you and never your buyer, although hope, as we all know, is for the church – and also you begin investigating. However alas, you may’t have entry to information you want; it’s sitting along with your connectivity supplier. If solely the explanation you deployed IoT units within the first place was information visibility, proper?
So that you file a help ticket to your supplier. Now in case your machine occurs to be roaming, your supplier has to achieve out to their native accomplice to retrieve the info. You might be already three touchpoints faraway from the data you want. However since your machine isn’t on the supplier’s house community, your ticket will not be prioritized.
You now depend upon the supplier’s supplier to ship information again to your supplier, who will then ship it to you – some days later. Solely then can you start investigating and it’s possible you’ll or could not discover the reason for the problem. And in case you don’t, you begin over – no 200 Monopoly {dollars} for you. In the meantime, you’ve misplaced SLA credit, presumably income, and as a substitute of amassing the proverbial 200 Monopoly {dollars}, you’re the one paying them, more likely to ship somebody on-site and regain some management of the method.
This course of raises the underlying query: why deploy related units if you need to bodily intrude this a lot to make them work? So, what’s the acceptable reply right here? Actually not the method above, not a ticketing system, nor an SLA. The truth is, in case you hear the phrases help or tickets, grasp up proper then and there.
The one acceptable reply is that you could have direct entry to connectivity information and real-time troubleshooting. Each MNO has this information, it’s important to function their networks — however MNOs received’t share it. MVNOs, however, can’t share it, as a result of they don’t have entry to it themselves – their MNO accomplice does.
3) Tentative: Are you assembly the compliance necessities?
This can be a trick query. The reply you’ll typically get, typically with far an excessive amount of enthusiasm, is an alphabet soup of acronyms and a slide full of blue certification logos. You’ve learn this far so you may already sense it: that’s not the reply you’re searching for.
What you actually need to know is whether or not your supplier’s SIM safety is powerful sufficient and, extra particularly, how they deal with SIM keys.
Right here’s the quick model. Each SIM card has its personal safety key, which lives on the bodily card. However every of these particular person keys is normally generated from a single grasp key that belongs to the operator.
Let’s flip this round and take a look at what it means for you because the buyer: you –and each different buyer of that very same supplier– are depending on the identical grasp key to authenticate your SIM playing cards into the community. If one SIM is breached, the shared lineage of that key means each different SIM turns into extra susceptible.
We’ve tried to be factual and descriptive within the presentation of this course of. However the fact is, that is legitimately terrifying.
The implications of a possible safety breach when SIM safety is managed this manner are huge. They will have an effect on tons of of hundreds of people –to not point out IoT units– and the financial threat of a breach can simply climb into the tens of millions of euros. And it’s not only a technical threat; it’s the inspiration of vendor lock-in. As well as, this vulnerability obfuscates the best way ahead for the arrival of eSIM IoT.
So, in case your potential supplier launches right into a tangent about certifications or fills the display screen with blue logos, lower to the chase and ask: How do you handle your SIM keys at present, and how do you switch them? And don’t settle for any reply apart from: a novel key for each SIM.
Why cease right here? Ask extra of your connectivity supplier
Our relationship with information has modified.
Our expectations from expertise have skyrocketed.
They’ve each modified our whole behaviors.
However our expectations from connectivity – the riverbed of our information – are arrested someplace between 2004 and our private references from our cellular phone.
Connectivity can not be handled as a commodity, as a result of your information isn’t a commodity. It’s the infrastructure of enterprise choices with real-life impression. It’s not about SIM playing cards or information plans anymore; it’s about whether or not your community can help the sort of efficiency, transparency, and reliability that trendy techniques demand. Industrial information infrastructure relies upon completely on connectivity working as infrastructure – the unseen structure that powers uptime, information integrity, and every little thing your units promise to ship.
And whereas most suppliers nonetheless deal with it like a commodity – and that is precisely the problem these 3 questions are supposed to unveil – Onomondo was created as a result of nobody else was treating connectivity as infrastructure. Onomondo’s connectivity infrastructure was constructed with these solutions in thoughts from the beginning. A community designed in order that units at all times connect with the strongest attainable sign. A system the place information visibility is offered in actual time. A security-by-obscurity mannequin the place each SIM has a novel grasp key – not each buyer; each SIM.
In order you step into your subsequent IoT deployment or rethink your present one, bear in mind: that is just the start of the connectivity-as-infrastructure playbook. Know-how has advanced. The information has advanced. It’s time your expectations and your suppliers do too. Ask extra; demand extra from connectivity, as a result of your backside line depends upon it.
Get in contact with Onomondo to remove the price of connectivity and safe your IoT operations
