beem App

Devices that are connected to the Swisscom mobile network via a SIM card and have been assigned a beem Protect & Connect user licence are automatically hosted on beemNet. Company sites with a Swisscom broadband connection with beemNet (and thus all devices connected there) are also automatically hosted on beemNet. 

Devices in third-party networks require the beem app to connect to beemNet. This applies to devices with a mobile subscription for Swisscom residential customers or from third-party providers in Switzerland and abroad, as well as when users connect their devices while working from home or using a public WLAN. The beem app also enables end-to-end encryption of the data connection. 

In the case of customers with beem Essential, users need the beem app to benefit from advanced protection against cyberthreats on their devices. This enables, for example, analysis of the content of data packages (Deep Packet Inspection) and thus provides advanced protection against viruses and other malware.

The beem app is needed for users to receive push notifications about averted cyber attacks, prevented data leaks and the like.

For secure access to company data and business applications, the beem app is required in order to check device parameters (Device Posture Management), such as whether an up-to-date antivirus is enabled, the device password is strong enough or data carriers are encrypted. This functionality is included in beem Standard, Plus and Premium and enables advanced device protection. If user end devices are centrally managed, the beem app and the necessary certificates are automatically installed on them. 

Alternatively, users can securely access company data via the beem Business Application Portal, even when using unknown or public devices, without installing the beem app. With beem Standard and above, further options are contained that provide even anonymous users with selective access to company data and business applications.

To use the beem app, you need a beem user licence. If you have a user licence, you can log in to the beem app with your mobile phone number or your username.

If a device is connected to beemNet, data streams are transmitted via beemNet and subjected to numerous security checks. Unlike with many other security solutions, the data traffic in beemNet undergoes all security checks at the same time (single pass) – guaranteeing speed and high data throughput rates. Inbound and outbound data traffic is inspected and unauthorised access from the Internet as well as accidental clicks on malicious websites are blocked.

In addition to the above, devices connected to beemNet are anonymised with respect to Internet services through the use of various security technologies. This reduces the risk of erroneous security configurations and outdated operating systems, thus protecting all connected devices against cyberthreats, whether they are computers, tablets, smartphones, printers, production machines or similar.

The beem app is required in order to encrypt data traffic in third-party networks. The app also installs the necessary certificates on the end device – or alternatively these can be installed using the integrated Device Management function (with beem Standard or above) or manually. This enables analysis of even encrypted data (Deep Packet Inspection), so malware can be detected and blocked.

With beem Standard or above and the appropriate user licences, client devices with an up-to-date operating system can also be managed as an option. This enables device settings to be configured automatically to further increase security.

A mobile subscription directly connects devices to the Internet via the mobile network.

A beem user licence gives employees access to beemNet and thus a secure gateway to the Internet that protects them and their devices against phishing, malware and other cyberthreats. Furthermore, user licences are not restricted to SIM-enabled devices; they can connect PCs, Macs, tablets and smartphones to beemNet, regardless of which mobile network or WLAN they are connected to. The user licences also enable secure access to company data and business applications, for both employees and business partners.

Our mobile subscriptions are an integral part of the beem Protect & Connect user licences and are available in various versions; for example, Swiss or Europe. When using devices on the Swisscom mobile network, employees with a Protect & Connect user licence are automatically connected to beemNet rather than the public Internet – without having to install or activate anything.

With beem, your data traffic is analysed in beemNet, automatically and exclusively by automated means, in order to detect and prevent attempts to access harmful websites or download malware. Content is not censored; only access attempts and files deemed harmful or malicious from a cybersecurity perspective are blocked. 

When analysing data traffic, beem decides automatically whether or not a security check is required and if so, if this should be basic or comprehensive. For a comprehensive security check – for example, to check for viruses and other malware – data must be temporarily decrypted so that the content can be analysed (known as deep packet inspection or DPI). This comprehensive security check is only available with the beem app. The decryption is fully automated and performed exclusively in Swisscom data centres in Switzerland. The data is then immediately re-encrypted. No content is stored. 

The entire analysis is automated – nobody within Swisscom or our partners has access to your data. The whole process, from start to finish, complies with Switzerland’s strict data protection laws and security standards. There is temporary storage of anonymised, technically necessary information only, and your content remains confidential at all times.

The beem app is available for Windows, MacOS, iOS/iPadOS and Android. Details about the supported client operating systems(opens in new tab) can be found on beem docs.

The beem app needs to install a special certificate on your device in order to protect you effectively while you surf online. The certificate allows encrypted data (e.g. HTTPS websites) to be temporarily decrypted so that it can be analysed in beemNet. 

This certificate is called “Swisscom beemNet Root CA” and is issued directly by Swisscom. The certificate ensures that the beem app can establish a secure and trusted connection to Swisscom’s beemNet, therefore serving as a form of digital ID that enables secure communication between your device and beemNet.

You can find further information about Root CA certificates(opens in new tab) on beem docs.

iCloud Private Relay (also known as Apple Private Relay) is a data protection feature in iCloud+. Private Relay conceals the IP address of your device, among other things, to protect your identity and privacy while you browse the Internet. It is designed to work primarily with the Safari browser and selected apps on iPhones, iPads and Macs – so it does not cover all the data traffic on the device.

beem also protects your privacy by concealing your IP address but additionally checks websites and files for harmful content. If iCloud Private Relay is enabled, some of the Internet traffic is rerouted and therefore bypasses beem. This means that beem can no longer fully protect and control the data traffic, which can cause firewall and DNS problems, loss of performance when surfing and reduced transparency. In order to ensure that beem can function properly and allow you to enjoy high-speed surfing, we recommend that you disable Private Relay on your iPhone or iPad.

You can find technical details about beem with iCloud Private Relay(opens in new tab) on beem docs.

You can install the beem app on as many devices as you like. However, simultaneous use on multiple devices is limited and depends on your user licence, the selected mobile subscription and the availability of any multi-device options.

For example, Protect & Connect Swiss includes two devices, while Protect & Connect Global includes six. All subscriptions allow you to add extra devices with the multi-device option. Our subscription overview shows you how many devices and/or simultaneous app users are included.

The Protect user licence requires you to choose the specific number of devices you would like to protect. 

You are asked to log in each time for your security: the process ensures you are a verified beem user and not attempting to gain unauthorised access. Your login is only valid for a certain period, so you will need to log in again each time it expires. This enables us to preserve a trusted connection and comply with applicable security guidelines (e.g. ISO standards). The frequency of logins depends on which Security Edition your company uses, and the approach is designed to strike a balance between protection and user experience.