1. Home
    Item seperator
  3. Item seperator
    Supply Chain Security

Supply chain security

Safeguarding the entire ecosystem in which we operate

Abstract image

Nokia’s commitment to supply chain security is not just about protecting our business - it’s about safeguarding the entire ecosystem we operate in. By working together with our partners, we ensure a secure, resilient, and trusted global network.​

As a global technology leader, Nokia operates within a complex ecosystem of suppliers, integrators, and service providers. In today’s threat landscape, supply chains are increasingly targeted by cyberattacks, making security a critical component of operational resilience and customer trust.​

​To address this, Nokia has implemented a robust supply chain security framework (SCSF) that:​

  • Categorizes suppliers by risk level (low, medium, high)​
  • Requires third party security assessments (TPSA) before onboarding​
  • Embeds security requirements into contracts and lifecycle management​
  • Mandates information security awareness training for suppliers​

​This framework ensures that security is not an afterthought - it is embedded from design to delivery, directly benefiting our partners by​:

  • Protecting shared infrastructure and data from breaches and disruptions.​
  • Ensuring compliance with global regulations.​
  • Reducing operational risk through proactive incident prevention and response.​
  • Reinforcing trust in Nokia as a secure and reliable partner.​

​We view supply chain security as a shared responsibility. Our partners are expected to uphold equivalent standards, and we provide guidance and support to help them meet these expectations.​

Third-party security management

At Nokia, protecting our ecosystem is a security priority. We actively safeguard the security posture of every third-party collaborator through a robust, end-to-end security program designed to build trust and resilience.​

Our program stands on three pillars

Smart supplier classification

Every partner is assessed and categorized by risk and business impact, enabling tailored security oversight.​

Stringent selection standards

From onboarding onward, we enforce rigorous security requirements to ensure compliance with Nokia’s high benchmarks for data protection, operational integrity, and regulatory compliance.​

Continuous security assessments

Regular, in-depth evaluations keep collaborators aligned with evolving security protocols, identify areas for improvement. and strengthen defenses against emerging threats.​

And it doesn’t stop there - third-party components and systems integrated into our products undergo Nokia’s DFSEC (Design for Security) process.

​Through these measures, we ensure every partnership reflects our commitment to security, trust, and operational excellence.​