Introduction

By 31 January 2027, PSTN-reliant services need to be moved to digital alternatives. Many sites will be affected before that date, because Openreach is retiring the copper network exchange by exchange and has already stopped the sale of new copper lines across much of the country. For ordinary voice calls, that may be relatively straightforward. For critical devices, it is different. A fire alarm, lift emergency line, telecare pendant, lone-worker alarm, utility telemetry point or remote monitoring system is not just “using a phone line”. It is depending on a communications path that may carry a safety, compliance, operational or revenue-critical event.

The risk is not only that a device stops working. The larger risk is that no one knows which devices are exposed until the first failed test, missed alarm, wasted service visit, payment outage or compliance review.

That is why the final practical window before January 2027 should be used for one thing above all: finding every PSTN-dependent device, classifying its criticality, testing its migration route and assigning ownership for the connection that replaces it.

The hidden problem: many PSTN devices are not in the IT inventory

Most organisations know where their laptops, routers and servers are. Far fewer have a complete record of every device connected to an analogue line.

That is because PSTN-dependent equipment often sits outside normal IT governance. It may have been installed years ago by a facilities contractor, lift maintenance company, security installer, telecare provider, building management supplier, utility contractor or local branch team. It may appear on a telecoms bill as a line rental charge without the device being clearly identified. It may be recorded as a building asset, not a connectivity asset.

That creates a dangerous visibility gap. A line can look low-priority in a billing report while supporting something highly critical on site. The scale is significant: Openreach reported in early 2026 that more than 2.8 million PSTN lines still needed to migrate, including around half a million serving business premises.

Common PSTN-dependent systems include:
  • Fire and intruder alarm signalling
  • Lift emergency phones
  • Telecare alarms and dispersed alarms
  • Door-entry and access-control systems
  • Intercoms and help points
  • Payment terminals
  • CCTV and security monitoring links
  • Building management systems
  • Plant-room and utility telemetry
  • Remote environmental monitoring
  • Lone-worker and welfare systems
  • Emergency roadside or site phones
  • Backup lines for remote offices or depots

The first question is therefore not “what technology should we buy?” It is “what do we already have, where is it, what does it do, and who owns the risk if it fails?”

Five checks every critical-device owner should complete now

1. Check every line, not just every site

Start with line-level visibility, not site-level assumptions.

A site-level review is not enough. One building can contain multiple PSTN-dependent systems owned by different functions.

A retail branch may have payment terminals, alarm signalling, CCTV, fire systems and a lift line. A healthcare site may have telecare connections, remote monitoring equipment, access control and emergency phones. A utilities site may have telemetry, gate access, safety systems and legacy monitoring equipment.

The audit should start with line-level evidence:

  • supplier bills
  • line rental records
  • alarm receiving centre records
  • lift maintenance records
  • fire and security maintenance logs
  • telecare device inventories
  • facilities asset registers
  • local site surveys
  • contractor service records
  • network diagrams
  • helpdesk tickets relating to “phone line” faults

Where a line cannot be matched to a device, treat it as unresolved rather than safe. Unknown lines should be investigated, not disconnected by assumption.

2. Classify the device by criticality

Not every device requires the same migration path. The right replacement depends on the consequence of failure.

Criticality tier Meaning Examples
Life Critical Failure could affect personal safety or emergency response. Telecare alarms, lift emergency lines, lone-worker alarms and emergency phones.
Mission Critical Failure could disrupt essential operations or critical infrastructure. Utility telemetry, transport systems, plant monitoring, security infrastructure and emergency service-related systems.
Business Critical Failure could result in material commercial loss, service interruption or reputational damage. Payment terminals, branch connectivity, remote building systems and stock or asset monitoring.
Geo-Critical

 (location-dependent risk)
 Failure risk is increased by location, coverage, power resilience or lack of local technical support. Rural assets, unmanned sites, construction sites, depots, forecourts, substations and distributed estates.

 

This classification matters because a basic replacement connection may be adequate for one application but not for another. A critical alarm path, remote telemetry link or emergency line needs more than “it connects most of the time”. It needs a designed, monitored and supportable communications path.

3. Test the whole service chain, not only the device

A migration is not complete when the new unit powers on. It is complete when the end-to-end service has been tested.

For an alarm, that means the signal reaches the alarm receiving centre. For telecare, it means the alert reaches the monitoring centre and the voice path works where required. For a lift line, it means the emergency call connects clearly and reliably. For a payment device, it means authorisation works under live operating conditions. For telemetry, it means data reaches the platform and can be monitored.

The test should include:

  • power interruption scenarios
  • broadband outage scenarios where relevant
  • mobile coverage checks at the actual installation point
  • signal strength and network availability
  • failover behaviour
  • alarm transmission and acknowledgement
  • voice quality for emergency calling
  • monitoring-platform visibility
  • service desk escalation routes
  • maintenance responsibilities
  • evidence that the test was completed and recorded

For critical devices, “tested once on installation” is not enough. The replacement path should be capable of being monitored and supported through its operational life.

4. Decide whether the device needs fixed, cellular, multi-network or hybrid connectivity

There is no single replacement architecture for every PSTN-dependent device.

Some devices can move to IP over fixed broadband. Others are better suited to cellular. Some need a managed IoT SIM. Some need a router. Some need 4G VoLTE voice. Some need multi-network cellular resilience. Some remote or hard-to-reach sites may need satellite as part of the resilience model.

The decision should be based on the application, the site and the operational consequence of failure.

Key questions include:

  • Does the device need voice, data or both?
  • Is the service safety-critical or compliance-sensitive?
  • Is fixed broadband available and reliable at the site?
  • Is there adequate mobile signal inside the plant room, lift motor room, riser, cupboard, basement or kiosk?
  • Does the device need to work during a local power failure?
  • Is single-network cellular appropriate to the risk level and performance needed, or is multi-network access required?
  • Does the organisation need private routing, monitoring or estate-level reporting?
  • Who will manage the connection after installation?
  • What evidence will be available if the device fails, drops offline or needs support?

For legacy voice applications such as lift alarms and emergency lines, 4G VoLTE can provide a practical migration route where the use case requires voice continuity rather than a full equipment replacement. For data-led applications such as telemetry, payment, monitoring or alarm signalling, the more important questions are resilience, security, routing, visibility and support.

5. Assign ownership after migration

The PSTN switch-off is often treated as a one-off replacement project. For critical devices, that is too narrow.

After migration, the organisation still needs to know:

  • who owns the connection
  • who monitors it
  • who receives alerts
  • who responds to faults
  • who manages SIMs, routers or replacement devices
  • who maintains records
  • who validates ongoing performance
  • who holds evidence for audits, insurers or compliance reviews
  • who reviews the estate as networks continue to change

This is where many projects fail. The old analogue line may have been simple, passive and familiar. Its replacement is usually more capable, but also more dependent on configuration, power, coverage, routing, monitoring and supplier coordination.

The migration should therefore end with an operating model, not just an installation certificate.

What to prioritise first

With the deadline approaching, organisations should prioritise by risk, not convenience.

  1. Life-safety systems: telecare, lift emergency phones, lone-worker alarms, fire alarms, emergency phones and any system used to summon help.
  2. Compliance-sensitive systems: alarm signalling, access control, fire and security systems, emergency lines, utility monitoring and systems subject to insurance, safety or regulatory scrutiny.
  3. Unmanned and remote sites: assets where a failure may not be noticed locally and where engineer access is slower or more expensive.
  4. Multi-site estates: retail branches, housing estates, healthcare sites, depots, forecourts, substations, pumping stations, local authority buildings and distributed operational networks.
  5. Unknown or poorly documented lines: any line that appears on a bill but cannot be confidently mapped to a device should be treated as a risk until proven otherwise.

A practical audit framework

A useful PSTN migration record should capture the following information for every line and device:

Field What to record
Site Address, building, floor, room or asset location
Line reference Supplier, account, number or circuit ID
Device type Alarm, lift line, telecare, intercom, payment, telemetry, monitoring
Owner Department, supplier, contractor or operational owner
Criticality Life Critical, Mission Critical, Business Critical or Geo-Critical
Current connection PSTN, ISDN, broadband, cellular, dual path or unknown
Replacement option VoIP, 4G VoLTE, IoT SIM, router, multi-network cellular, satellite or hybrid
Power dependency Mains, battery, UPS or unknown
Test requirement Alarm path, voice call, platform data, payment, remote access
Monitoring Who can see whether it is online
Support route Who responds if it fails
Migration status Unknown, assessed, planned, migrated, tested, signed off
Evidence Test record, installation date, supplier confirmation, monitoring screenshot

This turns the PSTN switch-off from a telecoms issue into a managed operational-risk programme.

Common mistakes to avoid

Assuming broadband equals resilience

Digital voice and IP-based services depend on power, routing, broadband availability and equipment configuration. A device may be “digital” but still have a single point of failure.

Treating mobile as a simple backup

Cellular connectivity can be highly resilient when designed properly, but performance depends on signal, antenna position, network availability, roaming behaviour, SIM management and monitoring. A SIM swap alone is not a resilience strategy. For example, see our industry-leading resilient rSIM solutions that combine multi-network with DualCore failover.

Testing only at installation

Critical devices should be tested as part of the live service chain. A successful local test does not prove the alarm, call or data reached the correct destination under realistic conditions.

Leaving ownership with “the supplier”

Many systems involve several suppliers: device manufacturer, installer, telecoms provider, monitoring centre, facilities team and IT. Someone inside the organisation still needs to own the risk and evidence.

Waiting for the provider to find every affected device

Communications providers can help with line migration, but they may not know what every line supports inside a building or estate. Device-level discovery remains the responsibility of the organisation that owns or operates the service.

Where CSL fits

CSL supports organisations to keep life-, mission-, business- and geo-critical systems connected throughout network change.

Depending on the use case, that may involve:

  • IoT SIMs for managed cellular connectivity
  • multi-network connectivity for greater coverage options
  • IoT routers for critical site connectivity
  • VoiceLink for legacy analogue voice applications moving to 4G VoLTE
  • rSIM for enhanced resilience through dual-core mobile connectivity
  • CSL Satellite for remote or hard-to-reach locations
  • alarm signalling solutions for monitored fire and security applications
  • connectivity management tools for estate visibility and support

The right answer depends on the device, the site and the consequence of failure. The important step is to make that choice deliberately, with evidence, rather than allowing each site or supplier to improvise under deadline pressure.

Final checklist before January 2027

Before the PSTN switch-off, critical-device owners should be able to answer yes to these questions:

  • Have we identified every PSTN or ISDN line across the estate?
  • Do we know which device or service each line supports?
  • Have we classified each device by criticality?
  • Have we prioritised life-safety and compliance-sensitive systems?
  • Have we checked mobile signal and power resilience at the actual device location?
  • Have we selected the correct replacement path for each use case?
  • Have we tested the full service chain after migration?
  • Can we monitor whether the connection remains available?
  • Do we know who responds when a device goes offline?
  • Do we have evidence for audit, compliance, insurance or internal assurance?
  • Have we planned for wider network changes beyond PSTN, 3G switch off’s, and 2G migration?

If the answer to any of these is no, there is still unresolved operational risk.

CSL can help you identify PSTN-dependent devices, prioritise critical applications and design the right migration path across alarms, telecare, lift lines, emergency phones, monitoring systems, remote sites and distributed estates.

Book a Critical Device Connectivity Review to identify risk, prioritise critical systems and define the right migration path.
Contact Us

Further Reading:

Published on: 25th June, 2026
Sectors: Building & Security, Healthcare & Telecare, Industrial, Infrastructure, Public Sector, Retail & Hospitality, Transport & Logistics, Utilities
Applications: Alarm Systems & Worker Safety, Building Automation/Smart Building, Critical Resilience & Multi-Site Operations, Emergency Lighting, Emergency Services, Energy Efficiency Monitoring, EV Charging & Parking solutions, Healthcare Infrastructure, Manufacturing & Automation, Medical Devices, Onsite Connectivity Access Point, Renewable Energy, Security & Surveillance, Telecare/Remote Monitoring

Related Blogs

Cyber Security and Resilience Bill: What Connected Estates Need to Evidence

When Medical Care Moves Into The Home, Who Owns the Connection?

EV Connectivity, EV Routers and EV SIM Cards