A couple of issues really;
First the In Control notification system (which has obviously been put there to protect the SOHO and alert system administrators to potential breaches) seems to operate solely from the Web Gui and when you ‘Apply’ any changes, I suspect it is simply a mechanism that when you click the ‘Apply’ button sends an instruction through to Pepwave notifying it. I appreciate the system monitors rebooting and loss of connectivity, but I remain unconvinced that a real hacker working in the Cli (say via ssh) would trip the system or alert the administrator. Please can you confirm?
Second, it appears that although you can change the default administrator account name in the GUI, this does not get changed at a Cli/ssh level and remains as admin . . clearly one of the first things a competent system administrator should do is change the System administrator account name/disable it and create a new (and unknown) administrator username, yet your system appears to only support this at the GUI level (a bit like the query above). Can you
confirm if this essential security feature is in the process of being added to the Firmware?