Corporations are typically connected to two public, un-trusted networks: the Public Switched Telephone Network (PSTN); and Wide Area Networks (WANs) or the Internet. An array of vulnerabilities in internal data networks, the traditional phone environment, and other critical corporate infrastructure are accessible through an enterprise's unsecured traditional phone network. Although attacks against an enterprise's Internet connection receive the most public attention, attacks against an enterprise through the traditional voice network are common. Telecom industry has evolved significantly over the last five years and during this period there has been an increased requirement to have robust information security environment. Also, with the industry having stringent legal and regulatory information security requirement, there is an enhanced focus on the subject across telecom operators. Some of the growing concerns of Telecom organizations continue to be:
- Comprehensive information security risk assessment covering the entire organization
- Understanding and addressing legal & regulatory requirements
- Focus on information security in holistic manner covering telecom network, equipments and IT systems
- Strengthening internal organization security with changing threats and operational requirements of business
- Third party security being part of the Information Security Framework
- Defining an operations control framework for maintaining privacy of sensitive information
- Continuous assessment of risks emerging from new technologies and defining controls to mitigate them
How to protect your organization?
Telecom operators are governed by the regulations laid down by regulatory bodies such as Telecom Regulatory Authority of India (TRAI), Department of Telecom (DoT), Telecom Dispute Settlement Appellate Tribunal (TDSAT), Group on Telecom & IT (GOTIT), Wireless Planning Commission (WPC) and Telecom commission which also include information security requirements . Further, the recent Unified Access Service License (UASL) amendment extends information security to the telecom networks and also to the third parties of the operators. Effective implementation measures should include an Information security governance framework that spans across the organization. While most of the telecom operators in their current operations have been able to formalize an Information security governance framework in the Information Security (IS)/IT function, it would be imperative to have this extended to the telecom networks.
intiGrow's Energy and Utilities Security Solutions and Services
- Specialized information security groups to recognize and resolve emerging threats and challenges
- Periodic vulnerability assessment and classification of information
- Experts team looking at various attacks and have a continuous security improvement plan
- Data encryption for providing content services to the customers