/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsThe data handled by the telecommunications sector is as vital and critical to the ecosystem as that of any other sector. Information handled by telecom systems are of four types-infrastructural, operational, customer and internal. Infrastructural data deals with what kind of equipment is deployed where, operating frequencies of different transmission equipment and so forth. Operational information includes the information about activity taking place — what calls are in progress, for how long, etc. Subscription and demographic data about a customer and the internal data of the telecom service provider organization itself are the other two types.
|
/pcq/media/post_attachments/c0f78d678944d3f3055295d90a669a7e63959a0ec2ccb1ec0b219b68d55a121b.jpg)
Each of this information is then classified for security purposes, from four angles. First, the business criticality of the information is determined. Then it is classified for how confidential should it be maintained — some information would be available to outside entities only via a court subpoena. Next, it is classified according to integrity and availability needs. All this is governed by the implementation of the BS7799-2:2002 standard. Additionally, RIL also adheres to the ISO 9001:2000 certification standards. We secure all three aspects of their existence viz. data, infrastructure and process.
All the data is hosted and served from level 3 datacenters owned, designed and operated by RIL each stage the data passes through whether storage or processing are subject to stringent levels of security. The biggest challenge we face in such security is keeping pace with requirements and technology. All our information security management systems, technology and technical controls need to be continuously updated to keep them protected against threats and vulnerabilities. Notably, RIL includes people in its security management plans in a big way. We have included security practices in their HR policy and this, is effective against internal threats. We also provide extensive training to their employees and manuals geared to combat possible threat situations. Training people to recognize and effectively report and respond to a security threat in their own areas is vital to combating that threat. RIL has an Incident Response Team and a well-defined process that takes care of security-breaches when they occur. On the technology front, RIL uses top line firewalls, IDS and anti-malware products to secure our systems against both internal and external threats. We have adopted the Information Security Management System Framework that is continuously audited and certified for the BS7769-2:2002 standards. We have also deployed biometric methods at various levels to keep pace with technology advancements and need-fulfillment offered by the same.
Dealing with Identity Theft
Identity and access management is one of the largest threats organizations across the globe face. Solutions that address these concerns also deal with maintaining accountability within the organization, which in-turn contributes to compliance with various standards and laws. Identity management is effectively implemented using a combination of physical security with bio-metrics and Smart Cards.
Binod Singh, CEO ILANTUS Technologies