Information Security Challenges in Telecom

1
Information Security Challenges in Telecom
Michael T. Clark, Ph.D. CEO 13 October 2004
Safe Harbor

• Neither the information nor any opinion
  expressed in this presentation constitutes an
  offer, or invitation to make an offer, or to buy
  any security issued by the company. This
  presentation contains predictions, estimates or
  other information regarding the Company's
  operations which are forward looking in nature.
  While these forward looking statements represent
  our best current judgment on what the future
  holds, they are subject to risks and
  uncertainties that could cause actual results to
  differ materially and may involve risk and
  uncertainty. This presentation is prepared for
  general purposes only and does not have any
  regard to the specific investment objectives,
  financial situation and particular needs of any
  specific person. No liability for any loss will
  arise with the company as a result of the action
  taken on the basis of information contained
  herein.
• For a discussion of the risks and uncertainties
  that may cause results to differ, you should
  review GTLs filings with stock exchanges,
  including the annual report and quarterly
  disclosures.

www.gtllimited.com
2
The telecom networking environment

• Explosion in the sector with advancements in
  cellular, wireless and satellite technologies.
• Emerging markets race to bridge digital divide.
• Proliferation of IT and telecom technologies
  integrated networks replacing dual systems.
• All critical infrastructure in a country power,
  government, finance, healthcare and education
  depends heavily on converged telecom and IT.

3
Transformation of business process
Source Businessworld, 4th Oct 2004
4
e-enabled business environment
The security framework and tools to organize,
manage and deliver content, services and process

• Support
• Infrastructure
• CRM
• Financials
• Logistics- SCM, B2B, Extranet

• Operation/Program Head
• DSSSLA compliances
• Information support
• Resource management

• B2C Portal
• Visitors/Clients
• View information
• Access B2C services

• Compliance
• Network
• Data storage
• Log analysis
• Physical security
• Knowledge transfer
• Application
• security
• Data security

Visitor
Billing Value add services Workflow
5
Current India scenario

• 5th largest network in the world, second largest
  among emerging economies (after China).
• Annual growth rate of 20 in basic telephone
  service and over 100 for cellular service.
• Increase in teledensity from 7.8 (June 2004) to
  15 by 2010.
• Investment requirement at least US 70 billion by
  2010 with the current CAGR.
• Source TRAI

6
Key IS challenges  

• SIM card vulnerability even encrypted SIM cards
  susceptible to
• duplication.
• Jamming in cellular frequencies.
• SMS vulnerability corrupt messages transmitted
  to handset and
• gateways crash software and corrupt SMS
  packets.
• Traffic interruption and monitoring in WI-FI
  network leads to
• unauthorized access of signals.
• Hacks get access to credit card transactional
  information a vulnerability in General Packet
  Radio Service (GPRS).
• Abuse of database by third party service bureaus.

7
Key IS challenges - continued

• Lack of secured Storage Area Networks leads to
  data loss and unauthorized disclosure of
  sensitive data.
• System dependency on internet technologies
  results in illegal intrusions, disruption,
  disablement and corruption of critical
  infrastructure.
• Open architecture challenges privacy, safety,
  integrity and processes.
• Vulnerabilities in wireless networksmicrowave
  systems TDM/GSM/CDMA cellular WLANS.

8
IS support layer
Management and third party

• Audits
• Compliances

Decision support

• Encryption
• Messaging solutions
• Authentication solutions
• Content security
• Transaction security
• IS policy enforcements
• 
  

Application support
Internal security

• Secure VPN
• Anti- virus solutions
• Firewalls
• IDS
• Vulnerability assessment
• IS planning

Network support
External security
9
Assigning responsibilities service partner

• Securing open networks primary responsibility.
• Framework for success
• Manage security threats
• ISMS implementation
• Recognizes IS as a major part of Information
  framework
• Evolve with changing environment
• Vigilant about change

10
Assigning responsibilities regulator

• Foster effective legal, regulatory and
  enforcement framework to stimulate business.
• World Banks four pillars of public policy for
  electronic security
• Legal and regulatory framework electronic
  transactions laws governing legal validity
  security of payment systems data privacy and its
  impact money laundering
• External monitoring of e-security practices
• Managing digital identities
• Precautions in network, applications and process
  compliances
• Indian telecom laws and regulation.

11
Assigning responsibilities industry

• Strengthen best practice regimesIndian security
  standard.
• Public private partnership.
• Engage international agencies and institutions on
  IS.
• Develop Indian brand-identity at highest level of
  IS.

12
IS business drivers ahead

• Telecom players will focus more on embedded
  security integration becomes easier.
• Transactional security will be the key offer in
  the full-fledged security solution market bundled
  with security point-products.
• Telecom (bandwidth) service providers will
  implement full-fledged IS management system.
• Security outsourcing would enable service
  providers to focus on their core-competencies.
• Uniform regulations for converged environments
  harmonized international IS regimes.

13
THANK YOU
www.gtllimited.com