Professional Documents
Culture Documents
BalaBit Comply ISO 27011
BalaBit Comply ISO 27011
ISO/IEC 27011
Meet telecommunication-specific information security
guidelines
Security challenges in
telecommunications ISO 27011 Goals
Protection of highly sensitive data Telecommunication firms whose facilities are used by various users to process
Telecommunication firms possess and must control access to several information such as personal and business data should handle this information
types of sensitive data including private customer data, employee with great care and apply an appropriate level of protection. In conclusion,
records, and company financial information. Not only do service telecommunications organizations need to establish and continuously improve
providers maintain large databases containing demographic and an overall security management system which ensures appropriate controls
transactional data, they also possess massive amounts of usage data are maintained.
information in the form of Call Data Records (CDR) and Internet Traffic
The ISO 27011 standard allows telecom organizations to meet baseline information security management
and Transaction Data (IPDR). With large numbers of employees,
requirements. It provides telecom firms, auditors, telecom terminal vendors and application content providers with
service providers must manage and record access to these sensitive
a common set of security control objectives based on ISO/IEC 27002, sector-specific controls, and IT security
information.
guidelines for implementation of such controls. In addition to the objectives and controls described in ISO 27002,
Complex, interconnected networks telecommunications organizations must take the following security features into account:
Telecommunication firms operate complex, heterogeneous network
environments which are difficult to monitor. They need different
monitoring products for different platforms which can be expensive
1 2 3
and complex. Larger providers have tens of thousands of servers and
networking devices managed by countless external and internal system
administrators. Their activity cannot be fully traceable or controlled with
traditional solutions. For example, an accidental misconfiguration of a
mission-critical router can cause serious service outages.
All major information assets should be accounted for and have an assigned owner.
Asset management (clause 7) Information should be classified to indicate the priorities, and expected degree of
protection.
Human resources security (clause 8) Security responsibilities should be addressed prior to, during and after employment.
Communications and operations management Operational procedures and responsibilities, third party service delivery management,
(clause 10) network security management, system monitoring, logging of security events, etc.
Information security incident management Reporting information security events, management of information security incidents and
(clause 13) improvements
Business continuity management (clause 14) A business continuity management process should be implemented to minimize the
impact on the organization and recover from loss of information assets.
Note: Balabit can offer supportive technologies for the highlighted clauses!
The ISO 27011 security controls are very stringent, and it is certain that this will pose a challenge to telecom firms in
terms of implementation and operational costs. The question is how these rigorous requirements can be met most
cost-effectively...
How can Balabit help in ISO 27011 Compliance?
Privileged Activity Monitoring
Balabit Shell Control Box (SCB) is an activity monitoring appliance that
controls access to remote servers or networking devices, and records
the activities of the users accessing these systems. For example, it
Shell Control Box
records as the system administrators configure your database servers
through SSH, or your employees make transactions using thin-client SSH
applications in Citrix. The recorded audit trails can be replayed like a
movie to review the events exactly as they occurred. The content of
the audit trails is indexed to make searching for events and automatic Server Webserver
reporting possible. SCB is especially suited to supervise privileged administrator
user access as mandated by many compliance requirements, like
PCI DSS or ISO27011. It is an external, fully transparent device,
completely independent from the clients and the servers. The server-
and client applications do not have to be modified in order to use SCB; Telnet
it integrates smoothly into the existing infrastructure.
10.1 Operational procedures and responsibilities Balabit’s Contextual Security Intelligence™ strategy protects
Objective: To ensure the correct and secure operation of information processing facilities. ü ü
organizations in real-time from threats posed by the misuse of high
10.2 Third party service delivery management risk and privileged accounts. Solutions include reliable system and
Objective: To implement and maintain the appropriate level of information security and service delivery - ü application Log Management with context aware data ingestion,
in line with third party service delivery agreements.
Privileged User Monitoring and User Behavior Analytics. Together
10.6 Network security management they can identify unusual user activities and provide deep visibility into
Objective: To ensure the protection of information in networks and the protection of the supporting ü ü potential threats. Working in conjunction with existing control-based
infrastructure.
strategies Balabit enables a flexible and people-centric approach
10.10 Monitoring to improve security without adding additional barriers to business
Objective: To detect unauthorized information processing activities. ü ü practices.
11.2 User access management Founded in 2000 Balabit has a proven track record including 23 Fortune
Objective: To ensure authorized user access and to prevent unauthorized access to information - ü 100 customers among over 1,000,000 corporate users worldwide.
systems.
For more information, visit www.balabit.com
12.5 Security in development and support processes
Objective: To maintain the security of application system software and information. - ü
■■ Request a callback
“WE FOUND THAT BALABIT SCB IS THE ONLY SERIOUS PRODUCT ON THE
MARKET THAT IS CAPABLE TO SECURELY MONITOR SSH SESSIONS.”
Øyvind Gielink, IT security Officer, Telenor Group