Third telco: We will ‘not at all compromise’ cybersecurity

MANILA, Philippines — Mislatel Consortium has assured its network and telecommunication (telco) facilities will “strictly” abide by all Philippine laws and will “not at all compromise” cybersecurity.

Possible national security concerns had been raised by various sectors after the government named the consortium last November as the new major player (NMP).

The consortium is comprised of Davao-based Dennis Uy’s Udenna Corp, Chelsea Logistics Holdings Corp., and state-run China Telecom.

“As the new NMP providing universal services to Filipinos, we always regard information security and network security as top priorities in our daily operations,” Mislatel said in a 28-page rollout plan submitted to the Senate committee on public services on Thursday.

“We can assure that our network and telecom infrastructure/facilities will not at all compromise Philippine Cyber Security, and we will strictly abide by all applicable laws and regulations in the Philippines,” it added.

The third telco then detailed how it plans to protect national security through its so -called four “pillars” — Networks, Operation and Maintenance (O&M), Individual Privacy, and Emergency Response Mechanism.

In terms of network security, for instance, security planning such as device access security, transfer and storage security, and physical security of key devices would be cautiously carried out for the entire network at the very beginning of network building.

Mislatel said security measures include device access authentication, secure transfer mechanisms, and multiple security storage mechanisms.

“Intra-city or remote” disaster recovery mechanism will also be configured for key transfer paths and storage points to improve network resilience, the consortium added.

“Anti-DDoS devices, firewalls, IPSs, IDSs and anti-virus software must be deployed in key access nodes to detect and mitigate network attack attacks and virus n infection in a timely manner to ensure network security,” it said.

Mislatel said the qualified software provider would undertake analysis methods to identify the attack surface and analyze potential risks.

In terms of Operation and Maintenance, Mislatel said all operations would be recorded in audit logs “to ensure that we can verify authorized operations and operations comply our authorization.”

To ensure customers’ data privacy, Mislatel said the ISO27001 security practices will be mandated and carried out during the network deployment and O&M.

“Privacy protection mechanisms will be established as well,” it said.

“In terms of telecom network, information in the network will be classified based on the importance and sensitivity, and corresponding protection measures will be taken based on the information level,” it added.

Mislatel said information will be managed using technical and management measures such as authorization management, access control, trust zone division, and anonymization of sensitive fields.

Security emergency response management will also be performed in compliance with international standards, it said.

Mislatel said network vulnerabilities and software bugs would be immediately reported to concerned government authorities in accordance with Philippine government regulations and requirements. /kga

RELATED VIDEO

Read more...