Cyber Security Activities
Türk Telekom has integrated its Corporate Security Services in Ankara under the largest Cyber Security Center (CSC) in Turkey. Official launch of the Center was on 24th of Dec 2018. In this center, end-to-end solutions in global standards addressing the cyber security needs of Türk Telekom customers are be provided, ensuring the continuity of uninterrupted and secure access of customers.
Türk Telekom offers the widest Cyber Security service portfolio in Turkey. In addition to corporate security services already offered, Türk Telekom Cyber Security Centre aims to offer all cyber security services and products required by customers such as cyber security management services including security incidence monitoring, analysis and intervention services, and consultancy Services which can served individually as well, and cyber threat Intelligence Services with the support of Türk Telekom's experience, assurance and quality.
Alarms and cyber incident alarms related to security infrastructures providing service to internal and external cyber security customers, are monitored on a 24/7 basis by the Türk Telekom CSC team.
Türk Telekom Cyber Security Services
With the rapid spread of Information Technologies, cyber security risks are increasing for all customer groups. The danger of a cyber-attack on the infrastructure of our corporate and public customers brings with the risk of serious consequences such as access to personal information of citizens and customers, abuse of the information obtained, the corruption of the integrity of the information as well as its deletion.
As Turkey's first telecom operator that provides cyber security services, Türk Telekom offers the following cyber security services with its experience and quality of service:
Network Security Services
- DDoS (Distributed Denial-of-service) Attack Prevention Service: DDOS attack prevention service ensures that the attacks on internet traffic are dealt with before reaching the line of the institution, while protecting data traffic. This service both prevents the interruption of the line and the depletion of network infrastructure resources.
- Active Defence Service (IPS- Intrusion Prevention System): When an attack is detected with the Active Defence service, which analyses internet traffic according to digital signature base and traffic anomalies, the attack traffic is cut and is prevented from being transferred to the network. There is no bandwidth contraction as threats are blocked before they reach the network.
- Content Filtering Service: The content filtering service can determine the content of the website to be scanned and the rules of the scan, and any harmful content detected in accordance with the specified rules is prevented from reaching the network.
- Firewall Service: With the Firewall service, entry and exit of the traffic from the network to the internet and from the internet to the network can be easily managed. The transition of any traffic not compliant with the specified rules is blocked by the Türk Telekom's Management Centre.
- Advanced Threat Prevention Service (Anti-APT- advanced persistent threat): This service identifies unknown cyber-attack types and zero-day attacks, which are described as advanced cyber-attacks. Anti-APT service enables the attack to take place among known attacks by marking the attack type. The service analyses files downloaded over the Internet and prevents the download of the files that are detected as harmful.
- Antivirus: With the Antivirus Service, traffic is scanned for systemic viruses and worms. If a virus is detected in the traffic, the traffic is blocked by the Türk Telekom Management Centre. Any traffic that has been detected as having a virus is prevented from infecting networks and users.
Dedicated Security Services
- Dedicated Security Services: With the Türk Telekom Designated Security Services, Firewall, Active Defence System, Content Filtering, Antivirus and data protection services in accordance with Law No. 5651 on Regulating Broadcasting in the Internet and Fighting against Crimes Committed through Internet Broadcasting may be deployed through the security devices to be located at the desired location.
- Cyber Castle: Security Logging in accordance with the standards set out by Law 5651 may be performed through the integrated Cyber Castle , while Firewall, Active Defense, Content Filtering, Antivirus services may be carried out at the same time.
- Cyber Log: Users connecting to the corporate internet with the Cyber Log device may be logged in accordance with the provisions of the Law 5651.
Managed Security Services
- Central Monitoring: Alarms generated by cyber security infrastructures of institutions are monitored on a 24/7 basis by the Türk Telekom Cyber Security Centre and critical alarms are reported.
- Cyber Security Configuration and Infrastructure Management: The necessary configuration and signature definitions are incorporated in the cyber security infrastructure of institutions and end-to-end cyber security management and support services are provided.
- Technical Consultancy: Technical consultancy and support services are provided for Türk Telekom customers during the Cyber Security infrastructure installation, operation and management stages.
Professional Security Services
- Vulnerability Analysis and Penetration Tests: Vulnerability Analysis and Penetration Test services are used to identify and report security vulnerabilities of institutions. Information is provided with the necessary security solutions in order to protect against possible cyber-attacks that may be carried out by exploiting vulnerabilities.
- Consultancy Services: Information Security Management System Consultancy, the ISO 27001 Audit, Compliance and Consultancy, SOME Installation Consultancy, and Training Services are provided in order to help institutions ensure Data and infrastructure security.
Security Incident Management Activities
The capacity increase of Central Security Monitoring and Analysis Systems (SIEM), which facilitates the detection of and response to cyber incidents and violations, was carried out at Türk Telekom. With the capacity increase, the integration of critical applications and systems within Türk Telekom into these SIEM systems has been undertaken.
The integration of systems and applications containing personal data or bearing critical importance for the Company into the central security monitoring and analysis systems is stepped up to ensure full compliance with laws and standards such as Law No. 5651, the Electronic Communication Regulation, PCI DSS, ISO 27001 and the Türk Telekom Information Security Policy.
The increase in capacity has enabled a higher level of resource integration, and ensured that the records of employee access to the incidents and sensitive information, which are required to be stored in Türk Telekom’s systems as set out by the regulations and standards, could be kept for a longer duration. Traceability of activities that could pose a risk in terms of information security within the Company and the proactive security level of the Company were increased.
The Company's information security policy is available at Türk Telekom Information Security Policy
Also see Türk Telekom Cyber Security Center Computer Security Incident Response Team, in short TurkTelekom-CSIRT, RFC 2350 Profile here.