Cyber Security Activities
Studies continue with regard to the Cyber Security Centre (CSC) services to be provided from Türk Telekom Cyber Security Centre and the models where new products and services may be provided. Türk Telekom Cyber Security Centre aims to offer all cyber security services and products required by customers such as cyber incident management, cyber threat intelligence services and monitoring of service continuity, with the support of Türk Telekom's experience, assurance and quality. Alarms related to the security infrastructures serving internal and external cyber security customers and cyber incident alarms are monitored on a 24/7 basis by the CSC team. Preparations for the forthcoming launch of the Türk Telekom CSC are ongoing, while construction work on the CSC is now complete with cyber security personnel already working in this campus.
Türk Telekom Cyber Security Services
With the rapid spread of Information Technologies, cyber security risks are increasing for all customer groups. The danger of a cyber-attack on the infrastructure of our corporate and public customers brings with the risk of serious consequences such as access to personal information of citizens and customers, abuse of the information obtained, the corruption of the integrity of the information as well as its deletion.
As Turkey's first telecom operator that provides cyber security services, Türk Telekom offer the following cyber security services with its experience and quality of service:
Network Security Services
- DDoS (Distributed Denial-of-service) Attack Prevention Service: DDOS attack prevention service ensures that the attacks on internet traffic are dealt with before reaching the line of the institution, while protecting data traffic. This service both prevents the interruption of the line and the depletion of network infrastructure resources.
- Active Defence Service (IPS- Intrusion Prevention System): When an attack is detected with the Active Defence service, which analyses internet traffic according to digital signature base and traffic anomalies, the attack traffic is cut and is prevented from being transferred to the network. There is no bandwidth contraction as threats are blocked before they reach the network.
- Content Filtering Service: The content filtering service can determine the content of the website to be scanned and the rules of the scan, and any harmful content detected in accordance with the specified rules is prevented from reaching the network.
- Firewall Service: With the Firewall service, entry and exit of the traffic from the network to the internet and from the internet to the network can be easily managed. The transition of any traffic not compliant with the specified rules is blocked by the Türk Telekom's Management Centre.
- Advanced Threat Prevention Service (Anti-APT- advanced persistent threat): This service identifies unknown cyber-attack types and zero-day attacks, which are described as advanced cyber-attacks. Anti-APT service enables the attack to take place among known attacks by marking the attack type. The service analyses files downloaded over the Internet and prevents the download of the files that are detected as harmful.
- Antivirus: With the Antivirus Service, traffic is scanned for systemic viruses and worms. If a virus is detected in the traffic, the traffic is blocked by the Türk Telekom Management Centre. Any traffic that has been detected as having a virus is prevented from infecting networks and users.
Dedicated Security Services
- Dedicated Security Services: With the Türk Telekom Designated Security Services, Firewall, Active Defence System, Content Filtering, Antivirus and data protection services in accordance with Law No. 5651 on Regulating Broadcasting in the Internet and Fighting against Crimes Committed through Internet Broadcasting may be deployed through the security devices to be located at the desired location.
- Cyber Castle: Security Logging in accordance with the standards set out by Law 5651 may be performed through the integrated Cyber Castle , while Firewall, Active Defense, Content Filtering, Antivirus services may be carried out at the same time.
- Cyber Log: Users connecting to the corporate internet with the Cyber Log device may be logged in accordance with the provisions of the Law 5651.
Managed Security Services
- Central Monitoring: Alarms generated by cyber security infrastructures of institutions are monitored on a 24/7 basis by the Türk Telekom Cyber Security Centre and critical alarms are reported.
- Cyber Security Configuration and Infrastructure Management: The necessary configuration and signature definitions are incorporated in the cyber security infrastructure of institutions and end-to-end cyber security management and support services are provided.
- Technical Consultancy: Technical consultancy and support services are provided for Türk Telekom customers during the Cyber Security infrastructure installation, operation and management stages.
Professional Security Services
- Vulnerability Analysis and Penetration Tests: Vulnerability Analysis and Penetration Test services are used to identify and report security vulnerabilities of institutions. Information is provided with the necessary security solutions in order to protect against possible cyber-attacks that may be carried out by exploiting vulnerabilities.
- Consultancy Services: Information Security Management System Consultancy, the ISO 27001 Audit, Compliance and Consultancy, SOME Installation Consultancy, and Training Services are provided in order to help institutions ensure Data and infrastructure security.
Security Incident Management Activities
The capacity increase of Central Security Monitoring and Analysis Systems (SIEM), which facilitates the detection of and response to cyber incidents and violations, was carried out at Türk Telekom. With the capacity increase, the integration of critical applications and systems within Türk Telekom into these SIEM systems has been undertaken.
The integration of systems and applications containing personal data or bearing critical importance for the Company into the central security monitoring and analysis systems is stepped up to ensure full compliance with laws and standards such as Law No. 5651, the Electronic Communication Regulation, PCI DSS, ISO 27001 and the Türk Telekom Information Security Policy.
The increase in capacity has enabled a higher level of resource integration, and ensured that the records of employee access to the incidents and sensitive information, which are required to be stored in Türk Telekom’s systems as set out by the regulations and standards, could be kept for a longer duration. Traceability of activities that could pose a risk in terms of information security within the Company and the proactive security level of the Company were increased.
The Company's information security policy is available at Türk Telekom Information Security Policy