Providing Regulatory-Compliant Telecom Solutions (Cont'd)

Impacts on OSS
A telecom's OSS keeps an infrastructure running smoothly, controlling accounting functions and configuration and interacting with the network infrastructure. Because this carries with it the need to transmit sensitive personal and financial data electronically, billing applications, in particular, are sensitive areas in terms of the information they contain.

As such, identity management and access control to the OSS becomes a vital part of the infrastructure; within this realm the functions include identity management and user provisioning. Resources within the OSS must be provisioned, such that a policy of "least access" is enforced, granting each employee access to only what they require to do their jobs.

In larger organizations, this is best done through a role-based model, rather than provisioning each employee individually. "In situations where compliance calls for strong authentication, token-based systems afford the greatest measure of protection, but also the greatest mobility and flexibility for users," notes Paul Ardoin, Product Marketing Manager at Secure Computing Corporation. "In some circumstances, an official memorized password policy may be adequate. However, in the case of a telco requiring a secure system for governing access to the OSS, there will be sensitive personal and financial information that will likely fall under the purview of one or more regulations, either directly or indirectly…."

Interoperability and Security
Telecom companies and other service providers must be able to share critical information, such as customer data, for this interoperability to take place. Local Number Portability (LNP) is an excellent example of data sharing between telcos. When a customer wants to change providers and keep their same phone number, several changes in routing and OSS are required, and this requires cooperation between carriers during the transmission of personal and billing information, and must be protected internally by the telcos.

A new level of cooperation between telcos also points to the need for greater security and a greater need to check systems for compliance. Packaged service offerings that include interdependent services from multiple providers require an element of trust to be present, not only between customer and service packager, but between the service packager and each provider. To facilitate this trust, requirements that include confidentiality, privacy, and security are paramount. All telecom companies will be required to deliver on these areas as a core attribute of their service offerings.

The regulatory environment has had a great impact on business in general, and on telcos in particular. Going forward, corporations will be looking to their telecom providers, more than any other partner, for assurances when it comes time to certify their compliance with these regulations.

« Previous   |   1   |   2   |   Subscribe

Send Comment

© 2005, All information contained herein is the sole property of Pipeline Publishing, LLC. Pipeline Publishing LLC reserves all rights and privileges regarding the use of this information. Any unauthorized use, such as copying, modifying, or reprinting, will be prosecuted under the fullest extent under the governing law.