FS.31 GSMA Baseline Security Controls
Mobile Network Operators provide the backbone for mobile telecommunication technologies. At enterprise level the industry offers a wide array of services, diversifying from traditional connectivity into content and managed services. At the same time 5.1 billion users depend on Operators to maintain their connectivity; an item considered a basic human right under UN Article 19. This results in a mixed threat landscape of traditional IT, radio and mobile related threats.
Based on this position the industry has a responsibility to secure customer information and services. The GSMA has developed the following baseline security controls to help Operators understand and develop their security posture to a foundation (base) level.
These controls are not binding; this is a voluntary scheme to enable an Operator to assess and understand their own security controls. The GSMA do not require access to the results but are suitably positioned to discuss specific output and identify remedial resources if desired.
Audience: Technical security practitioner, Senior security professional
Resource technology specifics: Enterprise network, Generic
Resource type: Guideline
Resource enforcement: Voluntary
Resource certification type: Self-assessment