You can use the filter menu below using the relevant criteria.
Filter
FS.31 GSMA Baseline Security Controls
Documents
Friday 1 Sep 2023 | Build | Decommissioning | Design and Development | Operational |
Mobile Network Operators provide the backbone for mobile telecommunication technologies. At enterprise level the industry offers a wide array of services, diversifying from traditional connectivity into content and managed ...
SG.20 Voicemail Security Guidelines
Document
Thursday 9 Jul 2020 | Operational |
The Voicemail Security Guidelines provide guidance for Operators on the management of Personal Identity Numbers (PINs) used to authenticate a user to obtain secure access to Voicemail. The guideline also includes guidance for mobile ...
FS.33 Network Function Virtualisation (NFV) Threats Analysis
Document
Friday 6 Mar 2020 | Deployment | Design and Development | Operational |
This document aims to provide a comprehensive overview of the threats related to NFV and the underlying infrastructure and platforms hosting the NFV. The virtualization of network functions can be realized in several different ways and ...
FS.37 GTP-U Security
Document
Friday 6 Mar 2020 | Design and Development | Operational |
GPRS Tunnelling Protocol (GTP) is a group of IP-based communication protocols used to carry packet data ...
IR.88 LTE and EPC Roaming Guidelines
Document
Wednesday 19 Feb 2020 | Operational |
This guideline provides a standardised view on how LTE and EPC networks can interwork to support roaming. Audience: Technical security practitioner Resource technology specifics: Radio access network ...
FS.21 Interconnect Signalling Security Recommendations
Document
Friday 20 Dec 2019 | Deployment | Operational | Procurement |
This document highlights the key risks associated with interconnect security vulnerabilities and outlines suggested MNO responses to these risks.
FS.19 Diameter Interconnect Security
Document
Friday 20 Dec 2019 | Deployment | Operational |
This document outlines potential operator network specfic Diameter and countermeasures against those attacks. It aims to provide an understanding of potential risks, threats and countermeasures related to LTE and 5G interconnection ...
ANSSI – Safe operation of Critical Information Systems
Data
Friday 13 Dec 2019 | Operational |
Regulations for the operation of systems for 'ELECTRONIC COMMUNICATIONS AND THE INTERNET' that are considered critical to national / economic security and safety. The regulation specifies the security requirements for these "Critical ...
COBIT 2019
Data
Friday 1 Nov 2019 | Deployment | Design and Development | Operational |
An umbrella framework for governance and management of enterprise information and technology, including audit & assurance, risk management, information security, regulatory and compliance, and governance of enterprise ...
FS.20 GPRS Tunnelling Protocol (GTP) Security
Document
Thursday 17 Oct 2019 | Deployment | Operational |
This document provides a technical background on how the GPRS Tunnelling Protocol (GTP) is used. It outlines potential attacks and exploitation possibilities and assesses the associated risk. It then presents countermeasures for ...
Remote SIM Provisioning
Data
Tuesday 17 Sep 2019 | Build | Concept | Deployment | Design and Development | Operational |
Recognising the need to demonstrate product compliance to technical specifications in a common accessible way, GSMA has developed a compliance framework for eSIM capable Devices, eUICCs and Subscription Management servers. The ...
ANSSI IT Good Practice
Data
Tuesday 18 Jun 2019 | Operational |
Provides a number of guides to help protect an organisation from attacks on its IT systems. Audience: Technical security practitioner Resource technology specifics: Generic, Enterprise ...
GSMA Coordinated Vulnerability Disclosure (CVD)
Data
Wednesday 29 May 2019 | Build | Concept | Deployment | Design and Development | Operational |
The GSMA Coordinated Vulnerability Disclosure (CVD) Programme provides a formal structure for security researchers and similar parties to disclose details of security vulnerabilities affecting the mobile industry, and allow the mobile ...
IR.21 GSM Association Roaming Database, Structure and Updating Procedures
Document
Monday 13 May 2019 | Operational |
This document lays out procedures and data formats to be used for updating the GSMA RAEX IR.21 Roaming Database for storing the most important data for each MNO related to International Roaming. Audience: Technical ...
FS.11 SS7 Interconnect Security Monitoring and Firewall Guidelines
Document
Thursday 2 May 2019 | Deployment | Operational |
This document describes how to monitor SS7 traffic, including prevention and detection techniques against suspected attacks. It allows an operator to assess whether received SS7 MAP or CAMEL messages are legitimate or not, and apply ...
IR.77 InterOperator IP Backbone Security Req. For Service and Inter-operator IP backbone Providers v5.0
Document
Thursday 4 Apr 2019 | Operational |
In conjunction with IR.34, this document describes a set of common guidelines to enable baseline security level to be achieved on the Internet Protocol Packet Exchange (IPX) Network. It contains detailed security requirements (binding ...
Telecommunication Information Sharing and Analysis Centre (T-ISAC)
Data
Wednesday 27 Feb 2019 | Operational |
The Telecommunication Information Sharing and Analysis Centre (T-ISAC) has been established to act as the point of coordination for the security of the mobile ecosystem. It collects, disseminates information and advice on security ...
ITIL – IT service management v 4.0
Data
Monday 18 Feb 2019 | Delivery | Deployment | Operational |
ITIL supports organizations and individuals to gain optimal value from IT and digital services. It helps define the direction of the service provider with a clear capability model and aligns them to the business strategy and customer ...
NCSC Supply chain security guidance
Data
Friday 16 Nov 2018 | Build | Decommissioning | Delivery | Deployment | Design and Development | Operational | Procurement |
This guidance outlines a series of 12 principles designed to help establish effective control and oversight of a supply chain. It recognises that most organisations are reliant upon suppliers to deliver products, systems and services ...
GSMA IoT Security Assessment Checklist
Data
Sunday 30 Sep 2018 | Build | Concept | Decommissioning | Delivery | Deployment | Design and Development | Operational | Procurement |
Without security, the Internet of Things will cease to exist. To enable a secure market, companies have to take responsibility to embed security from the beginning and at every stage of the IoT value chain. The GSMA, together with ...