Wednesday February 12, 2020

FS.31 GSMA Baseline Security Controls

Person looking at mobile phone smiling, light is reflecting on face in dark room

Mobile Network Operators provide the backbone for mobile telecommunication technologies.  At enterprise level the industry offers a wide array of services, diversifying from traditional connectivity into content and managed services. At the same time 5.1 billion users depend on Operators to maintain their connectivity; an item considered a basic human right under UN Article 19. This results in a mixed threat landscape of traditional IT, radio and mobile related threats.

Based on this position the industry has a responsibility to secure customer information and services. The GSMA has developed the following baseline security controls to help Operators understand and develop their security posture to a foundation (base) level.

These controls are not binding; this is a voluntary scheme to enable an Operator to assess and understand their own security controls. The GSMA do not require access to the results but are suitably positioned to discuss specific output and identify remedial resources if desired.

Audience:  Technical security practitioner, Senior security professional

Resource technology specifics: Enterprise network, Generic

Resource type: Guideline

Resource enforcement: Voluntary

Resource certification type: Self-assessment

Key benefits
  • Inclusive of mobile network security controls as well as enterprise
  • Clear and concise reporting on security maturity
  • Self assessment has been separated by functions, allowing each section to be shared with the relevant teams for completion
  • Non-confidential
FS.31 GSMA Baseline Security Controls image

3.0 (PDF)

FS.31 GSMA Baseline Security Controls image

3.0 (Word)

Contact the GSMA

Please get in touch if you need more information or have any queries about anything you see on our website.

Contact us