Telecom – Building A Secure, Resilient Data Strategy
In our series of articles on Telecom Risk and Resilience as part of Critical National Infrastructure, we look at the role of data management within Telecom.
Outside of governments, telecommunications organisations are among the largest collectors and custodians of customer data. This data includes various types—identity details, mobile and device numbers, billing records, and SIM (Subscriber Identity Module) information—all of which are essential to running the network.
The loss or breach (exfiltration) of this data is a critical event. It carries serious consequences for business continuity and reputation, while also exposing customers to fraud risks such as SIM swap or hijacking attacks. As exemplified by the events at South Korea Telecom (SKT), where attackers accessed data from over 27 million customer records. An official investigation found that attackers initially compromised a malware-infected server, then pivoted to customer management systems due to weak account practices and a lack of encryption.
These incidents often stem from:
- Misaligned or delayed system updates
- Cyberattacks exploiting perimeter weaknesses
- Inadequate security controls by third-party data processors
Beyond the reputational damage, the financial impact is substantial. Even smaller-scale breaches are costly. According to IBM’s 2024 Data Breach Report, the average enterprise data breach costs approximately $4.8 million USD.
Data Security: A Strategic Imperative
While data in transit (being accessed/transferred) is often viewed as vulnerable to interception, data at rest—stored in databases and systems—is equally susceptible to theft. In telecom environments, the challenge is intensified by:
- Legacy systems
- Fragmented data architecture
- Inconsistent security policies across platforms
These complexities mean multiple systems often serve as the “source of truth” for different parts of the same dataset, making security coordination a significant challenge; this means the business of making data management resilient is challenging.
Building a Resilient Data Security Strategy
An effective telecom data security approach begins with visibility and control. Organisations must understand:
- Where application and customer data reside
- Which systems manage and store this data
- The full data lifecycle—from creation to deletion
- Who can access it and at what privilege level
- How data access is audited, and whether automated alerts are in place
Based on this understanding, we recommend several key actions:
- Encrypt data at rest using vendor-native tools or infrastructure-level encryption.
- Enforce the principle of least privilege (PoLP) to tightly control access to sensitive data.
- Implement robust audit logging to monitor changes, access, and data downloads.
- Restrict high-risk functions—such as mass updates or bulk extractions—to only trusted personnel. Regularly review duplicate data created by backups or copies.
- Establish comprehensive data governance policies that oversee the full customer data lifecycle.
In our latest eBook, Enea explores how to build out these actions into a robust, sustainable data management architecture – with a focus on protecting users and, integrity of the network. We look at the data lifecycle, types of data, their access and how to build mechanisms to detect a potentially costly data breach.
The detail is grounded in our real-world experience and industry perspective. Our goal is to share what we’ve learned to support the ongoing security and resilience of telco-grade infrastructure.
Want to know more?
