SLT achieves the highest information security standard

AWARD: Sri Lanka Telecom [SLT], the country's premier telecommunication service provider has been awarded the highest international information security standard, BS 7799 / ISO 27001 certification. SLT became the first to achieve this security standard in Sri Lanka being listed in the prestigious Information Security Management System [ISMS]

The Global Security Standard BS 7799-2:2002 covers information security management of a wide spectrum of SLT services which include hosting of the client's data and provisioning of other services like Co Locating, Dedicated Hosting, Virtual Hosting of Web, Database, e mail and Managed Services, MPLS based IP VPN services, ADSL services, Business DSL services and ISDN services.

Commenting on its achievement, SLT CEO Shuhei Anan stated, "our primary objective is to provide the maximum security possible to our customers' data. In realising this, we adopted multiple approach addressing issues related to technology, process and people simultaneously. Thus came the success. In an era markets are being globalised and SLT is becoming a regional player who cater to both local and global customers, the information security standards make true sense to our customers and us who care for their information security," added Anan.

The ISMS certification process goes through three phases. The first phase of the process involves applicant preparing and getting ready for the certification of its ISMS: developing and implementing its ISMS, using and integrating your ISMS into its day to day business processes, training its staff and establishing an on-going programme of ISMS maintenance.

The second phase involves employing one of the accredited certification bodies to carry out an audit of its ISMS. The certificate that is awarded will last for three years after which the ISMS need to be re-certified.

Therefore there is a third phase of the process, which involves the certification body visiting applying organization's ISMS site on a regular basis (every 6-9 months) to carry out a surveillance audit. SLT tied up with Network

Security Solutions (www.mynetsec.com), an Information Risk Management Company from India to implement its Information Security Policy. ISMS certification is a clear evidence of SLT's firm commitment to its customers to elevate service level continuously enabling them to go global.