Telekom Logo
  • 2019 Corporate Responsibility Report

Playing it safe

Has your home ever been broken into? Even if it hasn’t happened to you yet, you probably still know exactly what to do. Call the police, don’t destroy any evidence, call the insurance company. But what if someone breaks into your computer instead of your home?

SDG 9

SDG 9 – INNOVATION

With our measures, we are contributing to the ninth goal of the United Nations 2030 Agenda.

Invisible burglar

Has your home ever been broken into? Even if it hasn’t happened to you yet, you probably still know exactly what to do. Call the police, don’t destroy any evidence, call the insurance company. But what if someone breaks into your computer instead of your home? Data security doesn’t just affect each and every one of us, but is a challenge for society as a whole: In Germany, a company is affected by a cyberattack about 30 times a year. The financial damage caused is calculated to be around 43 billion euros a year in Germany alone. In addition to the financial losses, cyberattacks can also have other serious consequences. For instance, if an attack on the electricity grid interrupts the energy supply, or if hackers gain access to civilian or military infrastructure. It’s clear, therefore, that given increasing connectivity and digitalization, data security must have top priority. That goes for both public and private companies and for private use.

Giving it all for data protection

Data protection has top priority for the entire Group. And we not only comply with legal requirements such as European data protection regulations, but also actively shape data protection. To do so, we work together closely with privacy experts, continue to enhance technical standards, and promote maximum transparency. You can find detailed information on the protection of your data here.

1
Data Privacy
Advisory Board

The Data Protection Advisory Board is an independent body with an advisory function. Its members include leading data protection experts from science, business, politics, and independent organizations.

2
Training

Telecommunications companies are obliged to provide new employees with information on data privacy regulations. We go beyond that and train our employees every two years. We also offer training courses on special topics such as the General Data Protection Regulation.

3
Audits and
certificates

Every year we carry out several hundred internal audits – or checks– on data protection and data security at our company. We also have our processes and management systems as well as products and services certified by independent organizations such as TÜV and DEKRA.

4
Transparency report

Telecommunications companies are legally required to support security authorities and to provide information on subscribers, for instance. How often and in what form this takes place is presented once a year in a transparency report.


7

7 days is how long we have to investigate information on the misuse of internet services and to identify the affected customers. After that, the stored IP addresses  img are deleted in accordance with statutory regulations.

Beware of misuse!

The Deutsche Telekom security team receives more than two million reports of suspected misuse of internet services each month. Misuse is, for instance, when a computer infected with malware that belongs to a business customer or consumer attacks other computers or sends spam via a Deutsche Telekom internet connection. We receive information about this from our own honeypots  img or from security organizations. We check the information, identify the affected customers, and send them a guide on how to remove the malware from their computers. If attacks from a customer’s computer continue, we take additional steps: To protect other users, we can temporarily block individual services, such as email. Once our customer has solved the problem independently, with the help of their own chosen expert, or with the advice of the security team, the blocked service is reactivated.

40

Our cyberdefense registered an average of 40 million attacks per day in 2019! Although most of them are not targeted attacks, but rather automated attempts designed to discover weaknesses, this number is nevertheless alarming.

The strong
line of defense

24 hours a day, 365 days a year: Deutsche Telekom’s Cyber Defense and Security Operation Center (SOC) in Bonn never sleeps. We analyze security-relevant data and systematically combat cyberattacks there around the clock. And the number of attacks is continuing to rise dramatically: Companies from all industries are exposed to increasingly aggressive and sophisticated cyberattacks. Our security experts monitor large parts of the internet and can also see in real time on a world map where attacks are currently taking place. What are known as honeypots – digital traps – are used as an early warning system: They lure hackers by simulating weaknesses and hence provoking attacks.

Our experts analyze the hackers’ intentions and investigate their tactics. IT forensic experts are also involved in the case of criminal activities. They reconstruct attacks and secure evidence. We use the information obtained to continuously improve our cyberdefense technology. The SOC in Bonn is the largest of its kind in Europe. Deutsche Telekom has similar SOCs worldwide and they are all linked together. In total, 240 experts combat attacks around the clock.

THE GREEN DATA BUNKER

Data security begins in the data center. Experience the creation of one of the most secure data centers in the world near Magdeburg. More information here

Joining forces
to fight against
data thieves

Our Telekom Security unit develops security solutions for consumers and business customers, and focuses on internal security issues. In doing so, it works closely with prominent organizations in Germany and at EU level, such as the Federal Office for Information Security, the Federal Criminal Police Office or the European Network and Information Security Agency (ENISA). We have also joined other companies in signing the „Charter of Trust“, a charter for greater cybersecurity. It defines ten action areas for cybersecurity in which policymakers and companies alike need to take action. It also calls for responsibility for cybersecurity to be anchored at the highest level of government and business. For us at Deutsche Telekom, that is a given.

Dirk Backofen, Head of Telekom Security

“Everyone and everything is connected today. We can only rein in hackers by working with a close alliance of politics, science, and the private sector. We need an army of good guys.”

What each of us can do ourselves

Sooner or later, anyone who is active in the digital world will ask themselves: What can I personally do to arm myself against digital theft? As Deutsche Telekom, we view it as our responsibility to not only protect our customers’ data, but to also help them protect themselves. After all, it’s always better to prevent than to react. That’s why we provide information: At digitally-secure, we offer specific answers to typical security questions from our customers’ everyday lives – easy to understand and to the point. It also covers what you can do to prevent identity theft and how to protect your privacy on social media. By the way, our sustainability magazine “We Care” also contains a lot of good security tips in the section on privacy. Our “Media, sure! But secure.” website pools our initiatives for greater media skills and provides support for the competent and secure use of digital media.