We guarantee the Confidentiality, Integrity and Availability of the information based on the following pillars:
Policy and regulation
Telefónica’s security strategy is based on our security policy and the security regulations that develop it, which must be complied with by all group companies.
Governance
The head of security at the Company is the Global Chief Security and Intelligence Officer (the Global CSO), who has been delegated, by the Company’s Board of Directors, the authority and responsibility to establish the global security strategy
Cybersecurity
We have tools, capabilities and procedures to manage the full cycle of potential cyber security incidents: detection, mitigation, recovery, notification and lessons learned.
Supply chain security
At Telefónica we have security requirements for our suppliers and we identify and monitor the risks associated with the provision of a service/product.
To manage security in the supply chain, the use and evolution of the 3PS+ digital platform to manage and monitor security throughout the supplier lifecycle is encouraged. Security requirements are reviewed annually in line with updates to national and international standards, as well as including those associated with new technologies.
Business Continuity and Crisis Management
At Telefónica, we design and manage our services and infrastructures in such a way that they are able to withstand and overcome the various environmental or technological contingencies that occur on a daily basis, without affecting our customers.
Adequate use of the services
Maintaining an adequate level of security is everyone’s job, including our customers’. We expect our customers to use the contracted services in accordance with the law and the stipulations of the “Acceptable Use Policy” included in the contract.
Security Services
Our efforts to understand new threats and trends in the digital world, and to anticipate changes with innovative security solutions, are reflected in a wide range of security products and services.
Certifications
Safety certifications on products and services are maintained, such as those listed for the following areas:
- Spain scope, Telefónica Tech and Telxius: ISO 27001, ISO 22301 and National Security Scheme (ENS) certifications in different companies and services
Quality Management Certificates – Telefónica España
Policies and certificates – Telefónica Tech
Certificado ISO 27001 – Acens
Governance – Telxius - Brazil: ISO 27001 certification
Segurança e confidencialidade – Vivo - Germany: ISO 27001 and ISO 22301 certifications
ISO Certifications – Telefónica Deutschland - Argentina: ISO 27001 and ISO 22301 certification
- Peru: ISO 27001 and ISO 22301 certifications
- Chile: ISO 22301 Certifications
- Colombia: ISO 27001 certification
Alcance SGI – Telefónica Colombia - Ecuador: ISO 27001 certification
Certifications – Telefónica Ecuador
Contact us
If you are aware of any vulnerability or threat that could affect Telefónica’s technological infrastructure, you can contact us through our Vulnerability reporting program.
