Comarch Cyber Security in Telecommunications

Secure your telecommunications data and infrastructure

Comarch Identity & Access Management (IAM) is a highly customizable tool that offers effective identity management and world-class methods for user authentication and authorization. It allows for granting and managing access to applications, devices and crucial data within a telecom organization. The system’s modular architecture makes it easy to adapt the solution to specific organization types across hierarchies and geographies.

The main beneficiaries of the Comarch IAM solution are companies processing personal, system and sensitive data. Comarch IAM may be used for providing multi-factor strong authentication methods by both software and hardware. The solution offers Single Sign-On mechanism which facilitates a secure login to many of the systems being offered by telecoms. It also allows the user to adjust role and access permissions, delegate privileges and provides vital assistance in meeting the GDPR requirements as well. Comarch IAM also supports field service companies to ensure business performance and data security throughout the service process.

The key business advantages of Comarch IAM

Identity management

Enables comprehensive identity management of individual employees, vendors and customers.

Access management

Enables selected persons to access specific data at specific times and for specific reasons.

Full accounting included

Provides storing and reporting on user access to individual systems.

Delegation of duties

Enables delegation of user permissions under constrained time horizons

Role-based Access Control (RBAC)

Makes user management easier by restricting system access to authorized persons only

Single Sign-On solution (SSO)

Ensures hassle-free integration across telecom systems – a single click to access them all

Workflow processes for complex acceptance schemes

Allows the four-eye principle for new permission requests – paperwork and hassle excluded.

Compliance with GDPR regulations

Provides support for security-by-design approach, Role-Based Access Control (RBAC), Separation of Duties (SoC), data portability, right to be forgotten, registry of all actions and processes, reporting and more

Comarch IAM can help a telecom in:

User and device identity management in a large number of IT systems integrated with various applications and operating systems
Diverse authentication and authorization methods and protocols (software and hardware tokens, Kerberos, Radius, X.509 certificates, SAML, OAuth and others)
Comprehensive mapping of company structure
Encryption in transit for all connections through SSL
Centralized and efficient access control policy

The tPro family

With solutions belonging to our tPro family, we offer two-factor authentication (2FA) allowing privileged telecommunications staff to apply stronger security measures to both employee and customer data. Thanks to this, strong and various customer authentication methods meeting PSD2 requirements are provided.

The tPro suite consists of two products: tPro Mobile and tPro ECC. The first one is mobile security application (also available as SDK), developed for Android and iOS app versions. The tPro ECC is hardware device including ECC tokens or OTP tokens.

The entry authentication in a facility protected by Comarch IAM solution can be performed by the tPro Mobile token application enabling user verification with PIN or biometric feature (fingerprint).

Security audits

Comarch also offers security audits focusing on risk analysis, penetration tests as well as audits of compliance with standards, guidelines and good practices, which help to identify potential threats and gaps in the protection of telecommunications data.