THE DATA SAFETY OF OUR CUSTOMERS IS IN OUR DNA
Ensuring data security and protection
We want to earn the trust of our customers by ensuring safe and secure connections.
Why is high level of data privacy and information security of critical importance to DNA?
Data protection and security go hand in hand. Only by securing our own operations can we guarantee reliable services for all our customers. DNA wants to be a responsible and security-conscious service provider and we work continuously to make our data security culture more robust.
At DNA, a high level of data security is a fundamental requirement. Data security supports DNA’s core business and increases the appropriate availability of systems. The purpose of data security at DNA is to enable the achievement of business objectives and protect critical success factors, such as DNA’s customer satisfaction.
Guidelines steering our operations
To ensure our high level of data security and privacy, we follow:
- Laws and regulations
- Our Group’s data protection policy
- DNA’s Code of Ethics for the use of artificial intelligence
- Best practices
We make our data security and policies increasingly robust by training our personnel and informing them of the threats related to the telecommunication operator business. Our training platform includes courses that are common for all Telenor Group employees, as well as DNA-specific mandatory courses and additional training for different occupational groups.
Objectives and example of measures
Our objective is to achieve continuous development of DNA´s data security and privacy and to increase and maintain knowledge of security issues among our own employees and key partners. In 2020, DNA maintained a high level of security and data protection and a stringent security culture by offering compulsory training and developing risk visibility and risk preparation.
Kriittinen haavoittuvuus Confluence Server ja Data Center -tuotteissa mahdollistaa komentojen suorittamisen etänä ilman tunnistautumista. Haavoittuvuutta on jo hyödynnetty maailmalla. Atlassian suosittelee asentamaan päivitykset ja rajoittamaan haavoittuvuuden hyväksikäyttömahdollisuuksia rajaamalla haavoittuvien tuotteiden näkyvyyttä julkiseen verkkoon.Read More (Opens New Window)
Microsoft Support Diagnostic Tool -diagnostiikkatyökalusta on paljastunut nollapäivähaavoittuvuus, joka mahdollistaa komentojen suorittamisen etänä haitallisten Microsoft Word -dokumenttien avulla. Microsoft julkaisi 14.6. päivityksen haavoittuvuuteen, joka on syytä asentaa viipymättä.Read More (Opens New Window)
Advice for victims of identity theft or data breaches
If you became a victim of fraud, you can find helpful advice here from Traficom's (Finnish Transport and Communications Agency) NCSC (National Cyber Security Centre).
DNA helped clients tackle scam calls and phishing
Since early 2020, the number of scam calls and messages rose sharply in Finland. As a telecommunication operator we feel that we have a specific responsibility to inform our customers what to do should they receive them.
Some scam messages also appeared to have been sent by DNA, so we wanted to remind our customers of the fact that DNA never asks the customers to fill in missing personal data. The scam email sent in DNA’s name could also be identified as a scam because the sender’s email address was not DNA’s. Some messages asked the receiver to open a message they could listen to. We have also organised mandatory training for our personnel on topics such as identification of scam messages.
DNA works in active cooperation with other operators as well as the Finnish Communications Regulatory Authority to enable detection of scam calls before they reach our customers.
Mobile ID makes authentication more secure
The “Mobiilivarmenne” mobile ID is an authentication method developed by the Finnish operators DNA, Elisa and Telia. It is a domestic alternative for identification by means other than bank or social network IDs. Reliability is a key benefit of the method, because the mobile ID is not linked to the user’s bank accounts or user profiles. Mobile authentication meets the needs of our digital society and effectively protects the user’s personal data from phishing.
Authentication with the mobile ID is based on the user’s phone number and facial recognition, fingerprint or PIN code. The mobile ID can be used as an authentication method for electronic signatures, communicating with the authorities or starting a business.
The renewed authentication method was piloted in the operators’ own services during 2020 and customers can avail of it in 2021.
Read more in Finnish: https://www.dna.fi/mobiilivarmenne