Telstra Assures Customers On Metadata Security
Under the legislation, telecommunications providers will be required to retain a defined set of data for a period of two years, with industry to now have 18 months to ensure the necessary processes are put in place.
In a blog post today, Telstra chief information security officer Mike Burgess has stated Telstra takes “data security very seriously”.
“Previously, we have highlighted the increased security risk associated with retaining more customer metadata we don’t currently need in the delivery of our services to our customers,” Burgess stated.
“If some of this is stored and made accessible, then we are creating what has been called a ‘honey pot’ for hackers and criminals to target.”
With Telstra still developing its implementation plans, Burgess stated the telco has already decided to store customer metadata in Australia.
“While geography alone is not a good measure of security, storing the data in Australia should help allay the concerns of some customers,” he commented.
“We understand that customer metadata has enormous value, not just to our customers and law enforcement agencies, but also to a range of malicious actors who may seek to gain access to our systems.”
Any data retention security strategies Telstra implements will build on the existing measures it already has in place, Burgess stated.