Security attacks threaten all types of ICTs. Companies, governments and individual users are increasingly aware of the importance of protecting themselves.

Specifically, online threats are proliferating and they are increasingly sophisticated and persistent. The evolution of cyber-attacks is so fast that many of the traditional mechanisms are simply not able to respond. So, innovation is primordial.

In this context, Telefónica’s fundamental objective is the constant implementation of a high level of security in its networks, products and services.

The foundation underpinning this is the Corporate Security Policy, which outlines different steps:
  • Create a Security Committee and a Business Continuity Office and draw up a continuity plan.
  • Include security-related obligations in contracts with suppliers.
  • Classify the information in accordance with its relevance and level of confidentiality.
  • Use the PCI service (Protection of Classified Information) in electronic communications.
  • Control physical and logistical accesses and permits, with the recording of security events and backup copies of the information.

This policy is materialised, among other things, in the Corporate Information Security Regulations and the Security Procedure for the Classification and Treatment of Classified Information.


Given that the majority of our services and products are delivered on the Internet, we give priority to online security. In this sphere, we emphasise compliance with the European regulatory framework on critical infrastructure, implemented in each country subject to those regulations, and the local legislations with regard to the security of services and products in its multiple facets: security of customer information; security of services; and the secure use of services.


Thus, for example, particularly notable is our fight against phishing – a kind of email fraud designed to steal people’s identities – deceit, fraudulent websites, spam and other criminal activities, for which we have entered into collaboration agreements with National Security Forces and Agencies.


In relation to spam, in the company we identify when this has been sent from our customers through viruses, worms and other forms of malware (program or file which damages the computer) which have infected the computer. We inform the customer of this and tell them how to proceed in order to clean their computer.


And, in general, in order to ensure that we take adequate care of security, we carry out internal audits of online products and services through the Corporate Security Service, e-Scudo. And, through the SIGA service, we identify new threats to the company, our services and customers. In the same way, we particularly focus on the security of the products andservices aimed at children.


Business line

Telefónica offers security services and products, understood as a concept which encompasses electronic security, protection against fire, information security and fraud prevention, under the common denomination of comprehensive technology security.


In addition, in order to promote innovation in cyber-security, we have Eleven Paths,a company led by expert Chema Alonso and which has revolutionary products such as LatchFaast and the Metashield® Protector family.


We have also invested in the Spanish company Blueliv, which has developed cloud-based technology capable of protecting organisations from credit card fraud, data and information theft, as well as new generations of malware and cyber-threats. We also have Global Security Operation Centres around the world, created to protect customers’ networks.


Intelligence in cyber-security, 24 hours a day


Digital Vigilance is a Telefónica service to protect companies from cyber-attacks. Its main value lies in digital intelligence: a team of experts in hacking, fraud, criminology and online communities tracks a large volume of data in order to detect threats as quickly as possible and control them. This is complemented by the Anti-fraud service for phishing, pharming, malware, carding and mobile malware attacks.