Truphone CSIRT

Updated: 17 March 2021

This page describes the Truphone CSIRT service according to the RFC 2350. 

Truphone Computer Security Incident Response Team (Truphone CSIRT) is part of the Truphone Cybersecurity, Risk and Compliance area. This team relies on automatic and stakeholders' alerts to respond to security incidents, protecting Truphone and its customers from threats to information security and cyber-attacks.

Purpose

Truphone CSIRT provides the most effective and efficient protection for our internal information and that of our customers, suppliers and partners. This is done by detecting threats, analysing data, and containing, eradicating and recovering from security incidents. It ensures minimal impact and the continuity of operations and data privacy.

Truphone CSIRT is in constant contact with other CSIRTs and CERTs, receiving and sharing relevant information on incidents in cyberspace.

Distribution List for Notifications

Email notification of updates are sent to Truphone CSIRT. All queries regarding updates and changes should be sent to Truphone CSIRT email address at csirt@truphone.com

Charter

Mission Statement

To contributions to the use of cyberspace in a free, reliable and secure manner by Truphone, its customers, suppliers and partners.

To maintain a proximity and means of communication with national and international regulatory and incident response agencies, allowing us to continuously improve the security of cyberspace.

Constituency

Truphone CSIRT scopes internal employees, assets and IPs provided to Customers. All Truphone domains are also included, namely truphone.com, business.truphone.com, myaccount.truphone.com and iot.truphone.com. All external facing Truphone IPs are also part of Truphone CSIRT scope, namely:

38.76.65.0/24, 38.84.160.0/24, 84.207.225.96/27, 85.184.0.0/22, 85.184.4.0/22, 91.206.234.0/23, 103.94.214.0/23, 115.187.131.32/28, 115.187.131.128/28, 115.187.131.144/28, 130.117.77.0/24, 146.88.208.0/21, 149.14.17.0/24, 154.57.152.0/24, 185.99.24.0/23, 185.99.26.0/23, 194.88.242.0/24, 194.88.243.0/24, 205.252.233.0/24, 205.252.234.0/24, 207.226.60.0/24, 207.226.114.0/24, 116.66.221.160/28, 2405:c740::/32

Sponsorship and Affiliation

Truphone Computer Security Incident Response Team (Truphone CSIRT) is part of Truphone Cybersecurity, Risk and Compliance area.

Address

TagusPark, Edifício Qualidade B - Bloco B2 - 2A, 2740-120 Oeiras, Portugal.

Time Zone

Portugal/WEST (GMT+0, GMT+1 summer time)

Public Keys and Encryption

Encrypt any sensitive email with the Truphone PGP Key and send to csirt@truphone.com
Key Size: 4096
csirt@truphone.com
PGP Key fingerprint: 3AD5D4AF6BB2EAF786CF43892AE64CFE19083462

Link to Public Key

Authority

The Truphone CSIRT works under the responsibility of Truphone's Chief Information Security Officer. It collaborates with the operational responsibilities of its employees' infrastructures, thus guaranteeing the operational authority necessary for the correct development of the incident response. 

Types of Incidents and levels of support

Truphone CSIRT responds to all types of cybersecurity incidents, including those that result in a security breach of the following types:

Incident Class: 

  • Malware
  • Availability
  • Information Gathering
  • Intrusion 
  • Information Security
  • Fraud 
  • Other

The Truphone CSIRT has adopted the policy of classification of incidents of CERT.PT, guaranteeing a harmonization of communication between both entities.

Cooperation, Interaction and Disclosure of Information

Truphone's privacy and data protection policy means that sensitive information may be passed on to third parties only with the prior express authorization of the individual or entity to whom that information relates.

Communication and Authentication

From the means of communication provided by Truphone CSIRT, telephone and unencrypted electronic mail are considered sufficient for the transmission of non-sensitive information. For the transmission of sensitive information, the use of PGP cipher or equivalent is mandatory.

Incident Response

The incident response provided by Truphone CSIRT is only carried out within the scope of the aforementioned action and follows a methodology adapted to the best practices, containing the following phases:

a) Detection
b) Analysis
c) Containment
d) Eradication
e) Recovery

Proactive Activities

Alerting Truphone's internal and external stakeholders about cybersecurity risks arising from the infrastructure used in this service, with the potential to impact those Customers.
Provide ratings and visibility on their allocated IP ranges.

Disclaimer

While every precaution will be taken in the preparation of information, notifications and alerts, Truphone CSIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of information contained within.

Furthermore, several contractual obligations are included in the standard service contract, which only cover the involved parties.

Contacts

Truphone CSIRT

Email: csirt@truphone.com.

Phone: +351 96 719 8376

For any other inquires the following contacts should be used:
* General Cybersecurity, Risk and Compliance inquires: seccom@truphone.com
* 24/7 support from non Truphone mobile: +44 7408 836595

Return to security page.