Truphone CSIRT
Updated: 17 March 2021
This page describes the Truphone CSIRT service according to the RFC 2350.
Truphone Computer Security Incident Response Team (Truphone CSIRT) is part of the Truphone Cybersecurity, Risk and Compliance area. This team relies on automatic and stakeholders' alerts to respond to security incidents, protecting Truphone and its customers from threats to information security and cyber-attacks.
Purpose
Truphone CSIRT provides the most effective and efficient protection for our internal information and that of our customers, suppliers and partners. This is done by detecting threats, analysing data, and containing, eradicating and recovering from security incidents. It ensures minimal impact and the continuity of operations and data privacy.
Truphone CSIRT is in constant contact with other CSIRTs and CERTs, receiving and sharing relevant information on incidents in cyberspace.
Distribution List for Notifications
Email notification of updates are sent to Truphone CSIRT. All queries regarding updates and changes should be sent to Truphone CSIRT email address at csirt@truphone.com
Charter
Mission Statement
To contributions to the use of cyberspace in a free, reliable and secure manner by Truphone, its customers, suppliers and partners.
To maintain a proximity and means of communication with national and international regulatory and incident response agencies, allowing us to continuously improve the security of cyberspace.
Constituency
Truphone CSIRT scopes internal employees, assets and IPs provided to Customers. All Truphone domains are also included, namely truphone.com, business.truphone.com, myaccount.truphone.com and iot.truphone.com. All external facing Truphone IPs are also part of Truphone CSIRT scope, namely:
38.76.65.0/24, 38.84.160.0/24, 84.207.225.96/27, 85.184.0.0/22, 85.184.4.0/22, 91.206.234.0/23, 103.94.214.0/23, 115.187.131.32/28, 115.187.131.128/28, 115.187.131.144/28, 130.117.77.0/24, 146.88.208.0/21, 149.14.17.0/24, 154.57.152.0/24, 185.99.24.0/23, 185.99.26.0/23, 194.88.242.0/24, 194.88.243.0/24, 205.252.233.0/24, 205.252.234.0/24, 207.226.60.0/24, 207.226.114.0/24, 116.66.221.160/28, 2405:c740::/32
Sponsorship and Affiliation
Truphone Computer Security Incident Response Team (Truphone CSIRT) is part of Truphone Cybersecurity, Risk and Compliance area.
Address
TagusPark, Edifício Qualidade B - Bloco B2 - 2A, 2740-120 Oeiras, Portugal.
Time Zone
Portugal/WEST (GMT+0, GMT+1 summer time)
Public Keys and Encryption
Encrypt any sensitive email with the Truphone PGP Key and send to csirt@truphone.com
Key Size: 4096
csirt@truphone.com
PGP Key fingerprint: 3AD5D4AF6BB2EAF786CF43892AE64CFE19083462
Link to Public Key
Authority
The Truphone CSIRT works under the responsibility of Truphone's Chief Information Security Officer. It collaborates with the operational responsibilities of its employees' infrastructures, thus guaranteeing the operational authority necessary for the correct development of the incident response.
Types of Incidents and levels of support
Truphone CSIRT responds to all types of cybersecurity incidents, including those that result in a security breach of the following types:
Incident Class:
- Malware
- Availability
- Information Gathering
- Intrusion
- Information Security
- Fraud
- Other
The Truphone CSIRT has adopted the policy of classification of incidents of CERT.PT, guaranteeing a harmonization of communication between both entities.
Cooperation, Interaction and Disclosure of Information
Truphone's privacy and data protection policy means that sensitive information may be passed on to third parties only with the prior express authorization of the individual or entity to whom that information relates.
Communication and Authentication
From the means of communication provided by Truphone CSIRT, telephone and unencrypted electronic mail are considered sufficient for the transmission of non-sensitive information. For the transmission of sensitive information, the use of PGP cipher or equivalent is mandatory.
Incident Response
The incident response provided by Truphone CSIRT is only carried out within the scope of the aforementioned action and follows a methodology adapted to the best practices, containing the following phases:
a) Detection
b) Analysis
c) Containment
d) Eradication
e) Recovery
Proactive Activities
Alerting Truphone's internal and external stakeholders about cybersecurity risks arising from the infrastructure used in this service, with the potential to impact those Customers.
Provide ratings and visibility on their allocated IP ranges.
Disclaimer
While every precaution will be taken in the preparation of information, notifications and alerts, Truphone CSIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of information contained within.
Furthermore, several contractual obligations are included in the standard service contract, which only cover the involved parties.
Contacts
Truphone CSIRT
Email: csirt@truphone.com.
Phone: +351 96 719 8376
For any other inquires the following contacts should be used:
* General Cybersecurity, Risk and Compliance inquires: seccom@truphone.com
* 24/7 support from non Truphone mobile: +44 7408 836595