Main Contents

Printable Version

Corporate Information

NTT Communications group CSR Report 2007

Making Society Safer and More Secure

We pursue information security to create a safer and more secure society.

Internal Safety and Security Initiatives
  • Security Declaration and Information Protection Policy

    We were one of the first companies to formulate a framework to protect customer and other information. In September 2002, we applied stringent internal policies to enhance customers’ security through our Security Declaration and Information Protection Policy.

    Technology alone is not a sufficient safeguard, as people both threaten and operate security systems. That is why we are strengthening all security aspects, notably people, processes, and technology.

    NTT Communications Security Declaration

    Our most important mission, in addition to protecting information that is vital to our customers and providing services they know are safe, is contributing to an enhancement of our customers’ security system.

    We regard security as our top priority in providing services to our customers, and we pledge to work with them to achieve an optimum security system.

    We will do our utmost to ensure security in all phases of the value chain from technology and service development to establishment and operation.

    Furthermore, as Internet Professionals, each one of us will raise our capabilities to respond to security-related issues.

    Three Resolutions
    • We regard security as our top priority in providing services to our customers, and we will do our utmost to enhance their security.
    • As an IT partner entrusted with our customers’ vital information, we will work with them at all times to ensure their security.
    • Business partners and contract employees are also important supporting members of NTT Communications. We will therefore

    See the following website for details:http://www.ntt.com/obp_e/torikumi/02.html

  • Information Security Management System
    Graph:Companywide Management Infrastructure

    Companywide Management Infrastructure opens in another window.another window opens

    Group Information Security Management Systems Certifications
    Fiscal 2005 Fiscal 2006
    Group companies certified 6 7

    The president and CEO appointed the Chief Security Officer (CSO), who established the Security Management Office. This officer maintains information security governance by performing the following benchmark tasks in keeping with the requirements of ISO 27001, the international standard for information security management systems:

    • Formulate rules and standards and educate all employees
    • Plan and apply companywide information security policies
    • Ensure unified responses to information security incidents
    • Monitor compliance with information security regulations

    Special officials in each business unit manage information security based on companywide policies. We conduct job-specific companywide training to improve the security consciousness of employees. We also meet with vendors to exchange information on case studies and policies and mutually improve security.

  • Policies to Protect Customers’ Information and Privacy
    Privacy Mark Accreditations
    Fiscal 2005 Fiscal 2006
    Group companies accredited 4 9

    As of March 31, 2007, nine Group companies had obtained Privacy Mark accreditation. We comply with the Ministry of Internal Affairs and Communications’ guidelines on managing personal information. We conduct regular audits to ensure that vendors adhere to our security standards.

    In December 2006, someone stole a Group company’s notebook PC that contained customer information. The Ministry of Internal Affairs and Communications instructed us to prevent such an incident fromrecurring. We responded by forbidding employees from taking computers outside Group company premises. We added new internal auditing items and retrained all employees.

    In these and other ways, we will beef up our commitment to groupwide information security management standards.

Back to the page top

Internet Service Provider Initiatives to Foster Security and Safety
  • Security Declaration and Information Protection Policy
    Cyber Clean Center‘s website:another window opens

    Cyber Clean Center‘s websiteanother window opens

    Banner:Joint declaration by seven major provider companies

    Banner for joint declaration from seven leading Internet service providers on their commitment to a community that fosters information security

    The Anti-Bot* Countermeasures Project is a public-private initiative launched in December 2006 to combat new threats to the Internet. The project seeks to eliminate bot (see note below) infections within five years. NTT Communications and other Internet service providers are working on the project with the Ministry of Internal Affairs and Communications and the Ministry of Economy, Trade and Industry. The effort has been very successful, gathering more than 2 million viruses in 100,000 categories to produce tools that victims can use to disinfect their computers.

    We play a central role in sophisticated national projects. For example, in fiscal 2006 we and other Internet service providers collaborated with the Ministry of Internal Affairs and Communications to launch the world’s first drills to respond to telecommunications cyber-attacks. That was because most user sites are vulnerable to malicious viruses.

    * A bot is a program that a malicious party can develop to remotely force compromised computers to distribute spam or leak information without the owners knowing.

  • Strengthening Internet Security Services
    OCN Anshin Select Pack website:another window opens

    OCN Anshin Select Pack websiteanother window opens

    Plala’s security website:another window opens

    Plala‘s security websiteanother window opens

    OCN served 6.09 million subscribers as of March 31, 2007. In January 2007, we launched Anshin Select Pack, which offers discounts on a combination of several security services. The goal was to encourage more subscribers to use security products and thereby enhance their Internet experience. NTT Communications Group company Plala Networks Inc. offers a free filter for Winny, a file-sharing application that has caused significant problems in Japan owing to inadver tent information leaks.

    We will continue groupwide efforts to ensure safe and secure networks.

  • Improving Corporate Network Security Monitoring and Operations
    写真:セキュリティオペレーションセンタ

    Our Security Operations Center

    Zero-day attacks and other network threats that focus more on equipment and applications rather than operating systems are increasing. These developments have made it harder for corporate customers to independently safeguard their security.

    Our Security Operations Center monitors such new threats 24/7 to protect corporate information systems and prevent business interruptions.

    Japanese companies will soon have to monitor and manage their information systems in line with the Japanese Sarbanes-Oxley Act. The Security Operations Center can help customer companies to comply with those requirements.

  • Making the Internet Safe for Children
    Kids-goo website:another window opens

    Kids-goo websiteanother window opens

    NTT Resonant’s Kids-goo website presents its Seven Rules of simple precautions and manners for children using the Internet. We offer services to filter out improper websites and better protect children from online criminals.

    See the following Japanese-language website for details:http://kids.goo.ne.jp/another window opens

Back to the page top