SenSage - Enterprise Security Analytics
Download InfoDemoContact Us
Solutions: Compliance - Telecommunications

Compliance

Overview -

Sarbanes-Oxley -

Financial Services -

Health Services -

Government -

PCI DSS -

Telecommunications -

ISO 27002 -

Log Management

Clients

Download Information
Datasheets
Whitepapers
Solution Notes
Product Demos
Webcasts
Case Studies
Reviews
Compliance Analytics
Telecomm
SOX
HIPAA
FFIEC/GLBA
PCI
NISPOM
FISMA
ISO 27002

EU Data Retention and Electronic Surveillance Directive

EU Data RetentionThe EU Data Retention Directive sets mandatory requirements for ISPs and telecoms for the collection, retention and retrieval of communication records within the 25 EU member countries. By September of 2007, EU countries will establish and enact the Directive as law.

This Directive requires that all telephony, Internet access and messaging transaction details, not contents, must be retained between 6 months and 2 years. The guidelines specify that segregated data storage be established, support required protection provisions and not be co-joined with business data processing. Furthermore, the data must be retained in an accessible repository so that organizations can respond to information requests from competent authorities, “without undue delay.” Specifically, organizations must be able to extract the pertinent records from the repository upon request – measured in minutes and hours.

While any Directive project can be achieved with unlimited funds and resources, the integrated POC satisfied the Directive requirements at significantly less total cost of ownership as compared to conventional approaches. See the recent SenSage, EMC interview by TelecomTV.

Implications for Telephony and Internet Service Providers

The Directive places significant storage, security and analysis obligations on Telcos and ISPs. While Telcos and ISPs often support law enforcement, current systems may not meet new Directive standards. Conventional transaction recording systems may be expanded to meet the Directive, but this would present material costs, as well as new operational and technical considerations.

The challenge quickly becomes how to manage the resulting avalanche of data. For each phone call, web surfing session or email message, there can be dozens of call detail records and transaction logs that must be properly aggregated. Multiply this by the number of users/subscribers and taking into account the 6-24 month retention requirement will equate to Billions of records and terabytes of data that must be collected, retained, secured and efficiently analyzed.

SenSage Solution

SenSage has developed a powerful event data management and analysis platform that makes compliance with the EU data retention directive feasible and cost-effective. The SenSage solution offers the following benefits:

  • Captures all log records from all relevant telecommunications CDR Mediation, Internet access and messaging sources
  • Stores all data in highly compressed, yet available format to reduce storage costs/requirements
  • Provides full data analysis capability – efficiently extract the exact records of interest in minutes
  • Offers exceptional data loading and query performance that is fully scalable.
  • Delivers a complete solution at a fraction of the cost when compared to that of traditional approaches

Proof-of-Concept

SenSage, EMC and Intec recently collaborated on a Proof of Concept (POC) to demonstrate a more effective, lower cost EU Data Retention Directive solution offering lifecycle event data management, high-speed analysis, on-line retention and robust storage management capacity.

While any Directive project can be achieved with unlimited funds and resources, the integrated POC satisfied the Directive requirements at significantly less total cost of ownership as compared to conventional approaches.

Get the Details

Have a representative contact me: info@sensage.com .

Data Source Requirements

The following data must be captured and retained:

Fixed Network Telephony
  • Calling phone number
  • Name and address of the subscriber or registered user
  • Date and time of the start and end of the communication
  • Telephone service used, (e.g. voice, conference call, fax, messaging services)
Mobile Telephony
  • Called telephone number or numbers
  • Name(s) and address(es) of the subscriber(s) or registered user(s)
  • Date and time of the start and end of the communication
  • Telephone service used, e.g. voice, conference call, Short Message Service (SMS), Enhanced Media Service or Multi-Media Service
  • International Mobile Subscriber Identity (IMSI) of the calling and called party
  • International Mobile Equipment Identity (IMEI) of the calling and called party
  • Location label (Cell ID) at the start and end of the communication
  • Data mapping between Cell IDs and their geographical location at the start and end of the communication
Internet Access, Email, Internet Telephony
  • IP address, whether dynamic or static, allocated by the Internet access provider to a communication
  • The User ID of the source of a communication
  • The Connection Label or telephone number allocated to any communication entering the public telephone network
  • Name and address of the subscriber or registered user to whom the IP address, Connection Label or User ID was allocated at the time of the communication
  • The Connection Label or User ID of the intended recipient(s) of a communication
  • Name(s) and address(es) of the subscriber(s) or registered user(s) who are the intended recipient(s) of the communication
  • Date and time of the log-in and log-off of the Internet sessions based on a certain time zone
  • Calling telephone number for dial-up access
  • Digital subscriber line (DSL) or other end-point identifier of the originator of the communication
© 2008 SenSage, Inc Terms of Use | Home | Company | Solutions | Products | Partners | News | Download Info | Contact Us | Sitemap | Support