Security and protection of privacy
Our business is based on the trust of customers, well-functioning services and data security.
We invest in the functionality of our services, confidentiality of information and disruption prediction. We cooperate closely with energy companies and authorities in the management of, for example, disruptions caused by storms and data security issues.
We also continuously develop our services and operations to be able to answer various cyber threats directed at us, our customers and society at large.
We ensure the data security of the services we provide for the Finnish, Estonian and international markets. Service information, servers and data centres related to our services in Finland are located in Finland.
We continuously improve the smooth operation and ease-of-use of our services. We pay particular attention to the ease-of-use and safety of services directed at children and the elderly.
Protection of privacy
Ensuring the confidentiality of communications and protecting the privacy of individuals are key issues for us.
Protection of privacy includes the content of messages, information about the parties to the communications and personal data.
We collect, use and store information, for example, in order to implement and market services, to implement agreements and for official purposes.
Our comprehensive guidelines for the protection of privacy are followed by all Elisa employees and partners. We regularly train individuals responsible for processing customer and communications identifying data about how to process said data in compliance with legislation and our guidelines. The point of departure is that viewing information equals their being processed.
In addition to providing guidelines and training, we monitor the realisation of the protection of privacy. Moreover, we monitor the processing of information by analysing log data produced by various systems.
We have selected leading Finnish and international operators as our partners. We have signed comprehensive security agreements with our partners, one of the main aims of which is to ensure that the protection of privacy and, for example, the processing of personal data are implemented according legislation and Elisa's requirements. In addition to security agreements, we sign with our suppliers the DTA agreements required by EU regulations, if the data is processed outside of countries deemed data secure by the EU or EEA.
We will hand over information to competent authorities in compliance with the terms and decisions provided for in legislation.
Cooperation and services to enhance cyber security
Cyber risks combine events affecting data systems and the physical world in new kinds of threats to the functioning of the general public, companies and society as a whole.
Preparation and prediction are key issues in managing cyber threats. As a provider of nationally critical infrastructure, we design and implement our systems with continuity and security perspectives in mind. We cooperate with authorities, other companies and business organisations in preparing and developing cyber security.
We prepare for special circumstances, for example, by verifying our network and systems, placing them in guarded premises and ensuring power supply in case of power failures. We cooperate closely to develop our functional capability in cases of major disruptions. We monitor the functioning of our systems 24/7 in an effort to be able to detect and manage special events, such as denial of service attacks. In special circumstances, we aim to communicate to the customers and authorities as efficiently as possible. We were the first operator to provide our customers with an interactive disruption map service in 2010.
For our part, we are responsible for the security of the Finnish network environment and cooperate with authorities and operators. Based on information detected or received from somewhere else, we recognise connections sending malicious traffic, inform our customers about malware-infections on their devices and prompt them to clean their device. Our customers may also purchase extra support, for example, for cleaning computers infected by malware.
Reliable authentication plays a key role in the majority of digital services. We have introduced increasingly strong authentication in our services and have developed strong authentication solutions, such as the Mobile Certificate in cooperation with other Finnish operators.
We provide our customers with services with which they will be able to prepare for special circumstances and to manage cyber risks and situations facing their activities. Key services include virus protection and firewall services, encrypted connections, encrypted server, storage and data centre services, filter services, prevention of denial of service attacks and snapshot systems providing status reporting of systems and supporting their management.
The use of mobile network is safe
As a part of Finnish society, it is our duty to ensure comprehensive and reliable mobile communication and data connections. The mobile network ensures that everyone can utilise these connections. This is also an important safety issue, since the majority of emergency calls are made with a mobile phone.
It is our aim to maintain and develop mobile network coverage so that it serves the needs of the users in the best possible way. We also cooperate closely with operators in the field on electro-magnetic fields and invest in the careful planning of the placement of base stations.
The health effects of base stations and mobile phones have been extensively studied internationally and over 600 studies directly related to the subject have been published. According to these studies, mobile phones have not been found to cause health risks. The realisation, reliability and results of internationally published studies is monitored and evaluated by a group of international and Finnish experts. Reliable information about the subject is available, for example, at the following addresses:
In Finland, the safety of mobile phone networks is monitored by STUK - Radiation and Nuclear Safety Authority, the decisions and regulations of which are based on numerous scientific research findings. Elisa complies with laws and regulations in all its activities.
More information (in Finnish) about the health effects of mobile communications is available at www.mobiilijaterveys.fi