Microsoft ends support for Internet Explorer on June 16, 2022.
We recommend using one of the browsers listed below.

  • Microsoft Edge(Latest version) 
  • Mozilla Firefox(Latest version) 
  • Google Chrome(Latest version) 
  • Apple Safari(Latest version) 

Please contact your browser provider for download and installation instructions.

Open search panel Close search panel Open menu Close menu

画像

画像

画像

画像

Social Challenge 6
Moving towards a safe, secure, and resilient society

画像

Why it matters

As a company that supports the vital infrastructure of a digitalized society, the NTT Group believes one of its responsibilities is to make use of technology to keep people safe and secure from the major threats of this century: epidemics, natural disasters, and digital disasters like cyber-attacks.

What can be accomplished

As a company that supports the vital infrastructure of a digitalized society, we will make full use of technology to keep people safe and secure from epidemics, natural disasters, digital disasters like cyber-attacks, and achieve a more resilient society.

Future vision

The NTT Group is committed to contributing to the development of society by acknowledging diverse cultures, and thus we will contribute to solving social issues by connecting people, goods, and cultures, including communities, nations, and society, while promoting high ethical standards, diversity, and inclusion in fair and equitable ways, and work towards creating a better workplace through powerful and new digital technologies.

Business Activity 19
Ensuring the stability and reliability of services

Our commitment

As a company that supports the vital infrastructure of a digitalized society, we will make full use of technology to keep people safe and secure from epidemics, natural disasters, digital disasters like cyber-attacks, and achieve a more resilient society

Our objectives

0

Number of major accidents

99.99%

Stable service provision rate

Policies and Concepts

As a corporate group with the mission of serving society by sustaining telecommunications infrastructure in normal times, the NTT Group is committed to building highly reliable telecommunications networks that connect people anytime, anywhere. Since telecommunications takes on a greater importance in the event of a disaster, we endeavor to secure the means of communication necessary for maintaining public order and for rescue and restoration operations at times of disasters, and for emergency communications, such as 110, 118, and 119. Japan is a country particularly prone to natural disasters such as earthquakes and typhoons. The importance of telecommunications networks was reaffirmed by the devastating Great East Japan Earthquake. Facing the possibility of an earthquake directly underneath Tokyo or the Nankai Trough off Japan's southern coastline, there is a pressing need for society to prepare for such potential disasters while ensuring the stability and reliability of its telecommunications infrastructure.

The NTT Group has defined three key themes for disaster countermeasures: securing critical communications, prompt restoration of telecommunications services, and improving network reliability. We have been strengthening efforts based on these themes since the Great East Japan Earthquake. We have also included Disaster Countermeasure Initiatives in our medium-term management strategy and are making a focused effort to further reinforce the communications infrastructure, seek proactive disaster response, and adequately provide information to the affected people.

Organization for Implementation

Five Group companies--NTT, NTT East, NTT West, NTT Communications, and NTT DOCOMO--are designated public institutions under the Basic Act on Disaster Control Measures. Accordingly, based on this Act, in preparation for a disaster, the NTT Group has formulated the Disaster Management Operation Plan for the purpose of smooth, appropriate implementation of measures to prevent damage. Each company has prepared their respective Disaster Management Operation Plan by organizing response efforts that are mobilized at the time of a disaster in a manner proportionate to the scope and circumstances of the situation. At the same time, we will maintain close contact with the relevant government institutions to ensure a smooth and appropriate recovery from the disaster and secure critical communications.

We are also taking measures in normal times to improve the reliability of our telecommunications infrastructure. To ensure that our telecommunications services operate without interruption at all times, we employ transmission trunk line multi-routing, have enacted blackout countermeasures for telecommunications buildings and base stations, and are making telecommunications buildings more quakeproof. In addition, we are expanding the assortment of power supply vehicles and other disaster response equipment that we have positioned throughout Japan and are repeatedly conducting training to prepare for major natural disasters. We are making a daily effort to secure the necessary emergency and critical communications.

NTT Group Disaster Management Operation Plan

Main Initiatives

Securing Critical Communications

To secure necessary communications in the event of a disaster, the NTT Group is implementing various response measures, including the installation of emergency-use public phones, a mobile phone lending service in affected areas, and providing means to confirm the safety of people in affected areas. We simultaneously install multiple lines to secure connections to the headquarters of the police department, fire department, and coast guard to prepare against the possibility that the 110, 119, and 118 emergency call services may be damaged.

A major disaster could also lead to social disorder, such as the disruption of transport systems.

In such an event, we would consider the overall situation, including whether other telecommunications carriers have put restrictions on mobile and fixed line phones and, if necessary, offer the use of public phones for free.* We will not charge carriers for which we have set call fees and will not settle payments between carriers for which we have set connection fees. For the specific names of carriers, please refer to the following websites. (Japanese only)

画像

災害対策の3本柱

Free charge public phone policy for areas covered by NTT East


Free charge public phone policy for areas covered by NTT West

Providing Services for Easy Safety Status Checking and Information Gathering When Disaster Strikes

The NTT Group launches and provides the following services to enable people to confirm the safety of relatives and friends in areas hit by a major disaster that has disrupted phone connections.

When we launch these emergency services in the event of a disaster or other contingency, we promptly inform our customers through the mass media, website, and other means.

By integrating the Web 171 Disaster Message Board with the Disaster Message Board Service for mobile and PHS phones (i-mode/sp-mode), we have also made it possible to conduct one-stop searches spanning both services from the companies providing those services. There are additional functions for notifying designated contacts by e-mail or voice when safety status information is posted.

We are continuing to make improvements, such as by offering support in English, Chinese, and Korean for the Web 171 Disaster Message Board, and in English for the Disaster Message Board Service (i-mode/spmode), increasing the number of messages that can be posted and extending message storage time.

With regard to the Web 171 Disaster Message Board, NTT East, and NTT West agreed to collaborate with the disaster message boards operated by NTT DOCOMO, KDDI, and SoftBank to allow users to check each other's messages left with these carriers since August 2019.

Main Services

  • 171 Disaster Emergency Message Dial
  • We store recorded voice messages left by users to confirm the safety of those in affected areas

  • Web 171 Disaster Message Board
  • We store text messages left by users via the Internet

  • Disaster Voice Messaging Service (i-mode/sp-mode/mopera U)
  • We deliver voice messages reporting the status of personal safety via mobile phone

  • Disaster Message Board Service (i-mode/sp-mode)
  • We store text messages left by users via mobile phone

Securing the Stability and Reliability of Telecommunications Services

The NTT Group is devoted to early restoration of telecommunications services by deploying and enhancing the functions of mobile power supply vehicles, portable satellite equipment, and other mobile equipment as well as participating in disaster drills held in the respective regions. The NTT Group endeavors to build disasterresistant communications infrastructure and maintain and operate it in a way that ensures its proper functioning at all times by conducting regular safety patrols, replacing devices as a preventive maintenance measure, and other such means, in an effort to develop disasterresilient communication networks and equipment.

Ensuring the Disaster Resistance of Telecommunications Equipment

We also strive to enable telecommunications equipment housings, pylons, and other facilities to withstand contingencies such as earthquakes, storms, flooding, fire, and power outages in accordance with predetermined design standards.

Main Measures

  • NTT's telecommunications buildings and pylons are designed to withstand earthquakes of a seismic intensity of 7 on Japan's intensity scale and 60 m/sec winds experienced during the strongest typhoons
  • Our facilities are equipped with flood doors and other defenses according to location to prevent inundation of telecommunications equipment by tsunamis or floods
  • We equip our telecommunications equipment rooms with fire doors or shutters
  • Our telecommunications buildings and wireless base stations are fitted with backup power sources to keep them running for extended periods in the event of sudden power outages
  • As a further fallback, power supply vehicles can be hooked up to them to supply power
  • We use trunk line multi-routing to ensure that our telecommunications services operate without interruption at all times
  • We deploy large-zone base stations capable of covering wide areas during disasters and other emergency situations
  • We install emergency power supply fuel tanks

Increasing the Resilience of Equipment and Speeding Up Our Response

In recent years, disasters of greater magnitude have had significant impact. To address the increased impact on telecommunications equipment and services, as well as the longer time required to resume operations, we are also promoting additional initiatives toward such goals as increasing the resilience of our equipment and speeding up recovery.

Main Initiatives for Increasing the Resilience of Telecommunications Equipment

  • Expansion in medium-zone base stations equipped to deal with disasters, such as blackout countermeasures
  • Blackout countermeasures that use electric vehicles at base stations
  • Centralized management and mobilization of approximately 400 power supply vehicles owned by the NTT Group
  • Consideration of underground installation of power transmission cables and use of fixed line phones to deal with the impact of disasters

Initiatives for Maintaining Stable Telecommunications Services

  • Operational system for monitoring and controlling the status of network operations on a real-time basis, 24-hours a day, 365 days a year
  • Collection and analysis of performance data for telecommunications equipment under ordinary circumstances to identify and deal with signs of failure
  • Application of lessons learned from past accidents to similar cases and thorough reinforcement of standard procedures based on an analysis of cases that may result in serious accidents
  • Implementation of training and drills and development of related mechanisms for fostering personnel handling network maintenance and operations

Main Initiatives for Speeding Up Service Recovery

  • Advanced launch of recovery framework (national wide-area support system and other frameworks) based on damage prediction using AI
  • Reinforcement of the recovery framework and recruitment of personnel, including the use of retired NTT employees

Initiatives for Bolstering Support for Disaster Victims

  • Delivery of realistic and concise information, including status of damage to communications, status of recovery, location of charging stations, public phones in operation during disasters, information for visitors and foreign residents, and more to support evacuation and other activities
  • Response to consultations on problems related to communications through emergency 113 call centers dispatched to affected areas
  • Collaboration with local governments and other public offices for installing Wi-Fi and charging stations inside public phone booths to secure telecommunications during a disaster

Providing Stable Telecommunications Services in Normal Times

To consistently provide secure telecommunications services to our users, the NTT Group operates a system for monitoring its telecommunications networks, implements measures for preventing accidents and failures, and works to enhance the skills of personnel responsible for network maintenance and operations.。

Providing Stable Telecommunications Services to Address a Large Spike in Demand Due to the COVID-19 Pandemic

NTT and its major subsidiaries in the telecommunications business have formulated operation plans to execute their responsibilities as designated public institutions and contribute to preventing infections from the standpoint of respecting human life. The spread of infections has been accompanied by an increased demand for Internet use and telework, significantly increasing data traffic, particularly between stationary communication terminals during daytime weekdays. The NTT Group companies have designed their existing networks to meet peak nighttime traffic and are currently capable of providing network capacity for daytime traffic. We will continue to bolster our equipment to deliver stable telecommunications services.

Operation of mobile phone base stations and terminals (NTT DOCOMO)

For more than 60 years, research has been conducted worldwide on the impact of radio waves on the human body. As a result, standards and systems have been put in place for the safe use of radio waves not only in Japan, but around the world, too.

In 1990, Japan's Ministry of Posts and Telecommunications (presently the Ministry of Internal Affairs and Communications) established its own Radio Radiation Protection Guidelines for Human Exposure to Electromagnetic Fields (RRPG) as a set of reference values for the safety of radio waves on the human body based on the results of research conducted over the preceding 40 years both inside and outside Japan. The reference values of these guidelines are the same as those recommended by the World Health Organization (WHO). Radio waves below these reference values are recognized internationally as having no adverse effects on health.

Mobile base stations and terminals of NTT DOCOMO are operated at levels lower than the reference values of the RRPG. Services are provided in compliance with related laws and ordinances incorporating the RRPG, which ensures DOCOMO mobile phones can be safely used.

画像

Social Contribution Coordination Agreement with KDDI

On September 11, 2020, NTT formed a social contribution coordination agreement with KDDI to begin mutual cooperation the for joint utilization of ships transporting necessary supplies in the event of large-scale disasters, as well as joint disaster preparedness drills and awareness-raising activities.

Building resilient social infrastructure through these initiatives has the goal of developing a sustainable society. In addition to disaster countermeasures and job assistance, NTT and KDDI will coordinate efforts to identify areas that can benefit from the mutual use of assets of both companies, such as the sound use of smartphones and addressing climate change.

画像

Stable and Reliable Telecommunications Services in Preparation for Large-Scale Disasters

NTT Group has defined three key themes for disaster countermeasures--improving the reliability of communications networks, securing critical communications systems, and promptly restoring telecommunications services. We have been strengthening efforts based on these themes since the Great East Japan Earthquake.

Specifically, we are taking measures to improve the reliability of our telecommunications infrastructure. To ensure that our telecommunications services operate without interruption at all times, we employ transmission trunk line multi-routing, have enacted blackout countermeasures for communications buildings and base stations, and are making communications buildings more disaster resistant. In addition, we are expanding the assortment of power supply vehicles and other disaster response equipment that we have positioned throughout Japan and are continuously conducting training to prepare for major natural disasters. Furthermore, we are making a daily effort to guarantee that, in the event of a disaster, we are able to immediately set up a Disaster Countermeasures Office, implement other emergency preparations, and make the necessary emergency and critical communications as a public institution as designated by the Basic Act on Disaster Control Measures.

In recent years, natural disasters have been becoming more frequent and causing wider, bigger, and more lasting damage. Recognizing the potential for natural disasters to have greater impacts on telecommunications facilities and services and for recovery efforts to be prolonged, NTT is increasing the resilience of its facilities and taking steps to expedite recovery efforts.

Disaster-Resilient Networks and Equipment

Damage from natural disasters is becoming increasingly common in recent years as climate change causes more frequent instances of heavy rains, frequent typhoons, and other natural disasters. As a result, there is a growing risk of water and lightning damage and power outages, which now threaten to cause extensive damage should they occur. NTT is committed to building disaster-resilient networks and equipment to ensure that it is able to provide reliable communications services even in the event of a large-scale natural disaster.

Flooding Countermeasures at Communications Buildings

NTT implements countermeasures to prevent flooding at communications buildings as a result of tsunamis, floods, or other natural disasters. These measures include replacing doors with more durable, water-resistant doors, sealing windows and other gaps, and reinforcing walls with concrete to ensure they can withstand the force of tsunamis.

画像

Blackout Countermeasures at Communications Buildings and Base Stations

Communications buildings and wireless communications base stations are equipped with batteries, engines, and other auxiliary power supplies that can be used as a prolonged source of electricity in the event of a blackout. Moreover, we are enacting the lessons learned from the Great East Japan Earthquake by implementing blackout countermeasures for engine generators and having batteries available for use around the clock at its roughly 1,900 base stations in important areas, such as those where municipal disaster response headquarters or city offices are located.

Transmission Trunk Line Multi-Routing and Distributed Location of Important Communications Buildings

Our nationwide network of trunk lines has been designed to secure communications and prevent disruption of services over the network as a whole by automatically diverting transmission through other routes when a certain route is damaged.

Meanwhile, if communications buildings (important communications buildings) fitted with transit switches suffer disaster damage, communications via such buildings may be severed. Distributing important communications buildings in different locations helps avoid the risk of multiple buildings suffering disaster damage at the same time.

  • 画像

  • 画像

Prompt restoration of telecommunications services

Should a disaster strike, swift action will be taken to restore service via the utilization of mobile disaster response equipment and the use of drones to confirm the situation.

Disaster Response Equipment

NTT has positioned mobile base stations and power supply vehicles across Japan that can be quickly deployed to disaster sites should a wireless communications base station be damaged by a disaster. Moreover, we have adopted off-shore base stations comprised of mobile communications base stations mounted on ships. Should a tsunami or other disaster knock out service over a wide spread of coastal area, we can provide service by using entrance satellite lines to transmit signals to the coastal areas from anchored ships.

Disaster Site Confirmation with Drones

When damage to roads or other conditions prevent us from reaching base stations, drones will be deployed to confirm the status of the site and facilitate the quick restoration of service thereafter.

Business Activity 20
Strengthening information security and personal information protection

Our commitment

As a company that supports the vital infrastructure of a digitalized society, we will make full use of technology to keep people safe and secure from epidemics, natural disasters, digital disasters like cyber-attacks, and achieve a more resilient society

Our objective

0

Number of service suspensions due to cyber attacks (annual)

Reinforce information security

Policies and Concepts

With the progressing digitalization of society and the economy and changes in international circumstances, security threats are becoming more serious and sophisticated, particularly cyber-attacks. Within this environment, the NTT Group has a responsibility to protect ICT service infrastructure and customers' basic rights, freedoms, and information assets, as well as to provide a sound foundation for the growth of the digital economy.

When formulating our medium-term management strategies in 2018, we made it our mission in terms of security to contribute to the building and development of a free, open, and safe ICT platform for supporting the infrastructure of the digital economy.

We also made it our vision to realize the digital transformation of both customers and NTT itself, and for that reason, we will be chosen by customers. In order to realize these, we will strive to engage in research and development that leverages the scale of the Group, realize superior abilities for early detection and rapid response, cultivate human resources who share the values of sincerity and advanced skill, and transcend profit-focused principles to transmit pioneering knowledge to society.

Furthermore, to achieve the transformation to a New Management Style outlined in the medium-term management strategy refined in October 2021, the NTT Group is implementing security measures capable of facilitating the shift to remote work styles. As a member of the global community building the digital society, the NTT Group will contribute to solving social issues through our security business.

Organization for Implementation

The NTT Group enforces information security management under the charge of the Chief Information Security Officer (CISO), and is thorough in its information security management. We have also established a Group CISO Committee, and formulate Group information security management strategies, plan and implement related measures, undertake human resources training, and otherwise engage in activities in collaboration with companies across the Group.

画像

Security Initiatives Supporting the Medium-Term Management Strategy

Security is one of the three pillars defined in the refined medium-term management strategy that is a particularly important for supporting "Transformation to a New Management Style."

Transformation to a New Management Style


Introduction of zero-trust systems

Development of IT infrastructure with security measures prefaced on cloud and mobile usage for accommodating the shift to remote work styles.


Systematizing Information Security

Completely revised with zero-trust security measures. Regulations that are less ambiguous and more easily understood will be developed to ensure compliance, in order to increase the security awareness of all employees, not just information security staff.

Main Initiatives

Systematizing Information Security

The NTT Group will be completely revising information security regulations to implement zero-trust security measures based on flexible working styles that are not constrained by working location. The goal is to develop regulations that are less ambiguous and more easily understood, and ensure compliance in order to increase the security awareness of all employees, not just information security staff.

Strengthen Service Security

Information communication services are an important social infrastructure and a foundation for the digitalization of society and the economy, so to provide these services in a safe and secure manner, we are working to strengthen the security of telecommunications equipment, IT service environments, and all services provided by smart cities, smart buildings, and the like.

Global Cooperation within the NTT Group

We are advancing global partnerships in the security field in order to enhance competitiveness in global business under One NTT. This NTT Group cooperation includes many businesses and regions and incorporates an approach to risk-based management, the introduction of a framework that acts as a shared language, and the setting of standards that should be met by all Group members in regard to identification, defenses, detection, response, and recovery.

Global Community

We are engaging with the cybersecurity initiatives of governments and industries around the world, particularly in North America and Europe, by sharing information and best practices in regard to security threats and building a community of companies and organizations based on mutual trust.

NTT Group Information Security Policy

As "Your Value Partner," NTT Group will aim to resolve social issues together with our partners through our business activities. As a trusted global provider of safe and secure ICT services, NTT Group will strive to ensure the security of the information entrusted to us and contribute to the sound development of the digital economy and the Remote World in accordance with the following policies.

  1. NTT Group will (a) be fully aware of the importance of information security in the digital economy and the Remote World, (b) strive to establish a safe, secure and convenient ICT-related service environment and (c) strive the security of information entrusted to us.

  2. Under the supervision of the Chief Information Security Officer (CISO), NTT Group will establish a unified information security management framework. Furthermore, NTT Group will continuously enhance its strict security measures (including Baseline Security Standards), employee security education, and audits, in order to prevent and minimize damage from unauthorized access, and information loss/falsification/leakage. NTT Group also require contractors and suppliers who handle confidential information to ensure appropriate information security, in order to strive to protect information throughout the entire supply chain.

  3. All board members, executive officers, supervisors, managers and employees of NTT Group fully recognize that (a) information is a valuable asset for business and economic activities, and that (b) the protection of information is the basis of NTT Group's business activities and a corporate social responsibility. Upon these recognition, NTT Group shall comply with relevant laws and regulations (country and jurisdiction), including those relating to the protection of personal information as well as the secrecy of telecommunications, and shall establish the information security management rules. If any violation of these rules is found, NTT Group will take strict action in accordance with its disciplinary rules.

NTT Group Information Security Policy https://group.ntt/jp/g_policy/

Information Security Training

Each Group company seeks to raise information security literacy by organizing training for all employees as well as the employees of partner companies. Training is offered through e-learning, and all employees are obliged to participate in the course once a year. Looking ahead, we are considering unifying training content throughout the Group to provide employees with a standard level of knowledge on information security required in their business operations. By doing so, we will seek to enhance the security capabilities of the NTT Group and reinforce its human resources to deliver safe, secure services for our customers and society at large.

Research and Development Initiatives

In addition to advancing the technological development of service security, we are focusing on developing elemental security technologies. In 2019, we established a global research center for research into cybersecurity and encryption technology centered around some of the world's leading researchers.

Basic Level Information Security Training

NTT Group launched a security expert certification system in 2015 with the aim of increasing the quality and number of its security personnel. This system defines three levels based on human resource type and skill level.

We must be constantly vigilant in our effort to remain abreast of the recent changes in security technologies and circumstances (zero trust, cloud native, DX, teleworking, etc.). As such, the effective and consistent training of security experts is a matter of utmost importance.

NTT used to offer basic level certification, but the rising number of certification holders coupled with the increase in awareness regarding the importance of security prompted us to develop security training programs targeting all employees worldwide.

People tend to shy away from security training due to its level of difficulty or by being turned off with the limited applicability of the subjects covered. To address this issue, we positioned raising employee interest in these subjects as our top priority, which we went about doing with animated videos and other endearing content, including a humorous introductory message by the CISO structured like a dramatic performance. Through these programs, we hope to make all employees recognize the necessity of security awareness and instill in them the basic practice of reporting any suspicious activities in their daily work. We thereby aim to motivate employees to participate in and contribute to our organization-wide drive to quickly detect and address security issues.

NTT Group CSIRT Activities

画像

Management of CSIRT

The NTT Group established NTT-CERT in 2004 to function as a computer security incident response team (CSIRT). This team collects information regarding security incidents associated with the Group. It then offers support for addressing these incidents, formulates measures to prevent recurrence, develops training programs, and provides security-related information.

As a central element of the NTT Group's security initiatives, NTT-CERT provides a reliable venue for consultations regarding information security. The team also collaborates with organizations and specialists inside and outside the NTT Group to offer support for detecting and resolving security incidents, minimizing damages, and preventing occurrence.
NTT-CERT is thereby contributing to better security for both the NTT Group and societies that are permeated by information networks.

Moreover, NTT-CERT coordinates with the United States Computer Emergency Readiness Team (US-CERT*1 ) and the Japan Computer Emergency Response Team Coordination Center (JPCERT/ CC*2 ) and is also a member of the Forum of Incident Response and Security Teams (FIRST) and the Nippon CSIRT Association*3, which enables it to coordinate with domestic and overseas CSIRT organizations. This coordination makes it possible for NTT-CERT to share information on relevant trends and response measures. In addition, NTT-CERT participates in the cross-industry drills held by the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) to share expertise and gather information. NTT-CERT also plays a role in promoting the establishment of CSIRTs at Group companies and helping improve their response capabilities.

NTT-CERT will expand its collection of information on vulnerabilities and attacks to cover areas including the dark web and will strengthen its information analysis platform and further automate and enhance its response to cyber threats in order to continually respond to threats as they change.

※1US-CERT: An information security preparedness organization under the Department of Homeland Security (DHS)

※2JPCERT Coordination Center: An organization that collects reports inside Japan, supports responses, monitors situations, analyzes entry points, and reviews and provides advice on measures for preventing reoccurrences from a technical standpoint with regard to computer security incidents such as intrusions through the Internet or service interruptions

※3NTT-CERT founded the Nippon CSIRT Association

NTT-CERT


Nippon CSIRT Association


FIRST Forum of Incident Response and Security Teams

Personal Information Protection

Policies and Concepts

Every year, the importance of ensuring the protection of personal information and the comprehensive management of information around the world continues to grow. The NTT Group has been entrusted with a considerable quantity of personal information, ranging from data on individual customers to that of corporate customers, and as such ensure that personal information is handled appropriately in accordance with the laws and regulations of each country, such as Japan's Act on the Protection of Personal Information and the EU's General Data Protection Regulation (GDPR).

Under these circumstances, personal information leakage could have various repercussions for the NTT Group in the operations of its businesses, including damage to its corporate value and loss of customers, which makes it essential to rigorously manage personal information as the NTT Group's top priority.

Organization for Implementation

Under the NTT Group Information Security Policy, we disclose on our website specific policies for protecting the personal information of customers and shareholders and policies for protecting personally identifiable information required by Japan's Social Security and Tax Number System. In this policy, we also define how we respond to requests for disclosure, correction, and suspension of use related to the personal information retained by the NTT Group.

We have also put in place a security management system that ensures thorough and rigorous security practices, with the Chief Information Officer (CISO) placed in charge (see page 054).

Policy on Protecting Personal Information


About personal information protection


Policy on Protecting Personal Information of Customers


Policy on Protecting Personal Information of Shareholders


Policy on Protecting Specific Personal Information of Business Partners


Policy on Protecting Specific Personal Information of Shareholders

Main Initiatives

NTT has systematic security control measures, human security control measures, physical security control measures, and technical security control measures in place for handling our customers' personal information.

(1) Systematic security control measures

We have created a statement outlining the building of management systems such as placing a person responsible for management of the committee and each organization, the establishment of internal regulations, management ledgers and process management charts, and other matters. Furthermore, we are also building management systems for handling ongoing improvements and the like.

(2) Human security control measures

All employees who handle customers' personal information are informed and made aware of the importance of protecting this information, regardless of whether they are officers, regular employees, or temporary employees. We ensure employees conclude non-disclosure agreements and provide necessary auditing and supervision to ensure their effectiveness.

(3) Physical security control measures

We enact various measures including controlling access to physical equipment which handles customers' personal information and the floors where these are kept, measures to prevent theft, measures to prevent damage to customers' personal information during incidents such as fires and lightning strikes, and the use of locks when taking out, moving, or storing systems and documents.

(4) Technical security control measures

We have put in place various technical security control measures such as access management when accessing personal data including authentication, authority administration, control, and recording, countermeasures against viruses and malware in systems, measures for use when sending and receiving information including encryption and clarification of responsibility, and the monitoring of information systems.


Each domestic company in the Group has established a personal information protection system in line with its business and based on the Protection of Personal Information. We are consistently pursuing initiatives to protect information, including stringent measures on the physical and systems aspects of security and appropriate supervision of outsourcing contractors. Management of information is being further enhanced, as personal information acquired by group companies in Japan via individual or household services like cell phones and internet access will be retained and accessed from within Japan after May 2021.

Main Initiatives of Domestic Group Companies

  • Establishment of internal rules and regulations
  • Employee training to ensure appropriate implementation of the above rules and regulations
  • Establishment of an organization to promote information security management
  • Establishment of a security management system for preventing illegal access to information or the loss, alteration, or information leakage as well as managing antivirus measures and the physical transfer of information

Establishment of Contact Points on Personal Information

NTT has set up the Customer Contact Point on Personal Information, and similar contact points for services related to personal information have been set up at each NTT Group company. Since NTT is a holding company that does not directly provide telecommunications services, inquiries regarding personal information related to services are redirected to the contact points of the operating companies concerned.

Additionally, inquiries regarding the handling of personal information under laws and regulations are redirected to the person responsible for information security at the operating companies concerned.

Nippon Telegraph and Telephone Corporation Customer Contact Point on Personal Information


Email:ntt_kojin@ntt.com


NTT's Contribution to Olympic and Paralympic Games Tokyo 2020

NTT provided critical communication services for operating the Games. It provided a broadcasting network to connect Games venues with the Tokyo Big Sight that served as an International Broadcast Centre (IBC), as well as various systems for running the event and data network services for the system to release game results to the media, supporting steady operation of the event. NTT built the LAN for the venues, including the 43 Games venues, IBC, the Main Press Centre and the Olympic Village, providing various communication services including distributing videos and land lines to associates.

All Games venues were turned to 5G mobile networks, whose commercial services had started in 2020 in Japan, to offer mobile phone services.

  • 画像

  • 画像

NTT's Contribution to Olympic and Paralympic Games Tokyo 2020 (Cyber Security)

While the cyber security of the Tokyo 2020 Games was considered to be more threatening than in the past, NTT implemented network security measures for communication services and various cyber security measures during the Games. The total number of security events detected during the Games was 450 million, but NTT responded by appropriately handling and blocking the communications, there were no security incidents that had an impact on the operation of the games or events.

    Reference

  1. (1)Staff working at the Games venues: approx.650
  2. (2)Staff working at the Technology Operations Center: approx. 350
  3. (3)Staff working at the Security Operations Center: approx. 90
  4. (4)Total NTT staff supporting the Games (including NTT's partner companies): 10,000 (including (1) - (3) staff)

    Responding to the complexity of the ICT environment at the Tokyo 2020 Games, NTT maintained a "Cyber Hygiene" environment by adopting a whitelist (enumerating only possible communication protocols) format.

  • ID (personal authentication: including multifactor authentication)
  • Handling changes in communications traffic over time, carefully verifying venues in a short time before opening facilities
  • Protection using multi-vendor products (for Defense in Depth)
  • Handling of both officially provided devices and BYOD
  • Application of R&D results (such as "Authenticity and Integrity Monitoring Technology" to detect tampering)

NTT was a Gold communications service partner of the Tokyo 2020 Olympic and Paralympic Games.

Business Activity 21
Promoting a decentralized society based on remote work

Our commitment

Shifting toward new work styles centered on remote work, by upgrading IT environments and reviewing systems, in addition to advancing DX projects and work reforms with an eye on the post-pandemic world

Our objective

0

Major personal data leaks (annual)

Policies and Concepts

NTT Group intends to shift toward new work styles centered on remote work, by upgrading IT environments and reviewing various systems, in addition to advancing DX projects and work reforms with an eye on the post-pandemic world.

Remote work will be the standard work style for employees going forward. By allowing employees freedom in choosing their work location, we will transition from a centralized organization to a decentralized and autonomous network-style organization.

An extremely high rate, 70% to 80%, of staff in departments like management and planning are already used to working remotely, and the concept of "working from anywhere" is becoming firmly entrenched. We will be making even more improvements to these working styles and working environments as we look further into how we can enable staff to work from anywhere.

In other areas, we will continue revising business processes with DX to increase the scope of work that can be performed remotely, while also systemizing information security systems suitable for remote work.

As we move our focus to remote work, we will look to developing a working environment that allows employees to choose where they want to live, instead of being constrained by specific working areas.

And as remote work becomes the norm, offices will become a space for the creation and co-creation of ideas with one-on-one interaction.

Specific ways to make offices even easier to work in for those working remotely as well as those commuting to the office include increasing the efficiency of office space by reducing seating arrangements to suit the number of staff actually coming into the office, ensuring social distancing with ample space for each person, as well as flexible seat selection with desks available for use by anyone and better spaces for holding remote conferences.

Office space will be reduced by 30% by systematizing information security suitable for remote work and revising the office environment from FY2022.

[Reference] Expansion of Satellite Offices

<Fiscal 2021>
・62 company offices
 (of which 52 are new offices added in FY2021)
・Around 200 external offices