Skip to main content

Featured

Inadequate Password Complexity Policies

Some online services have lenient password complexity policies, allowing users to create weak passwords easily. This poses a security risk: Reduced Security: Weak password complexity policies make it easier for attackers to guess passwords or use dictionary attacks. False Sense of Security: Users may perceive their accounts as more secure than they actually are when allowed to create weak passwords. To overcome this challenge, organizations should enforce strong password complexity policies that require users to create passwords with a blend of upper and lower case cultivations, numbers, and special characters. Additionally, they can encourage the use of multi-factor validation (MFA) for an added layer of security. Lack of User Education Many users lack awareness of password security best practices, leading to suboptimal password choices: Weak Password Creation: Users may not understand the importance of strong passwords or how to create them. Limited Awareness of Risks: ...

Provision of services or exploitation of electronic communications networks

This lack of definition in the aforementioned conditions for the provision of services, which was not exempt from criticism, has come to be filled, making use of the power provided in art. 8.2 of the LGTel, by the provisions of RD 424/2005.

The regulatory provision has established that, in addition to other conditions that may be required to meet for various reasons, all operators must comply, regardless of the network or service they intend to exploit or provide, the general conditions that we will indicate below.

These conditions are:

1.            Contribute to the financing of universal service, provided they meet a series of requirements.

2.            Pay the rates provided for in the LGTel and its implementing regulations.

3.            Guarantee the interoperability of services.

4.            Guarantee end users accessibility of numbers, names or addresses in accordance with the provisions of the corresponding national plans.

5.            Guarantee the protection of personal data and the privacy of people, in accordance with the provisions of the LOPD, the LGTel and its implementing regulations.

6.            Guarantee consumers and end users the rights that correspond to them.

7.            Provide the national regulatory authorities with the information and documentation they need for the fulfillment of their purposes.

8.            Execute the legal interception orders emanating from the competent authority, in accordance with the applicable legislation.

9.            Comply, when so established in the current regulations, the resolutions of the authorities adopted for reasons of public interest, public security and national defense.

10.         Ensure compliance with the technical standards and specifications and the technical requirements that, in each case, are applicable, including those related to telecommunications equipment and devices.

11.         Comply with the restrictions regarding the transmission of illegal content established in the LSSI, and in relation to the transmission of harmful content established in Law 25/1994, of July 12, which incorporates Directive 89 into the Spanish legal system. / 552 / CEE, on the coordination of legal, regulatory and administrative provisions of the Member States relating to the exercise of television broadcasting activities.

12.         Comply with the rest of the requirements and conditions established in LGTel 9/2014, of May 9, and in its implementing regulations.

In addition to these general conditions applicable to all operators , the regulation establishes others depending on the type of network operation carried out or the type of service provided.

In this way we can distinguish:

1.            Conditions applicable to operators that operate public electronic communications networks.

2.            Conditions required of operators that operate public telephone networks.

3.            Conditions required of the operators that provide the telephone service available to the public.

Such conditions are detailed in arts. 18, 19 and 20 of RD 424/2009.

A series of rights to operators of commercial communications networks and services are also recognized in the regulatory headquarters, in addition to others recognized by law.

They will be:

1.            Negotiate and, where appropriate, obtain interconnection or access to the networks and associated resources of other operators.

2.            Obtain rights to use the numbering, addressing and naming.

3.            Obtain rights of use of the radioelectric public domain.

4.            Obtain occupation rights of the public domain and private property for the installation of electronic communications networks.

In addition to these conditions imposed by regulation , the LGTel has provided that those entities that carry out their activity in other economic sectors, where they are holders of special or exclusive rights, and that operate public networks or provide electronic communications services available to the public.

They will also have the obligation to optionally:

1.            Keep separate and audited accounts for your electronic communications activities.

2.            Establish a structural separation for activities associated with the operation of networks or the provision of electronic communications services

Likewise, when it is a Public Administration that carries out the exploitation of networks or the provision of electronic communications services, either directly or through companies in whose capital they mainly participate, the activity will be carried out with the due separation of accounts and in accordance with the principles of neutrality, transparency and non-discrimination. The CNMC being able to impose special conditions that guarantee the non-distortion of free competition.

 

Popular Posts