menu
close_24px
Talk to Expert
Security & Compliance

Infrastructure Security
You Can Verify

Arkan Solutions engineers security into the architecture of its voice connectivity platform — not as an add-on. Every signalling path, media stream, and management interface is designed to meet the security and compliance requirements of enterprise and government deployments across MENA and global markets.
Download Security Whitepaper Request a Compliance Briefing

99.99%

SLA uptime commitment across all production environments

  <15 min 

Response time for critical severity incidents

 5 

Regulatory frameworks addressed across mena and global deployments

 

24/7

Noc monitoring and fraud detection coverage

 ARCHITECTURE

Security Design Principles

Arkan Cloud Connect is engineered around a set of foundational security principles that apply across every layer of the platform — from carrier interconnects to enterprise endpoints.

 

Zero-Trust Architecture
No implicit trust is granted between network zones. All control plane access requires explicit authentication. Signalling domains, routing policies, and management interfaces are strictly segmented.

Dedicated Per-Customer SBC
Each enterprise client receives a dedicated logical SBC instance with isolated signalling domains and independent routing policies. Cross-tenant traffic exposure is structurally prevented.

Defense-in-Depth
Protection is layered across edge DDoS mitigation, carrier-grade firewalls, SBC topology hiding, SIP normalization, and rate limiting. No single layer constitutes the complete security boundary.

Encryption by Default
TLS is enforced on all SIP signalling paths. SRTP is available for media encryption. Certificate-based authentication and strong cipher suites are applied across all platform interfaces.

Continuous Monitoring
The platform operates under 24/7 NOC coverage with real-time fraud detection engines, call pattern anomaly analysis, and threshold-based alerting across  all active voice sessions. 

Geo-Redundant Resilience
Infrastructure is distributed across multiple data centres with carrier-diverse interconnects and automatic failover. No single point of failure exists within the production architecture.

ENCRYPTION

Protocol & Encryption Standards


All communication across the Arkan Cloud Connect platform is governed by defined encryption standards applied at the signalling and media layers independently.

 

SIP Signaling Layer
TLS protocol version1.2 minimum, 1.3 preferred
Authentication methodCertificate-based
Mutual TLSAvailable where required
Cipher suitesStrong suites enforced
Topology hidingSBC-level enforcement
Media Plane (RTP/SRTP)
Media encryptionSRTP with AES encryption
Key exchangeSecured via signaling channel
Primary codecG.711
Optional codecsOPUS, G.722
Number formatE.164
Interception protectionMITM attack prevention

OPERATIONS

Operational Security & SLA Commitments


Security governance at Arkan Solutions is backed by an ITIL-based service framework covering incident management, problem management, change management, and escalation management — with defined response commitments at each severity level.

 

99.99%
Platform availability SLA across all production voice environments
<15 min
Maximum response time for Urgent and High severity incident classification
24/7
Network Operations Center coverage for monitoring, fraud detection, and alerting
3–5 days
Standard deployment window including configuration, testing, and change control
Incidents are classified across four levels — Low, Medium, High, and Urgent — each with defined response and resolution SLA commitments. Full classification criteria and escalation procedures are documented in Arkan's Service Terms & Conditions. View Terms & Conditions →

FRAUD & ACCESS CONTROL

Fraud Prevention & Security Responsibilities


Active fraud controls operate within the Arkan Cloud Connect platform at the session and signalling level, supported by role-based access management and a clearly defined security responsibility model.

 

Real-Time Anomaly Detection

Statistical models identify abnormal call patterns and session behaviors as they occur, with automated alerting to the 24/7 fraud prevention team.

 

International Destination Monitoring

Outbound call destinations are continuously monitored against defined thresholds. Abuse of high-risk international routes triggers an automated response.

 

CLI Policy Enforcement

FROM and TO header validation is enforced at the SBC level. Unauthorized CLI presentation and number spoofing are blocked before session establishment.

 

Role-Based Access Control (RBAC)

Management interface access is controlled by tier level, operational responsibility, and change approval authority — aligned with the defined escalation framework.

SECURITY RESPONSIBILITY MODEL
AREA
RESPONSIBLE
SBC security & hardening
Arkan
Signaling encryption enforcement
Arkan
Media encryption (SRTP)
Arkan
Fraud detection & monitoring
Arkan
Incident response & escalation
Arkan
Internal endpoint security
Client
End-user access controls
Client

REGULATORY

Regulatory Compliance Framework


Arkan Solutions maintains compliance with the telecom regulatory frameworks applicable across its deployment regions. Compliance obligations are managed per jurisdiction and applied to each service accordingly.

SA
CITC / CST
Kingdom of Saudi Arabia

Arkan Solutions holds a licensed operator status under the Communications, Space & Technology Commission (CST), formerly CITC. All PSTN services delivered within Saudi Arabia operate under a valid CST operator license.

CST Licensed Operator SIP Trucking PSTN Connectivity
AE
TDRA
United Arab Emirates

Services deployed within the UAE operate in alignment with the Telecommunications and Digital Government Regulatory Authority (TDRA) framework, including applicable interconnection and voice service regulations.

Voice Services Interconnection UAE Regulatory
🌐
GDPR
European Union / Global

Arkan applies GDPR-aligned data handling practices for enterprise clients with European operations or data subjects. This includes defined data residency considerations and processing boundaries.

Data Protection EU Regulation Processing Controls
SA
NDMO
Saudi Arabia — Data Governance

The National Data Management Office (NDMO) framework governs data classification and management within Saudi Arabia. Arkan's operational model is aligned with NDMO principles for enterprise voice data handling.

Data Classification Saudi Data Law Data Governance
SA
SAMA
Saudi Arabia — Financial Sector

For enterprise clients operating under the Saudi Central Bank (SAMA) regulatory environment, Arkan Cloud Connect supports the security, encryption, and availability requirements applicable to financial sector voice infrastructure.

Financial Sector Regulated Industries SAMA Alignment
🌍
Regional Operators
80+ Countries — Global PSTN

Arkan's PSTN coverage spans 80+ countries through compliant interconnection arrangements with licensed regional operators. Local number portability and emergency calling requirements are addressed per jurisdiction.

Global Coverage Local Number Portability Emergency Calling

DATA HANDLING

Data Handling Principles


Arkan Solutions applies a defined set of data handling principles across all platform deployments. These principles apply by default and are not dependent on client configuration.

01

No Call Recording by Default

Arkan Cloud Connect does not record, store, or retain voice media content by default. Recording functionality, where required, is implemented and controlled exclusively at the enterprise client layer.

02

Complete Traffic Isolation

Each enterprise client's voice traffic operates within a dedicated logical environment. Signaling paths, routing tables, and media streams are fully isolated from other tenants on the platform.

03

Number Sovereignty

E.164-formatted telephone numbers associated with an enterprise client are managed exclusively within that client's logical domain. Numbers are not shared, reassigned, or exposed beyond the defined service boundary.

04

No Third-Party Data Sharing

Arkan Solutions does not share enterprise client traffic data, session metadata, or call records with third parties unless explicitly required by applicable law or client agreement.

Standards & Frameworks

ISO 27001

Information Security Management

TLS 1.2 / 1.3

Signaling Encryption

SRTP / AES

Media Encryption

Zero-Trust

Network Architecture

ITIL

Service Governance

CST Licensed

Saudi Arabia Licensed Operator

DOCUMENTATION & CONTACT

Review the Full Documentation


The Arkan Cloud Connect Security & Compliance Whitepaper provides detailed technical documentation of the platform's security architecture, encryption standards, and operational governance model.

 

Security & Compliance Whitepaper

A detailed technical document covering Arkan Cloud Connect's security architecture, Zero-Trust design, encryption specifications, incident response model, and MENA regulatory compliance framework.

Download Whitepaper
 

Request a Compliance Briefing

For procurement teams, information security leads, or legal reviewers requiring additional documentation, Arkan Solutions is available to conduct a structured compliance review session.

Request a Briefing