Security in Space: Intelsat Information Assurance

Similar documents
IP Telephony Management

University of Pittsburgh Security Assessment Questionnaire (v1.5)

November Defining the Value of MPLS VPNs

Inmarsat Global Xpress Global, Mobile, Trusted. U.S. Government > Services > Global Xpress

Injazat s Managed Services Portfolio

White Paper: Librestream Security Overview

Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture

BMC s Security Strategy for ITSM in the SaaS Environment

How Proactive Business Continuity Can Protect and Grow Your Business. A CenturyLink White Paper

OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

Cisco Advanced Services for Network Security

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

IT Networking and Security

How To Protect Your Network From Attack From A Network Security Threat

Microsoft s Compliance Framework for Online Services

UCS Level 2 Report Issued to

THE BLUENOSE SECURITY FRAMEWORK

Alcatel-Lucent Services

GOVERNANCE AND SECURITY BEST PRACTICES FOR PAYMENT PROCESSORS

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Client Security Risk Assessment Questionnaire

Supplier Security Assessment Questionnaire

FormFire Application and IT Security. White Paper

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

Continuity of Business

Autodesk PLM 360 Security Whitepaper

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

Payment Card Industry Data Security Standard

Colocation. Scalable Solutions for a Shared IT Infrastructure. Enterprise. Colocation

KeyLock Solutions Security and Privacy Protection Practices

North American Electric Reliability Corporation (NERC) Cyber Security Standard

State of Texas. TEX-AN Next Generation. NNI Plan

Projectplace: A Secure Project Collaboration Solution

CHIS, Inc. Privacy General Guidelines

MPLS: Key Factors to Consider When Selecting Your MPLS Provider Whitepaper

Recommended IP Telephony Architecture

Security. Security consulting and Integration: Definition and Deliverables. Introduction

GE Measurement & Control. Cyber Security for NEI 08-09

Evaluation Report. Weaknesses Identified During the FY 2013 Federal Information Security Management Act Review. April 30, 2014 Report Number 14-12

WHITEPAPER MPLS: Key Factors to Consider When Selecting Your MPLS Provider

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY

SAP Product and Cloud Security Strategy

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

state of south dakota Bureau of Information & Telecommunications Provide a Reliable, Secure & Modern Infrastructure services well-designed innovative

Securing the Service Desk in the Cloud

Supplier Information Security Addendum for GE Restricted Data

Security Controls What Works. Southside Virginia Community College: Security Awareness

Executive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy:

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

EVALUATION REPORT. Weaknesses Identified During the FY 2014 Federal Information Security Management Act Review. March 13, 2015 REPORT NUMBER 15-07

How To Ensure The C.E.A.S.A

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Security from a customer s perspective. Halogen s approach to security

FUNCTIONAL AREA 12. Network Administration (NET)

Vendor Audit Questionnaire

Making the Case for Satellite: Ensuring Business Continuity and Beyond. July 2008

Multi Protocol Label Switching (MPLS) is a core networking technology that

Certified Information Systems Auditor (CISA)

Security Whitepaper: ivvy Products

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Information Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

Intelligent Data Center Solutions

Iris Gateway Satellite Services Ltd. Bridging the World

Secure networks are crucial for IT systems and their

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

CISM Certified Information Security Manager

Microsoft s cybersecurity commitment

The Protection Mission a constant endeavor

The Impact of HIPAA and HITECH

IBM Internet Security Systems October FISMA Compliance A Holistic Approach to FISMA and Information Security

Colocation. Scalable Solutions for Shared IT Infrastructure. Enterprise. Colocation

IBX Business Network Platform Information Security Controls Document Classification [Public]

CLOUD SERVICES FOR EMS

Consultative report. Committee on Payment and Settlement Systems. Board of the International Organization of Securities Commissions

IT Networking and Security

Technology Risk Management

Bellevue University Cybersecurity Programs & Courses

Xerox Litigation Services. In the Cybersecurity Hot Seat: How Law Firms are Optimizing Security While Reducing Cost and Risk

SUPPLIER SECURITY STANDARD

1 Introduction 2. 2 Document Disclaimer 2

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

ClickTale Security Standards and Practices: Delivering Peace of Mind in Digital Optimization

Logging In: Auditing Cybersecurity in an Unsecure World

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Company presentation 2014

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Securing the Cloud Infrastructure

Security Controls for the Autodesk 360 Managed Services

Information security controls. Briefing for clients on Experian information security controls

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

<cloud> Secure Hosting Services

The Information Assurance Process: Charting a Path Towards Compliance

Central Agency for Information Technology

Transcription:

Security in Space: Intelsat Information Assurance 14/03/6997

Intelsat Information Assurance Intelsat maintains the highest standards of Information Assurance by assessing and building the Intelsat infrastructure, networks and third party infrastructures against the most stringent DoDI 8500.2 MAC Level I controls. Intelsat s Information Assurance program focuses on prevention and restoration by taking a systematic defense-in-depth approach that detects, prevents and mitigates attacks enhancing resilience and mission assurance in its satellite, ground and network infrastructure. The program is centrally managed by Intelsat s Information Security team which is the authority for all Intelsat Information Assurance policies. Further, Intelsat maintains a comprehensive Information Assurance assessment and remediation program that includes annual penetration assessments, organizationwide control assessments and third-party SOC3 audits against Intelsat s satellite and terrestrial service environments including Intelsat s satellite commanding, teleport, terrestrial and service management infrastructure and relevant service procedures. Intelsat s Information Security function centralizes global responsibility for Information Assurance while basing its control framework on ISO 27001 and DoDI 8500.2 MAC Level I. Information Security works proactively to maintain the availability, security and confidentiality of Intelsat data and applications throughout its service and enterprise networks. Information Security Framework Intelsat s Information Security framework addresses continuously evolving threats and risks using a lifecycle approach that consists of the following phases: Set security goals Identify assets, applications, networks and services Assess risks (consequences, vulnerabilities and threats) Prioritize Implement protective programs Measure effectiveness Information Security implements its framework to address the following across its service and enterprise networks: Information Security compliance Policy Access control Threat, vulnerability and incident management Remote access Awareness and education Network management applications Secure design and configuration Security information and event management Figure 1: Information Security Framework Set Security Goals Measure Effectiveness Identify Assets, Systems, Networks & Services Implement Protective Programs Assess Risks of Attackers, Types of Attacks Prioritize 2

Security in Space Information Security Compliance Intelsat developed its Information Security framework utilizing the security controls from multiple industry standards and government regulations. Intelsat adheres to and assesses against the following: ISO 27001/27002 DoD 8500.2 - MAC 1 Compliance Sarbanes-Oxley HIPAA HITECH Information Security Countermeasures Intelsat employs relevant and layered countermeasures to combat the most advanced threats against industry and government. Intelsat continuously evaluates the threat landscape and the effectiveness of its countermeasures; adjusting and adapting to the latest threat actors and attack methods. Figure 2: Security Countermeasures are categorized as: 3

Intelsat s Service Infrastructure is Designed for Reliability Intelsat s fleet of satellites provides communications services to 99 percent of the world s populated regions. Intelsat s fleet is resilient; in many cases satellite capacity is available to restore services in the event of a major outage on the customer s primary satellite. For satellite monitoring and control operations, Intelsat operates fully redundant operations centers in Washington, DC and Long Beach, CA with a redundant and tertiary global architecture. Access to Intelsat s global fleet is provided by a collection of teleports designed to support customer applications ranging from broadband services to television programming distribution. Backup for satellite uplinks and downlinks at Intelsat s teleports allows Intelsat to minimize down time in case of outages, or when inclement weather affects the quality of the signal at the customer s primary teleport facility. IntelsatOne SM is a global, terrestrial architecture, consisting of an Internet Protocol (IP) / Multiprotocol Label Switching (MPLS), fiber, teleport, and points of presence (PoP) service network. The architecture is integrated and complements Intelsat s global satellite fleet, providing a single source for converged voice, video, and data solutions. The IntelsatOne design includes alternative fiber routing with connectivity to its teleports, major media hubs and city PoPs to back up customers primary fiber paths. IntelsatOne provides a converged carrier-class network that integrates and extends multi-services, such as media and data services, for a variety of customer applications. The network integrates terrestrial and satellite access technologies to facilitate end-to-end service delivery models. The IntelsatOne network is further supported by management and administration applications that are used to provide control and oversight of the Intelsat service infrastructure. Ground applications are used for purposes of controlling teleport equipment and equipment utilized for uplink and downlink capabilities. Intelsat s Service Procedures are Fully Integrated with Our Satellite Commanding Intelsat follows established procedures for commanding Intelsat and third-party satellites. Command procedures are documented, controlled and managed, and are independently verified. Pre-approved commands are selected from a command database and require verification prior to transmission. For command security, Intelsat employs a tactical combination of facility, RF and command encryption practices to provide a layered structure for secure commanding. Meetings are held each weekday to review operational activities for the prior period and discuss the upcoming period. Each Satellite Operation Center serves as a fully redundant hot standby for the other center. Each Satellite Operation Center can command the entire fleet at any time and can transmit commands utilizing multiple teleports. In addition, each center can remotely operate the other center s equipment, which minimizes the time for transfer. High Availability High availability and resiliency are incorporated in the design, implementation and operations of Intelsat s network services. Intelsat follows standard procedures to help ensure assets are operating in a normal state and takes appropriate action to investigate and remediate events. In addition, regular preventative and corrective maintenance is performed to identify equipment in need of maintenance or replacement prior to an actual failure. Change Management Intelsat utilizes change management procedures to minimize the potential for disruption to services while emphasizing logging and auditing for correlation and event notification. Change requests are communicated to multiple departments as part of change management procedures and reviewed prior to scheduling and implementation. Critical operations and associated technologies follow a business continuity and disaster recovery process along with testing to help ensure the operability of disaster recovery sites. 4

Security in Space Physical and Logical Access Control Intelsat also employs layers of physical security controls and processes at its locations, including gated access, security cameras, badge controlled access and manned security desks at primary entry points. Additional physical controls are implemented within critical operations areas and Satellite Operations reside in a segmented protected environment. Procedures related to logical access control are centrally managed within their respective environments and are based on the principles of authorized approval, least privilege, role-based access and segregation of duties. All network segmentation and network access controls are managed and overseen by Intelsat Information Security. Contact Us For more information, please contact your local regional representative at: Africa: sales.africa@intelsat.com Asia-Pacific: sales.asiapacific@intelsat.com Europe & Middle East: sales.eme@intelsat.com Latin America & Caribbean: sales.lac@intelsat.com North America: sales.na@intelsat.com Further Detail on Intelsat s Leading Intelsat regularly meets with its customers to discuss information assurance concerns and areas for collaboration to improve the mutual environment. If your company is interested in further discussing Information Assurance and your network environment, please contact your sales representative to schedule a session. 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information