Data Privacy
High Level ViewMedium Level ViewDetailed View Goals & Initiatives Products & Services Data & Information Systems & Applications Networks & Infrastructure Security Solutions
 
Introduction

This page contains detailed  information about the five components of security at DMC:

              Information Security

              Personnel Security

              Operational Security

              Physical Security

              Network Security

 
Data Privacy
  • Data privacy refers to the evolving relationship between technology and the legal right to, or public expectation of privacy in the collection and sharing of data.
DMC Principles (link)
  • DMC collects only the personal information needed to conduct business.
  • DMC asks for consent from the people they are collecting personal information from.
  • DMC treats people respectfully and their personal information responsibly.
  • DMC will protect personal information in compliance with all corporate governance policies and Government laws.
  • Example: [http://www.census.gov/privacy/files/data_protection/002822.html]
DMC Policy
  • Because it is important to DMC, we will use current data security practices and processes to protect personal information in accordance with DMC policies and Government laws.
  • DMC will not collect any personal data about customers, employees, or suppliers unless they voluntarily choose to provide DMC with personal information, provide consent, or unless otherwise permitted by applicable laws and regulations for the protection of personal data.
  • Once collected, DMC will not disseminate, sell, or otherwise market personal data to third parties.
  • Example: [http://www.siemens.com/index.jsp?sdc_p=csuo1066434dpnflm]
Data Privacy Areas

DMC is primarily concerned with data privacy in the following areas:

  • Partner and Supplier Data

    • Company information given to partners.
    • Partner/Supplier data that DMC receives.
    • Transnational data privacy where laws from other countries apply to DMC business transactions.
  • Employee Data
    • Payroll and personnel information.
    • Employee assistance information.
    • Drug-free workplace information.
  • Customer Data
    • Credit card information
    • Billing and shipping address information
    • Transnational data privacy where laws from other countries apply to DMC business transactions
  • Other Relationships
    • Government Contractual and ITAR data.
    • Professional and Trade Organization Contact Data.
Data Privacy Issues

The central data privacy issues for DMC are:

  • Separation of the data streams for customers, Government, and industrial partners/suppliers.
  • Central access system tied to the badge used for employees
 
Information Flows (link)

These are the data privacy rules used for the DMC Information Flows:

 
  Customer Facing
 
Process Privacy Requirements
Collected Request for Quote, Customer Order, and Customer Payment information must be protected.
Disseminated Quote, Shipment, and Invoice information must be protected.
Archived Only DMC Finance, Sales, and Security can access archived Request for Quote, Customer Order, and Customer Payment information.
 

 

Production & Logistics
 
Process Privacy Requirements
Collected N/A
Disseminated N/A
Archived N/A
 

 

Cost Accounting
 
Process Privacy Requirements
Collected Revenue Account information must be protected.
Disseminated Price Quote information must be protected.
Archived Only DMC Finance, Sales, and Security can access archived Revenue Account and Price Quote information.
   
 
Business Processes (link)
These are the data privacy rules used for the DMC Business Processes.
 

 

Research & Development [A1]
 
Process Privacy Requirements
Collected N/A
Disseminated N/A
Archived N/A
 

 

Engineering & Technology [A2]
 
Process Privacy Requirements
Collected Design Product [A2.1] information can only be released outside of DMC with the Engineering and customer's approval.
Disseminated Package for Production Information [A2.3] information can only be released outside of DMC with Engineering and customer's approval.
Archived Design Product [A2.1] and Package for Production Information [A2.3] information can only be retrieved with the approval of Engineering.
 

 

Manufacturing [A3]
 
Process Privacy Requirements
Collected N/A
Disseminated Package Product [A3.3] information can only be released outside DMC with Manufacturing and the customer's approval.
Archived Package Product [A3.3] information can only be retrieved with the approval of Manufacturing.
 

 

Logistics [A4]
 
Process Privacy Requirements
Collected Manage Product Procurement [A4.2] information can only be released outside DMC with Logistics and the supplier's approval.
Disseminated Coordinate Product Shipments [A4.3] information can only be released outside DMC with Logistics and the customer's approval.
Archived Manage Product Procurement [A4.2] and Coordinate Product Shipments [A4.3] can only be retrieved with the approval of Logistics.
 

 

Sales& Marketing [A5]
 
Process Privacy Requirements
Collected Determine Customer Needs [A5.2] and Finalize Sales [A5.3] information can only be released outside DMC with Sales and the customer's approval.
Disseminated N/A
Archived Determine Customer Needs [A5.2] and Finalize Sales [A5.3] information can only be retrieved with the approval of Sales.
 

 

Finance, Legal, and Personnel [A6]
 
Process Privacy Requirements
Collected Provide Personnel Services [A6.1] information can only be released outside DMC with Personnel's and the employee's approval.
Disseminated Provide Personnel Services [A6.1] information can only be released outside DMC with Personnel's and the employee's approval.
Archived N/A

 

Personnel Security
 

Security Education

  • DMC is committed to improving the organization’s information security posture by its on-going security education, awareness, and training program. The level of training depends on the degree of responsibility and interaction the person has with the system's security-related issues. Individuals have to work with their First Line Managers to work out a security training plan based on their roles.

Virus Protection

  • Virus protection is important due to the ability of malicious code to cripple everyday operations. Technical controls are in place through DMC's DMZ to detect viruses coming from external sources. Employees are not allowed to load non-standard software on company-owned PC's.

  • Virus detection software must always be running on an employee's machine. Such software is automatically updated by the company's Security Team.
Personnel Security - Personnel and Information Controls
 

Procedural Controls

  • DMC does a background check of all employees it hires.

  • Access to resources is granted through a standard approval process. The System Owner is responsible for all access to the resources of a system.

  • Each system must maintain an Access Control Policy document to show accesses it has granted to the personnel supporting and using the system. This document must be reviewed and updated every 2 months.

  • Each system must review its security controls annually and submit a report stating its compliance or non-compliance to DMC’s Security Standards. In case of non-compliance, the system must state the reason for it why and the course of action to make it compliant.

  • Change and Configuration Management is mandatory for systems that need to be SOX-compliant. CM enforces repeatable processes that make it easier to retrace the events leading to a security incident and possibly even the source of the trouble.

Audit Logs

  • Systems that need to be SOX-compliant must provide logs on sensitive access to satisfy requirements of SOX audits.

Identification

  • Each individual authorized to use the server must login using his/her personal account.

  • Non-person accounts will be created and used to run an application but there will be no direct login to this type of account. That is, if an individual needs to login to a non-person account, he/she logs in to his/her personal account first and then switches to the non-person account.

  • Every non-person account will be bound to an owner.

  • Accounts that are inactive for a year will be removed from the system.

Account Passwords

  • Passwords must be 12 characters in length and can have alpha, numbers and special characters.

  • A password can only be re-used after 3 reset cycles.

  • Weak passwords will be rejected by the server.

  • Passwords should be reset every 2 months. Applications that carry DMC Limited data must reset passwords every month.

Authentication

  • A user’s account will be de-activated after two (2) failed login attempts.

Low-trust Entities

Low-trust entities are put in virtual networks so that they can access only the IP addresses they are authorized to access. A low-trust entity’s connection is contained within a virtual network. A user within this network is first taken out of DMC’s intranet then logged back in to DMC through DMZ. Below is a diagram on how this is implemented.

 
Operational Security
 

Security Controls and Solutions

DMC’s security controls can be categorized into:

  • Controls to Support. These controls are generic and underlie most information technology security capabilities.

  • Controls to Prevent. These controls focus on preventing a security breach from occurring.

  • Controls to Detect and Recover. The controls in this category focus on the detection and recovery from a security breach.

Supporting Controls

Supporting controls are, by their very nature, pervasive and interrelated with many other controls. The supporting controls are:

  • Identification -- This control provides the capability to uniquely identify users, processes, and information resources.

  • Key management -- Keys giving access must be securely managed.

  • Security administration -- This control provides the needed administration of security features to account for changes in the operational environment.

  • System protections -- Underlying the various security functional capabilities is a base of confidence in the technical implementation. Some examples of system protections are: residual information protection (also known as object reuse), least privilege, process separation, modularity, layering, and minimization of what needs to be trusted.

Prevention Controls

These controls can prevent the security breach from ever happening:

  • Protected communications -- The protected communications control ensures the integrity, availability, and confidentiality of information. DMC is addressing all three requirements.

  • Authentication -- It is often extremely important to ensure that a claimed identity is valid. The authentication control provides the means to verify the identity of a subject.

  • Authorization -- The authorization control enables specification and subsequent management of the allowed actions for a given system.

  • Access control enforcement -- When the subject requesting access has been validated for access to particular processes, it is still necessary to enforce the defined security policy. The access control enforcement control provides this enforcement, and frequently the enforcement mechanisms are distributed throughout the system. It is not only the correctness of the access control decision, but also the strength of the access control enforcement that determines the level of security obtained.

  • Non-repudiation -- System accountability depends upon the ability to ensure that senders cannot deny sending information and that receivers cannot deny receiving it. Non-repudiation is a control that spans prevention and detection. This control prevents the ability to successfully repudiate an action and is performed at the point of transmission or reception. This control is a must for applications that need to be SOX-compliant.

  • Transaction privacy -- The transaction privacy control protects against loss of privacy with respect to transactions being performed by an individual.

Detection and Recovery

Because no set of prevention measures is perfect, it is necessary to both detect security breaches and to take actions to reduce their impact. The controls below are mandatory in applications that need to be SOX-compliant:

  • Audit -- The auditing of security relevant events is a key element for after the-fact detection of and recovery from security breaches.

  • Intrusion detection and containment -- It is essential to detect insecure situations in order to respond in a timely manner. Also, it is of little use to detect a security breach if no effective response can be initiated. The intrusion detection and containment control provides these two capabilities.

  • Proof of Wholeness -- In order to determine that integrity has been compromised, the ability must exist to detect when information or system state is potentially corrupted. The proof of wholeness control provides this ability.

  • Restore ‘secure’ state -- When a security breach occurs, the system must be able to return to a state that is known to be secure.

  • DMC’s General Security Standards and Solutions Manual contains specifics on how the company is implementing the above controls. Please click here go to this manual.
System Certification
 

System Certification

  • Formal notification from the DMC Security Manager that a system in a specific configuration has completed all remediation actions required as a result of security testing and evaluation.

System Accreditation

  • Formal notification from the DMC CIO that a system can operate in the configuration it was tested and certified in.

DMC System Certification Policy

  • All System and Application components will be accredited before being placed on the DMC production network.

  • All Network and Infrastructure components will be accredited before being placed on the DMC production network.

    • DMC will accredit Network & Infrastructure components with the introduction of a new standard network or hardware.

  • Only the DMC CEO or CIO can grant exceptions to this policy.

The diagram below gives an overview of the DMC System Certification and Accreditation Process.
 
   
 

Start Events

  • Responsible: System Owner
  • Event 1 - Accredited System or Application configuration changed.
  • Event 2 - Accredited Network or Infrastructure configuration changed.
  • Event 3 - New System or Application being introduced.
  • Event 4 - New Network or Infrastructure being introduced.
  1. Risk Assessment
    • Responsible: System Owner and DMC Security
    • Description: Joint determination of the risks involved in deploying this system or application on the production network.
  2. Test and Evaluation
    • Responsible: DMC Security
    • Description: Identification of security vulnerabilities and an evaluation of their effect on the production environment if no remediation action is taken.
  3. Vulnerability Remediation
    • Responsible: System Owner
    • Description: Corrective actions are taken to resolve the security vulnerabilities identified in test and evaluation.
  4. Certification
    • Responsible: DMC Security
    • Description: Review and buyoff by the DMC Security Manager for a System or Application to operate in the production environment.
  5. Accreditation
    • Responsible: CIO
    • Description: Review and buyoff from the CIO for a certified System or Application to operate in the production environment.

 Accredited Systems & Applications

Front Office Systems

·         Marketing Management System at version 6.0 on 4/1/2006.

·         Sales Application System at version 5.0 on 4/1/2006.

Back Office Systems

·        EPP WELLCO at version 8.0 on 11/24/2006

·         Shipping & receiving application at version 7.0 on 3/31/2006

·         PeopleSoft HCM at version 8.17 on 12/15/2005, to be phased out by 1/31/2007

·         CATIA at version R15 on 2/3/2006

·         DELMIA version R15 on 4/15/2006

 

 

Certified Systems & Applications

Front Office Systems

·         Sales Application System at version 6.2 on 2/17/2007, certified on 5/1/2007.

Back Office Systems

·         EPP WELLCO at version 8.0 on 11/24/2006,certified on 2/1/2007.

·         Shipping & receiving application at version 7.0 on 3/1/2006 , certified on 3/31/2006.

 

 

Accredited Network & Infrastructure

Wide Area Network

·         Houston to Jacksonville was accredited at T1 on 1/31/2001.

·         Houston to Los Angeles was accredited at T1 on 1/15/2002.

·         Houston to Phoenix was accredited at T1 on 8/2/2006.

Local Area Network

·         Houston, TX was accredited at 100Mbs on 1/15/2000.

·         Jacksonville, FL was accredited at 100Mbs on 1/31/2001.

·         Los Angeles, CA was accredited at 100Mbs on 1/15/2002.

·         Phoenix, AZ was accredited at 100Mbs on 7/15/2006.

Equipment

·         Accredited CISCO network equipment on 6/15/2006.

·         Accredited all DELL servers on  6/15/2006.

·         Accredited all DELL desktop and laptops on 6/15/2006.

Non-certified System & Applications

Front Office Systems

·         None

Back Office Systems

·         None

 

 

Certified Network & Infrastructure

 

Wide Area Network

·         No certifications pending.

Local Area Network

·         No certifications pending.

Equipment

·         No certifications pending.

 

 

Non-certified Network & Infrastructure

Wide Area Network

·         None

Local Area Network

·         None

Equipment

·         None

   
Risk Assessment
 
   

 
 

© 2007 CMU/Boeing Class - all rights reserved