ODC(Off-Site/Off-Shoredevelopmentcentre)

IntelInformationTechnology

InformationRiskandSecurity

SupplierSecurityRequirements

Expectations

For

ODC(Off-site/Off-shoreDevelopmentCentre)

Version3.3

SupplierSecurityComplianceAgreement:

Signedby:

Company:

Responsibility:

Date:

Thisaddendumspecifiesminimumsecurityrequirementstobeimplementedandmaintainedwhena3rdPartyisissuedwith,andmanages

IntelHighValuePhysicalIntellectualPropertyoutsidethecontrolsofanIntelfacility.

PleasereturnthissignedODCSupplierSecurityRequirementsandExpectationsdocumenttoIntelInformationSecurity.Thisdocumentwillbeperiodicallyupdated,baseduponevolvingthreatsandsecurityrequirements,andre-distributedtoIntelSuppliers.

VERSION3.3ODCSECURITYEXPECTATIONS

Contents

1.0ODCPHYSICALSECURITY...... 4

1.1PHYSICALACCESSCONTROL...... 4

1.2ACCESSCONTROLSANDRETENTIONSCHEDULES...... 5

1.3NETWORKSECURITY...... 5

2.0ODCOPERATIONALSECURITYEXPECTATIONS...... 8

2.1CLASSIFIEDDATA...... 8

2.2ADDITIONALRULES...... 9

2.3ENGINEERINGSAMPLES...... 9

3.0UNIVERSALSECURITYPRINCIPLES...... 11

3.1INTELINFRASTRUCTUREACCESSPREREQUISITES...... 11

3.2LEGALANDREGULATORYREQUIREMENTS...... 12

4.0SECURITYMANAGEMENT...... 13

5.0DATAPROTECTION...... 15

6.0ODCGOVERNANCECOMPLIANCE...... 16

6.1INTELODCGOVERNANCECOMPLIANCE...... 16

6.2SUPPLIERCOMPLIANCEEXPECTATIONS...... 16

DOCUMENTOBJECTIVES

ProvideminimumsecurityrequirementsforanIntelOffsiteDevelopmentCenter(ODC)todeliverprotectiontoIntel

IntellectualProperty(IP)alignedtoIntel’sInformationSecuritypolicy.

SCOPE

ThisdocumentisintendedtodefineOffsiteDevelopmentCenter(ODC)securityrequirementsandoperationalex-pectations.CompliancetosecurityrequirementshereinisrequiredbeforeanODCgoesliveandstartsworkwithIn-telIP.Anysubsequentrevisionchangeswillrequirefullcompliancenolongerthan90daysaftersigning.

AUDIENCE

Intelsupplierproviding:Resources;Collaboration;Producthardware,firmwareorsoftwaredevelopmentand/orsup-port;Validationtesting:SupportofBusinessCriticalorMissionCriticalapplications;SolutionsdevelopmentorSys-temhosting.

ASSUMPTIONS

AllarrangementshavebeenmanagedthroughIntelProcurement

SignedNon-DisclosureAgreements(NDAs)areinplacewiththesupplierbeforesharingthisdocument

PersonaldatamustbeclassifiedaseitherIntelConfidentialorRestrictedSecret

NewrelationshipsarereviewedbyIntelSecureOutsourcingorSecureExternalPresenceprocess

ODC’saresubjecttocompliancereviewsonaregularcadence,withoversightbyODCGovernance.Supplierwillhaveupto60daystomitigateandrisks/non-compliancesidentified.

IPdataclassificationshavebeenidentified,communicatedanddocumentedintheStatementofWork(SOW)by

IntelbusinessandratifiedbytheirIPAttorney

LegalandregulatoryrequirementsforIntellectualProperty(IP)),HighValuePhysicalIntellectualProperty

(HVPIP),DataPrivacy,Sarbanes-Oxley(SOx)andControlledTechnologies

Suppliersareaccountableforcompliancetocontrolsdefinedherein.

USECASES

Supplierishostingdirectlywithinternetfacingwebsites

SupplierprovidestestandvalidationservicestoIntelProductDevelopmentgroups

Supplierprovideslaboratoryfacilitiestosupportthetesting,validationandengineeringservices

Externalsupplierprovidesanyservices,personnelorfacilitiestosupportIntelsystemsandapplications

SupplierprovidesremoteapplicationengineeringsupporttoInteldevelopmentorproductionenvironments

Supplierprovidesengineeringservicesforhardware,firmwareandorsoftwareforIntelproductdevelopment

DEFINITIONS

REQUIREDforalldatatypes:Specificsecuritycontrolsrequiredbydefaultregardlessoftheinformationsensitivityorclassificationlevel.Thesuppliermustcomplywiththeserequirementsandtheseitemsmaybeauditedforcom-pliance.

REQUIREDforTopSecretclassifieddata:SpecificsecuritycontrolsrequiredbydefaultforinformationclassifiedbyIntelasTopSecret.Thesuppliermustcomplywiththeserequirementsandtheseitemsmaybeauditedforcompli-ance.NOTE:PersonaldataclassificationistheresponsibilityoftheappropriateIntelPrivacysubjectmatterexpert.

1.0ODCPhysicalSecurity

MeasurestakentoprotectODCsystemsandrelatedsupportinfrastructureagainstthreats.

1.1PhysicalAccessControl

REQUIRED
forallData / REQUIREDfor
ITSdata
Egresspointssecuritycontrolled,andaccessrestrictedforbusinessneedonly.Logsrecordedandmaintainedfor90
days.
WhereODChasalaband/orHVPIP,unauthorizedaccesspre-vented(e.g.falseceilings,tailgatingetc.).Musthaveintrusiondetection24x7.
Allcontrolledarea‘emergencyexit’doorsmustsoundanalarmwhenopened.
Allegresspointsmusthaveautomaticclosingdevices,withanalarmactivationifproppedopenedforlongerthan30sec-onds.Activationrequiresasecurityincidentresponse.
WhereODCisongroundfloor,allwindowsmustbesealedorsafeguardedwithlocksandhavetamperproofsensorsoralarmsensors.Alarmactivationmustinstigateanincidentre-sponse.Allalterationstowindowsmustcomplywithlocalgovernmentregulations.ContactIntelExternalCollaborationGroupforresolutionifthere’sanyconflictbetweenIntel’sre-quirementsandlocalgovernmentregulations.
TheODCshouldnotbeapparentbylabelling(e.g.signs,evac-uationmaps).
WhereODCisongroundfloorallglassontheperimeterof
ODCisobscured.
Securityalarmactivationand/orunauthorisedaccessinci-dentsaredocumented,andmadeavailabletoIntelbyre-quest
 / Silicon/SystemonaChip(Si/SOC)integra-tionprojectsclassifiedasIntelTopSecret
(ITS)mustbelocatedinisolationfromanyotherprotects.
Unauthorizedaccessprevented(e.g.falseceilings,tailgatingetc.).Musthaveintru-siondetection24x7.
AllglassoninternalperimeterofODCisob-scured.
LabsrequirephysicalandlogicalisolationfromODCofficeenvironment,andhaveuniqueaccesscontrols
Devicesanddatamustbestoredsecurelywhennotinuse.ImplementationofthesecontrolsincludinggovernancemetricsareauditablebyIntel.
Suppliermustimplementcontrolstopre-ventIPand/orHVPIPfromleavingtheODCwithoutauthorization.Areasoffocusin-cludebutnotlimitedtoentry/exitpoints,windowsandtrash.
AccesstoLabenvironmentsandHVPIPstoresarerestrictedtothosewithabusi-nessneedtoknow.

ODClocationmoves,ODCextensionsChangeNoticeRequirement

1.ODCroomsthatarenotanintegralpartofanexistingapprovedregisteredODCmustbeconsideredasa

separateODC,whichwillrequireitsownsetofcompliantcontrols.InallcasesIntelExternalCollaborationGroup

mustbeinformedbeforeanymovetonewlocationsoccurs.TheSecuritycontrolswillrequirevalidationbefore

implementationorprojectsupport.

2. ExtensionstoexistingODC’smustbemanagedbyIntelExternalCollaborationGroup.ThereforenoticetoExternalCollaborationGroupisrequiredbeforeanyextensionworkstarts.Interimsecuritycontrolsneedtobeproposedandapprovedbeforeextensioncommences.

1.2AccessControlsandretentionschedules

REQUIRED
forallData / REQUIREDfor
ITS data
Accessgrantedtothegranularityofeveryauthorizedperson,andisbasedonIntelbusinesssupportonly.
AllvisitorsmustsigninandoutofODCarea
Accesslogsretentionperiod3month’sminimum.
Visitorpolicyincludesanotourspolicy.
Authorizedaccesslistscrubbedatleastonceperquarter.
LabsaresubjecttoallInformationSecurityPolicySecurityre-quirementsandcontrolsandlabaccessisbasedonbusinessneedonly. / VisitorsincludingJanitorialstaffmustbeescortedatalltimes
AccessgrantedtoauthorizedpersonslistedinRUNDA
AlldevicesconnectedtoIntelGlobalBusi-nessNetwork(IGBN)willhavewholevol-umeencryption(PGPorMcAfee)and
EnterpriseRightsManagement(ERM)de-ployed.

1.3NetworkSecurity

foralldata(Confidential,RestrictedSecretandTopSecret)

ODCnetworkshaveonly2modesofoperationandsupportthatcanbeapprovedbyIntel:

1.Intelownedandmanagednetworkanddevices

2.Supplierownedandmanagednetworks

Thissectiondefinessupplierresponsibilityforeachtypeofnetworkmanagementforsetup,approvals,sustainingman-agementandcomplianceaccountabilities.

Intelownedandmanagednetworks

NetworkInfrastructureisolated/segregatedtoenablethedevelopmentandimplementationofasecureinterconnectiontunnelbacktoIntel.

IflabwithintheODChasdirectinternetaccessafirewallpreventinganyunauthorizedaccesstoIntel’sGlobalBusi-nessNetworkmustbedeployed.Allunusedservicesandportsaretobedisabledbydefault.

Networktrafficsecuritycontroldevice(routerorfirewall)mustlogicallyisolateorsegregatethelabnetworkfromtheODCofficenetwork.

Alltelecommunicationsequipmentmustbelocatedinasecureroomwithmanagedaccesscontrol.

Allcablingmustbesecuredorhavetamperproofdetectionandalerting.

AllequipmentmustbereturnedtoIntelwhennolongerrequired.

Supplierownedandmanagednetworks

NetworkInfrastructureisolated/segregatedtoenablethedevelopmentandimplementationofasecureinter-connectiontunnelbacktoIntel.

BeforeanyconnectiontoIntelismade:WorkwithIntelITNetworkOperationstopresentproposedtopologyforapprovaltoimplementnetworkspecificcontrols.DetailsdefinedinsectionReviewbelow.

Allnetworkequipmentisconfiguredsecurely,implementingconfigurationdetailsdefinedinsectionConfigura-tion,below,ataminimum.

AllnetworkequipmentiscontinuouslymanagedincompliancetosectionMonitoringbelow.

ChangestoanyapprovednetworkmustbereviewedbyIntelNetworkOperationsbeforeimplementation,unlesschangewasremovingsecurityriskorvulnerabilitydetecting.InthelatterinstanceIntelNetworkOperationsmustbenotifiedwithupdatedtopologydiagramswithin48hoursofchange.

IflabwithintheODChasdirectinternetaccessafirewallpreventinganyunauthorizedaccesstoIntel’sGlobalBusi-nessNetworkmustbedeployed.Allunusedservicesandportsaretobedisabledbydefault.

Alltelecommunicationsequipmentmustbelocatedinasecureroomwithmanagedaccesscontrol.

Allcablingmustbesecuredorhavetamperproofdetectionandalerting.

REQUIRED

forSupplierProvidedNetworkEquipmentforalldatatypes

PriortolivedataconnectionbetweenIntelandSupplier,networkdeviceconfigurationmustbereviewedbyInteltodetermineifadequatecontrolsareinplacetoprotectconfidentiality,integrity,andavailabilityofIntel'sinformationassetsandsystems.

ReviewpriortoenablingdatacommunicationsbetweensupplierandIntelCorporation

DetailsRequiredforreview:

Networktopologydiagramsillustratingdeviceconfigurationanddataflows.Inteltoprovidenetworkto-pologytemplates.

oDevicename,devicetypeandpurpose

oPortandprotocolofproposednetworkingequipment

oExternalIPaddressoffirewalls/routerswithdirectinternetaccess

Networkequipmentsecurityspecification(IntelMinimumSecuritySpecification(MSS))

oDevicetype

oOperatingsystem

oFirmware/Patchrevisionprocessandcommitmentofimplementation

Logicalaccesscontrolsprotectingnetworkhardware

oImplementationofmultilevelpassworduse

oRestrictionofsourcesforallremoteadministrativeaccessusingonlysecureprotocols(ex:Secure

Shell(SSH)/https)Configurationsufficienttoprotectagainstdisruption,tampering,oreavesdrop-

ping

Networkdeviceaccess

oSNMPaccessmustbenon-defaultsettingsforRead-OnlyorRead-Writeaccess

oRestrictaccesstodevicetoonlysourcethenecessaryIPaddress

Administratoraccesscontrols

oAlladministrativepasswordsmustbestoredsecurely(ex:Ifusinglocalenablepasswords,thenuse‘secret’passwords)

oAllowadminaccessfromcertainsourceIPaddressesasnecessary

Allaccountsmustusepropersecurity:Nodefaultusernamesorpasswords

Implementachangecontrolprocessensuringchangesaremanaged,reviewedandrecorded

CONFIGURATION:

Allnetworksthatterminateatsite-to-siteVPN’sorPoint-to-PointVPN’stoIntelmustuseIP-SecnetworkparameterswithatleastminimumstrongsecurityofAESencryptionmethodor3DESifAESnotsupported

oNetworksmustdisableportsandprotocolsandservicesthatarenotactivelyrequired(eg.HTTP,HTTPS,FINGER,BOOTP,TCP/UDPsmallservers,etc.)

Suppliernetworksmustutilizeapprovednetworktrafficroutingandimplementthefollowingwheresup-portedbyhardware

oNoIPsourcerouting

oServicepasswordencryption

oLoggingenabledandsenttoacentralserverforstorage

oEstablish‘terminal’(VTY)passwords(forconsoleaccess)

oAuto-loadingdisabled(forbootingdeviceremotely)

oTimeoutvaluespresentonconsoleandremoteVTYsessions

oIPdirectedbroadcastdisabled

oIPredirectsdisabled

oTransitencryption=TLS1.2/128-bitAES

oProxyARP(AddressResolutionProtocol)disabled

oIPmask-repliesdisabled

oUtilizeonlyauthorizedIPaddresses

Allnetworksinstallationsmustconsiderthefollowingwhenconfiguringrouting

Ifnetworkgearisrouting,isolateroutingfunctionsphysicallyorlogically

oPhysical-useadedicatedL3routerforIntelbusinessonly

oLogical-useaVirtualRoutingForwarding(VRF)orequivalentseparationmechanismtokeepIntel

businessroutingisolatedfromthenon-Intelbusinessnetworks

MONITORING:

Forallsustainingnetworkmanagementthefollowingisrequiredofsupplier:

NotifyIntelwhensignificantchangesaremade,byupdatingrequirementsforreviewabove.Changeexam-plesinclude:Deviceupgrades,operatingsystemupgrades,majorsystemupdates,equipmentmodifica-

tionsorsecurityconfigurationchange

Providenetworkdeviceconfiguration/changereportscompliantto“review”paragraphabove

NetworkexcursionreportingprocessincludesIntelInformationRiskandSecurityManagement(IRSM),In-telNetworkEngineering(NE)andThreatManagementasdefinedinsection2.1ODCOperationalSecurity

Expectations

Intelreservethe‘righttoinspect’allODCon-sitenetworkingequipment

AllnetworkingequipmentsecurityeventlogspreservedforforensicevaluationandmadeavailabletoIntel

Securityintheeventofanincident

RemoteauditcapabilityofODCnetworkhardwareissupportedorenabledwhenrequestedbyIntel

ProvisionforInteltoaccessODCnetworkforevaluationofdeviceconfiguration.InteltoprovidescanningsourceIPtosupplier.

FirewallruleallowingIntelscanningservicesaccesstoODCnetworkingequipment.Inteltoprovidedetailsondeviceconfiguration.

ODCnetworkinghardwareisregisteredinanassetregisterdatabase

Assetsmustbetraceabletoanowner

AssetdatamustbemadeavailabletoIntelNetworkOperationforuseincaseofemergency

2.0ODCOperationalSecurityExpectations

2.1Classifieddata

REQUIRED
forallData / REQUIREDfor
ITS data
1.ODCPhysicalSecurityRequirementsareimplementedinfull.
2.Systemslogicalaccessmanagedinalignmenttophysicalaccess.
3.SupplieremployscontinuousimprovementprogramsforODCcon-trolswhererequired.
4.IntelassetsarenottoberemovedfromODCunlesspreapprovedby
Intelandeachassetmustbetraceableandauditable.
5.SuppliernetworkmustbeseparatedfromIntel’sdistributednet-work.
6.LabnetworksmustbeisolatedorsegregatedfromIntel’snetwork.
7.HVPIP,OnLoanequipmentandIntelIPdocumentsmustbepro-tectedatalltimes,andmustbelockedupwhennotinuse.
8.AllIntelmaterialsmustbeinventorymanagedwithregularcyclecountsandreportingsystem.
9.IncidentsinvolvingODCmanagement,ODCpersonnel,orunauthor-izeddataaccessaretobereportedto ReportIncidenttoIntel.
10. IncidentswhichresultinlossordamagetoIntelassetsand/orHVPIP
musthavealocalpolicereportnumberreportedtoIntel.
11. SuppliertoimplementcomplianceauditprogramstomeasureODC
controlssuccessandprovideresultsreportstoInteluponrequest.
12. PostODCrules,andimplementreadandunderstandprocessinloca-tionseenbyallODCCW’sworkingonIntelprojects. / Storagedevices,smartphones,camerasandcameraphonesareprohibitedinLabareas,DataCen-tresandtheODCofficeareaatalltimes.
AllstoragedevicesTopSecretdatamusthavestorageencryptionem-ployed.


2.2AdditionalRules

TheseODCRulesshouldbeprintedandpostedclearlyintheODC

ODCRulesincludebutarenotlimitedto:

REQUIREDforalldata

TreatallInteldataasconfidential(asdefinedintheMasterServicesAgreement(MSA))

Intelpre-approvalrequiredbeforeremovalofIntelassetsfromODC

Systemsaccountsharingisprohibited

Donotletothersuseyoursystem,youareaccountable

Beawareallsystems,applicationsandaccessesaremonitoredandlogged

ProhibitStoragemedia(CD/DVD-ROM’s,Diskdrives,USBflash,iPodsMP3)whereIntelTopSecretprojectsareexecuted

PhotographyinODCorODClabsisstrictlyprohibitedwithoutIntelBusinessorSecurityapprovals

Printoncolouredpaperonly–toidentifyIntelprintedmaterials

PrintedmaterialscannotberemovedfromODC

Printedmaterialsdisposalbyshredding

DonotshareIntelinformationwithothers,unauthorizedaccessisnotpermitted

DonotinstallunauthorisedorunlicensedsoftwareonIntelsystems

IntelsystemadministrationisrestrictedtoIntel’sTechnicalAssistancegroup

AllIntelHVPIPmaterials,onloanequipment,printedIPdocumentsand/orInteldevicesmustbeprotectedatalltimes,andlockedawaywhennotinuse

2.3EngineeringSamples

IntelProducts / EngineeringSamples:loosecomponents,Boardsw/Silicon,system,FormFactorReference
Design(FFRD)andSolidStateDisks(SSD’s)
UnitTracking / AllEngineeringSamplesaretobetrackedbyuniqueidentifiersuppliedatIntel
SuppliertomaintainanuptodateinventoryofIntelassignedEngineeringSamples
ImplementsecureUnitTrackingSystem(UTS)forlocationofallEngineeringSamplesinventory
Ifserialnumberisnotreadable,unittrackingcanbeperformedatabatchlevel
InventoryVerification / InventoryreconciliationbetweenIntelbusinessunitandsupplier
VerificationfrequencyandsamplesizetobedefinedbyIntelbusiness(Minimumquarterlyrequired)
Anydiscrepancymustberesolvedwithinoneweek.Ifmissingaunit,reporttotheIntelprojectleadsothatIntelcanconductanincidentresponse.
ReconciliationdocumentwillbeusedasauditevidenceduringIntelcomplianceaudit
Securehandling/Storage / Inventorymustbekeptsecuredlocationforstoragewithlimiteduseraccess
Usealockablecabinet,drawer,cageorroomtosecurestorage
CCTVformonitoringsecurecabinetsandcages
SamplesinimmediateuseshouldbeintheODCoffice/labarea(i.e.Work-In-Progress
(WIP)material).Whennotinuse,samplesmustbestoredinasecuredlocation.
Scrapping/Retention / Defective,damagedorEndofLifeSamplesmustbereturnedtoIntelbusinessowner
ShippingdocumentstoberetaineduntilRMAprocessstephascompleted
Shippingmustbevialicensedcarrierwithtrackingcapabilityutilizedandmustrequiresig-natureonreceipt

3.0UniversalSecurityPrinciples

GenerallyacceptedprincipleswithcommonpracticesusedinsecuringITsystems

3.1IntelInfrastructureAccessPrerequisites

REQUIREDforalldata / REQUIREDforITS data
AllSupplier,Partnerandsub-contractorassociatesrequiringaccess
toIntelsitesandIntelsystemsasadministratorsmusthaveappro-priatetrainingandabackgroundcheck/investigation(BI)complete.
Training:Securitytrainingisrequiredannuallyforallstaff.
Withoutcompletion,accountaccessmustbedisabled.
InformationSecurityEssentialsforCW’s–Requiredforallemployees
ContingentWorkerEthics/CodeofConduct–Requiredforallemployees
PrivacyEssentials-RequiredonlywhenaccessingPersonaldata
ImplementIntelInformationSecurityPolicyof:
MinimumAccessPrivilege
Need-to-knowaccess
SeparationofDuties
CWAgreementNDAform
EachassociatewillberequiredtocompleteaContingent
Worker(CW)AgreementNDAformattheIntelbadgeKey
process
ConflictofInterest
Suppliermustdiscloseiftheyprovidesimilarservices/supporttoIntel'scompetitors
SuppliermustensurethatIntelArchitectureprojectsarenot
co-locatedwithotherArchitectureprojectsevenifbothareIn-
telprojects.ContactIntelInformationSecurityforhelp. / AccesstoITSsystemswillrequirespe-cificapprovalsdefinedbyaRUNDA,
andaccesswillbemonitored.Accessapprovalsaretemporaryandauthori-zationisreviewedonregularcadence.
Whenaccessisnolongerrequired,re-newalshouldnotberequested
BackgroundChecks
AllpersonsrequiringaccesstoITSdata
musthaveabackgroundinvestigationcom-pleted.Supplier’sobligationsinregardtoBackgroundInformationwillalignwithlo-calprivacyandlabourlegislationand/orwithIntel’slocalcustomsandpractices.TocheckondetailsofIntel’slocalprocessesinthismatterSuppliershouldcheckwiththeirprocurementcontact.Buyermayrequesttounderstandwhatbackgroundinvestigationchecksareimplementedbydefault.
Suppliermustretainbackgrounddata,whichcouldbeauditablebyIntelintheeventofanincident.
Training:AdditionalSecuritytrainingisrequiredannuallyforallstaffwithaccesstosensitiveinformation.
HandlingClassifiedInfor-mation
ClassifyingInformation
Intelmustunderstandbycurrentmetrics:
Volumeofassociateswithrequiredtrainingcomplete
Breakoutofwhattraininghasbeencompleted

3.2LegalandRegulatoryRequirements

REQUIREDforalldata / REQUIREDforITSdata
AllSupplier,Partnerandsub-contractorsmustbeknowledgeable
andatalltimescompliantwithallregulatoryandlocalgoverninglawsthatareapplicabletoIntelforsupportfunctionoutsourced.Examplesincludebutnotlimitedto:Privacy,HIPAA,SOx,U.S.Ex-portlicenseandPCI-DSScompliance.
Training:ControlledCountry(CC)/ControlledTechnology(CT)
trainingisrequiredannuallyforallstaffthatare:
ResidentinaCC
HasaCC/CTsupportresponsibility
Note:IntelisaUSregisteredcompanyandthereforeisboundbyUSDeptofCommerceExportrequirements.RemoteaccesstoControlledTechnologyand/orHighPerformanceComputingcon-tentcanbeconsideredanimport. / Note:IntelisaUSregisteredcompanyandthere-
foreisboundbyUSDeptofCommerceExportre-quirements.RemoteaccesstoControlledTechnologyand/orHighPerformanceComputingcontentcanbeconsideredanimport.Fordetailsgoto

Requirements

IntelfromOffshore/OffsiteDesignCenter(ODC)

ODCNETWORKCONNECTIVITY:

Networkconnectionsmustbesubmittedusingthe‘ODCPortal’.

UseraccesstodatamustutilizeIntelapprovednetworkservices.

Additionalcapacityforexistingprojectsmustbereviewedpriortoenabling.

ODCCLIENT/ODCSERVER:

Clients/ServersusedbysuppliermustbeabletoconnecttoIntelforupdates.

Clients/Serversresourcesmustberegisteredtotheowner/primaryuserofthedevice.

Client/ServerlogoncredentialsmustnotbesharedbetweenteammembersintheODC.

ClientsnotmanagedbyIntelmustnotusenetworkconnectionsestablishedbyIntelclients.

Clients/ServersmusthavemalwareantivirusservicesthatmeetorexceedIntelstandards.

ODCDATAPROTECTION:

DatacollectedfromIntelprojectservicesmustnotbetransferredtonon-Intelmanagedclients.

Datamustnotbemigratedtostoragerepositorieswithoutauthorizationandapproval.

Encryptionmustbeappliedtodataatrestandwhileintransit.

Projectdatamustbesegregatedoneprojectfromanother.

ODCLOGGING/MONITORING/ALERTING:

NetworksecuritymonitoringmustbeutilizedonnetworkswhereIntelprojectworkislocated.

ComputedevicesintheODCmustbeprotectedfromunauthorizeduse.

CyberexcursionsmustresultinnotificationtoIntelprojectsponsor(s).

REQUIREDforalldata / REQUIREDforITSdata
SupplieremployeesmustnevershareIntelaccountcredentials.Supplierswillimplementaprocesstoensureallassociatesaremadeawareofthisrequirement.
RemoteaccesstoIntel’snetworkmustbeviaamanagedsecureconnectionsolution.ExceptionsmustbeapprovedbyIntelbusinessmanagementanddocumentedwithanISpolicywaiverbeforeac-cessisgranted.ContracttheIntelbusinesssponsorforassistance.
AllIntelassetsandequipmentmustbestoredandmanagedtoen-surethereareappropriatelysecuredandaccessismanagedtotheneedtoknowlevel.Inventoryvalidationonregularcadenceisre-quiredtoensureallitemsareaccountedfor.MissingitemsmustbereportedtoIntelimmediately.
Preapprovalrequiredbeforeremovalofasset/equipmentfrom
ODC(includinglaptops):
IntelCWSponsormustapproveinwriting
Timeframehastobedefined(max.onemonth)
Reasonforremovalhastobeclearlystated
Recordapprovals,maybeaudited
Updateinventorytrackingdatabasetoassuretraceabil-ity
Returnofasset/equipmenttoODC
IntelownsresponsibilityforIntelassetandaccountmanage-ment.Whenauserisbeingoffboardedtheaccountmustbe
terminatedandassigneddevicesreturnedtoIntel
IntelCWSponsormustbeinformedassoonastheasset/
equipmentisreturnedtoODC
Updateinventorytrackingdatabasetoassuretraceabil-ity
ProvidearchitecturelayoutthatincludeCCTV,Badge
Readers,HardWalled/Lab/NetworkCloset
Computedevicesmusthavedatadisposalcompletedwithin10daysofCWoffboardingorsystemnolongerrequiredforprojectsupport / AllClientsystemswithsensitiveinformationmusthavefullvolumeencryptionenabled.
Allsensitiveinformationindraftmustbepro-tectedbyencryption.Intel’sEnterpriseRightsManagement(ERM)isonecapabilityoroptiontoimplement.TheIntelbusinessownermustbein-cludedintotheERMentitlements.
Allsystemsaccessingorstoringsensitivedatamusthaveencryptionimplemented.Thisappliestolaptopsanddesktops.Intelapprovedcapabili-tiesareMcAfeeEEPCorembeddedSSDencryp-tion.ContactIntelbusinessreporIntelODCServicesforassistance.
Electronicdatadisposal:Anysensitiveinfor-mationmustbesecurelydisposedofwhennolongerinuse,evenifstorageencryptionwasused.

6.0ODCGovernanceCompliance

6.1IntelODCGovernanceCompliance

AllODC’saresubjecttoIntelgovernanceoversight,anODCSecurityControlsreviewwillbescheduledonacadencebasedonthesensitivityofthedataaccessedandmanaged.

6.2SupplierComplianceExpectations

Supplierhasresponsibilitytoensuresecurityrequirementsareadheredtoandremainconsistentthroughoutthedurationoftheproject/support.Belowisasampleofaminimumcompliancechecklist.Thiscanbetailoredinordertofitbusinessrequirements.CompletedchecklistsshouldbepostedtotheIntelODCportal.

AnychangesinODClocation,size,controlsstatusorODCadditionsmustbecommunicatedtoIntelODCGovernanceandComplianceprograminadvance.

IntelODCMinimumControlsComplianceChecklist
Company:ODCRef#:AuditDate:
Audititem / Yes / No / Details
Physical
EntryPointshaveaccesscontrolstothegranularityofeachauthorizedperson
Accesslogsretainedforminof3months
Allentrydoorsoundalarmwhenproppedopenfor30seconds(tested)
Allemergencydooractivatealarmwhenopened
Allwindowslockedandincludetamperproofsensors
Incidenceresponsetoalarmactivationforallsensors,(doorsandwindows)
Unauthorizedaccessprevention(e.g.falseceilings,wallnottruefloortoceiling)
Perimeterglassobscured,includeswindowsifODCisagroundfloorlocation
ODCisnotlabeledoridentifiedasIntel
CCTVmonitoringODCentrydoors
Securitymonitoring24x7
AccessManagement
Visitorpolicyinplace
Notourspolicy
ODCauthorizedaccesslistscrubbedatleastonceperquarter
AuthorizedaccessbasedonneedtoknowbasisforIntelbusinesssupportonly
Network
OnlyonenetworkdistributedintheODC
Networkequipmentinlockedaccesscontrolledlocationandrestricted
IfIntelnetworkisdistributedinODC–airgapisolationimplemented
IfIntelmanagednetworkisaccessed-networkenclaveorsegregatedVLAN
Firewalldocumented/configured/monitored(refertoIntel’sFirewallTech-
nicalDesignReview(FTDR)documentation)
Operations
ODCRulespostedinsideODC
ProhibitStoragedevices(USB,Cameras,Cameraphones,SmartphonesinODC)
Cleandeskpolicyenforced(tested)
OnlyapprovedlaptopsandsystemsaretakenintoorremovedfromODC
IfPrinterismandatorythenonlycolorcodedpaperisusedinODC
Validateprocesstoprevent colorpaperremovalfromODC
Papershredderuseforallconfidentialwaste
AllIntelissuedPCarereturnedtoIntelatassociateoffboardingortermination
Exitinterviewincludes NDA's‘continuepastprojectsupport’clause
AllIntelissuedservershavebeenreturnedtoIntelpostprojectcompletion
AllserverswithIntelRestrictedand/orTopSecretinformationhavedatasecu-ritydeleted-certificateofdisposalrequiredorharddiskdrivesenttoIntelfordestruction
TrainingResourcing
AllstafftrainedandawareofchallengingUnauthorizedAccessifdetected
AllstafftrainedandawareofODCoperationsrequirements
AllstaffcompletedIntelannualtrainingrequirements
InformationSecurityEssentials-%complete
ContingentWorker(CW)Ethics/CodeofConduct-%Complete
PrivacyEssentials(RequiredifPersonallyIdentifiableInformationisaccessed) -
%complete
HandlingClassifiedInformation(RequiredfirRestrictedTopSecretdataac-
cess)-%Complete
ControlledTechnology(Req.ifaccesstoControlled/HPCtechnologyorlocated
inaControlledCountry)
ForIntelissuedsystemsallstaffaware:
NoaccountsharingwithothersandlimitIntelsystemsforbusinessuseonly
IntelSystemsadministrationrestrictedtoIntelTACadministratorsonly
Additionalornon-Intelunapprovedsoftwaredeploymentprohibitedunless
fullylicensed
PCsystemsshouldonlyberemovedfromtheODConapprovedbusinessneed
ForNon-IntelsystemssupportingIntel:
MinimumSystemsSecurityrequirementsdefinedcheckedforcompliance(de-pendentonremoteconnection)
Serversarelocatedinasecuremanagedlocation,outsidethislocationservers
areprohibited
ResourcingProcess
Assignedstaffbackgroundcheckscompleted
EachassignedstaffmemberhascompletedCWAgreementNDAformatIntel
Allassignedstaffcompleteowninhouseinductionandtrainingprogram
AssociatessupportingIntelcomplywithcontractualcool-offperiod
ManagementofIntelassignedequipmentandmaterials
InventoryofIntelassignedequipmentismaintained
Monthlyinventorycheckincludesdiscrepancycheck
Softwareuserlicensesfornon-Intelsourced/issuedsoftwareobtained
U.S.Dept.ofCommerceExportLicenserequirementshavebeenmet
IntelequipmentorHVPIPproductsaresecuredwhennotinuse
IPProtection:
DropshiplocationforHVPIPdeliverythesameasSAPshippingdesignation
Tracking,handling,scrapandlossprocessinplaceforHVPIP
IsthereamatchingreportstoSecurityIncidentReport(SIR)
Reconciliationreportforlossidentified
CurrentProjects:
ProjectsintheODCareclassifiedandmatchwhatisintheODCPortal?
IntelprojectsponsororIntelbusinessgroupisidentified
ContingentWorkers:
ContractorscanbeassociatedtotheIntelprojecttheyareassignedto
Contractorsuseanapprovedremoteaccess(RVPN/CitrixXenApp/MOKA)
LabRegistration/Inventory:
ODC labsintheregisteredwithIntel
Registeredlabshavecompletedtheannualsecuritysurvey
Legal=Approver/Procurement=Approver/GST=Approver/ISRM=Decider