Viasat prioritizes data privacy and security. We strive to respect the privacy of our stakeholders, and our policies outline how we collect, protect, use, and share company data.
To comply with applicable laws and regulations, we:
- Leverage internal and third-party technologies that can scale to new services, markets, and geographies.
- Align with industry frameworks and evolve our privacy controls to comply with the data protection laws in the markets where we operate.
- Adhere to the most recent version of the Payment Card Industry (PCI) standard, which covers the applications, networks, subcontractors, and partner firms and systems that process credit card transactions worldwide.
- Achieve annual certification as both a PCI-DSS-compliant level 1 merchant and level 1 service provider from a third-party qualified security assessor (QSA).
FY23 data protection developments
- Matured our information security management system (ISMS) on the road to ISO 27001 certification, which covers our mobility networks as well as portions of the corporate network to reflect our customers’ growing needs for comprehensive and internationally accepted information security standards Continued to support the Cybersecurity Maturity Model Certification (CMMC) and publication of an updated Defense Federal Acquisition Regulation Supplement (DFARS) final rule that meets CMMC requirements.
- Launched an external online privacy center so customers anywhere in the world can exercise privacy rights and learn about our data processing practices. Developed a responsible disclosure and bug bounty program where external researchers can submit security vulnerabilities on defined scopes.
- Established business security champions within each business segment to further help drive security initiatives for products and services.
- Enhanced our security engineering training for new engineers covering Viasat’s Foundational Security Principles and how to incorporate security into products and services.
- Revamped our annual privacy basics course.
- Continued to enhance our solutions hub, which vets new technology providers for data privacy and security risks.
What’s ahead
- Completion of a CMMC Level 2 assessment via a Certified Third-Party Assessment Organization (C3PAO) in 2024. This initiative is based on Viasat completing a Defense Contract Management Agency high-assurance assessment using the NIST 800-171 DoD assessment methodology against our corporate networks, systems, applications, and procedures used for processing and securing Controlled Unclassified Information (CUI) used for many of our government contracts.
- Scaling our external privacy center to include more languages.
- Incorporating the solutions hub into Viasat’s broader data governance initiative.
- Use existing security telemetry and data analytics to improve risk management and our understanding of security posture across the company.
- Transform globally secure and standardized enterprise access to company digital resources using zero-trust principles.
- Enhance our security training.
Business continuity
It is critically important to us to deliver reliable, uninterrupted service. To that end, we’ve invested in a resilient infrastructure that includes machine learning (ML) and artificial intelligence (AI) techniques in conjunction with a state-aware network. These investments have significant capabilities that support business continuity, including anomaly detection, root cause analysis, and self-healing. Leveraging ML and AI means identifying and remediating issues faster and more consistently, while conserving resources.
To further minimize downtime, our infrastructure also features redundant systems, failover mechanisms, geographically distributed data centers, and robust network connectivity. In the event of a disruption, we have comprehensive disaster recovery plans in place to quickly restore critical systems and services. Our systems are closely monitored, thoroughly tested and validated, and scale dynamically based on demand. Business continuity is part of our culture, and we provide regular training, communication, and awareness programs to ensure that everyone is aligned with expectations.
Learn more about how Viasat is always finding a better way to connect the world. Safely, sustainably, and ethically in our 2023 ESG report.