Intrado Enterprise Cybersecurity

Assets are identified and inventoried.

Security measures are integrated into layers of the infrastructure, enabling comprehensive protection across systems and data flows including, but not limited to:

• Zero trust

• Distributed Denial of Service (DDoS) Defense

• Telephony Denial of Service (TDoS) Defense

• Firewalls configured to deny-by-default

• Internal network segmentation

• Network monitoring

• Encryption at rest and in transit

• Endpoint detection and response

Internal and external vulnerability scans run weekly and Intrado engages a third-party to conduct network penetration testing annually.

Intrado recognizes employees as the first line of defense for securing resources.

• Screening is conducted to verify identity, employment history, criminal history, and other factors relevant to the position

• Individuals sign confidentiality agreements, and appropriate terms and conditions of employment, including adherence to the Code of Ethical Business Conduct, prior to obtaining access to resources

• Security awareness and other compliance training is assigned annually and tracked for completion

• Ongoing simulated phishing campaigns and education communications sent for real-world awareness and applicability

• Policies and work instructions are accessible on the company intranet

• A fair corrective action and sanctions process is established and managed through HR

Access Control

Security agents are installed on Intrado endpoints:

• AI-powered next-generation malware and advanced threat interception

• DNS security, including off-network devices, with website filtering, malicious domain and IP address monitoring

• Real-time visibility and comprehensive control capabilities

• Automated patch and security update installation

By default, users do not have local administrative rights to install or remove software or modify configurations. 

Communications are filtered through protections including, but not limited to: account compromise detection, inter-org spoofing prevention, domain reputation, IP reputation, backscatter prevention, content filtering, malware and spam auto-purge, safe links URL protections, safe attachments, and data loss prevention (DLP).

Security Engineers work with Product Engineers to promote secure design recommendations. A Secure by Design Framework prioritizes security with each feature development. 

Intrado practices a “shift left” concept using automated tools to analyze code and remediate weaknesses during software development. 

Enterprise change control process requires testing, backout plans, communication, and approvals for implementation. 

Intrado maintains ISO 9001 certification for the quality management of design and development, assembly, configuration, support, data management, and network transactions for its call handling solutions.

Intrado solutions are not consumer products nor is Intrado is a data broker. See Intrado's Global Privacy Statement.

Automated tools are deployed throughout the environment to detect and respond to security events. Logs are maintained securely and synchronized to a centralized time source on the Intrado network.

Security Analysts investigate suspicious activity in an organized and consistent approach. Threat intelligence from appropriate special interest groups, security forums and professional associations is also investigated for preventative action.

An Incident Response Plan (IRP) based on the SANS PICERL approach is maintained and distributed to incident response personnel. The Information Security team reviews the IRP at least annually and conducts exercises to identify opportunity for improvement.

Instruction for reporting potential security incidents is posted on internal intranet sites and presented in security training.