As a provider of military satellite communications, companies should focus, understandably, on network security. Deploying and maintaining secure networks in war zones that keep classified information out of the hands of the enemy is critical for the effective execution of military operations. The secure satellite communications system PCI provides in Iraq has had a significant impact on another, equally important arenanation building.
According to Wikipedia, nation building is the deliberate effort by a foreign power to construct institutions of national government. In the case of Iraq, its emerging government in 2004 had no intact communications infrastructure to support its evolving institutions. By the summer of 2006, however, the Iraqi Government had the worlds largest secure VoIP network. By January 2007, the Iraqi Government had full control of this network and continues to operate it today. For Proactive Communications, Inc. (PCI) to accomplish this task, a number of factors had to be considered in designing, deploying, supporting, and transitioning a secure satellite network, while simultaneously supporting elections, Iraqi Security Force (ISF) operations, and internal government communications.
The security principles PCI initiated for this project are instructive for any future nation-building scenario. These principles are:
- Achieve Design and Export Administration Regulations (EAR)
- Balance and Monitor Deployment Processes
- Build Robust Management Capability
- Set Transition Conditions
The first principle is to understand the relationship between the design requirements and the US Government (EAR). The design for the system should follow established models which provide multiple layers of defense/security to defeat both internal and external threats, while also supporting rapid communications. The design requirements should be based on integrated policies and procedures concerning hardware and software.
The constraint in a nation-building scenario is that hardware, software, and the intellectual/design properties, may be limited by the Department of Commerces Bureau of Industry and Security (BIS). The relationship between the possible and the probable should be addressed upfront. US Government contracting officers and Contracting Officer Technical Representatives often focus on getting the project going without understanding the limitations BIS might levy. In some cases, failure to gain approval through the BIS/EAR process could result in radical changes to the security scheme at worst, or at least cause a delay in gaining the necessary waiver for transition.
The second principle is the need to balance and monitor deployment considerations. The security concept involves multiple layers and so requires detailed integration. The following are the types of questions a security concept must address.
- Is it prudent to conduct the detailed integration at the target site?
- Is the target site the appropriate place to discover an integration problem, IP address conflict, corrupted firmware, or other surprises?
- In scenarios where US forces are engaged in post-conflict stability operations, the environment may remain dangerous. Are US personnel conducting the on-site installation or are local nationals?
- Is there a primary and secondary means of communication available to the installation engineer?
- If a detailed test and integration can be conducted at a safe haven, can a critical piece of integration be withheld and done at the site to quickly bring the node into the secure network?
- If the node equipment is intercepted or lost in shipment, is there any possibility of the node equipment being used for anti-government purposes?
As one can see from these security questions, if the installation is being conducted under hostile circumstances, sound risk mitigation measures must be practiced for both the work force and the equipment.
The third principle is to build a robust management capability. A secure satellite telecommunications network has to provide management capability that accounts for non-secure and secure components, satellite transport, teleport/hub, and node conditions. In addition, if local conditions warrant, this capability may need to reside at a location far removed from the customer nation.
A distributed location can allow for subject matter expert observation and troubleshooting without incurring high cost personnel deployments. A distributed location can also leverage foolproof electrical power and other elements of a safe haven. However, some consideration must be given to investing time and resources into a fledgling Network Operations Security Center, especially if there is a possibility of transitioning the network to the host country. The encryption/security device management capability must be robust enough to receive additional devices. Such a satellite network must have this capacity to expand built into the overall scheme. From a business point of view, expanding the network is good news, but if a growth plan isnt in place, a company might find itself doomed by success.
The final principle is to set conditions for transitioning the network to host government ownership. The US military paradigm of network security is well established; however, a model for transferring a secure network to a foreign government has yet to be developed. Functional areas of training, engineering, documentation, manning, risk mitigation, quality control/assurance, finance, and legal ramifications need to be addressed upfront. Not surprisingly, one solution does not fit all in these environments.
PCI has had the opportunity to work through these principles in Iraq. The project was started in late 2004 and was initially focused on providing a countrywide network between the major cities and Baghdad for the first elections in January 2005. We explored secure voice over satellite and deployed it that spring. As the network grew, different layers of security were added.
Satellite telecommunications was the ideal choice for standing up a secure government network in Iraq. Anti-Iraqi Forces had previously targeted cell/microwave towers, making these methods untenable. Satellite telecommunications, with its Beyond Line of Sight capability, ubiquitous antennas, and ability to be rapidly deployed and established, was the ideal solution. As one could imagine, the initial design parameters presented some security challenges, problems with faulty commercial power, customers with evolving technical skills, and myriad other unforeseen circumstances which would be difficult to overcome in a time-sensitive environment.
PCI worked through these issues and the network now offers a full range of communications options that include secure voice/e-mail, Internet, and web and file storage. The Government of Iraq personnel now have the flexibility to correspond with their internal and US counterparts in whatever way is most effective and efficient at a given time.
In Iraq, US military and Iraqi government personnel have used the PCI satellite communication system to operate through a number of dangerous situations. For example, the network supported communication/media requirements for all three of the major elections in 2005, the execution of Saddam Hussein, every major religious holiday since late 2004, as well as the deployment of the Baghdad Security Plan.
The network peaked at 258 nodes in January of 2007 and spanned Iraq from Basra in the south to Dahuk in the north, from the Jordanian and Syrian borders in the west, to the Iranian border in the east. In March 2007, this network became the first large-scale IT project to transition to Government of Iraq funding. The network remains operational to this day and is a milestone for the US Government goals for the Iraqi government to provide security, self reliance, increased capacity for essential services, and stronger law enforcement, thereby promoting civil rights.
Secure satellite telecommunications in Iraq has been a successful nation-building tool and provided a strong value position to the US and Iraqi governments. Creating secure communications in nation-building scenarios requires in-depth knowledge of how to achieve design and EAR balance, monitor deployment processes, build a robust management capability, and set transition conditions. If these principles are fully understood and addressed, satellite providers will continue to play a critical communications role in emerging countries throughout the world.
Marc LeGare is the CEO of Proactive Communications. He has a B.S. from the United States Military Academy at West Point, a Master of Science from the Air Force Institute of Technology, and a Master of Military Arts and Sciences from the School of Advanced Military Studies.