Cloud-based cross domain scenarios
Integrating the Cloud into high assurance information architectures
Increasingly among our typical customers there is a desire and, in many cases, a mandate to move to the use of commodity Cloud services. This enables organisations to reap the benefits of resilience, cost and security. Yes, security! Our secure information exchange expertise helps organisations integrate the Cloud into their high assurance information architectures.
Including the Cloud in secure information architectures
At Nexor, we firmly believe the public cloud has the potential to be as secure, if not more secure, than on premise solutions. According to Gartner, “if best practices are followed, they [public clouds] can be more secure than those in traditional data centers”.
The key to success is taking a holistic view of the problem, understanding that the new ‘Cloud World’ brings a new set of challenges, and dealing with these challenges in a business context, with robust development and operational processes.
The big, new challenge the Cloud presents is how can you assure the security, when it is someone else running the underlying infrastructure?
Nexor Cloud Solutions
The desire to use the Cloud as a platform for secure information exchange is driven by the low cost and high availability benefits that it brings.
At Nexor, we combine our CyberShield Secure services with architectural patterns from the National Cyber Security Centre (NCSC) (formally known as CESG), the UK National Technical Authority, built into our Secure Information eXchange Architecture (SIXA).
This provides solutions that allow data to be shared in an environment that enhances the security of that offered by on premise solutions, using models that can be assured.
Our approach combines several key pillars:
- A methodical and robust approach to architecting, building, deploying and operating a cloud-based solution – such as our CyberShield Secure approach – reducing the risk of security issues,
- Layering of additional security controls, where necessary – such as offered by the cloud versions of our SIXA technology – providing a tried and tested approach to mitigating risks of moving data between systems,
- Strong identity and access management controls, incorporating multi-factor techniques provided by partners’ technologies, provisioned using robust processes design using our CyberShield Secure approach,
- Selection of a cloud service provider that puts security first; is open about its security controls; and submits itself to third-party audits. We have chosen to work with Amazon Web Services as our partner of choice,
- Monitoring the solution closely to detect any foul play, using the Cloud’s resilience features to perform a “reset”, to reduce the “persistence” element of advanced persistent threats (APTs).
Benefits of the Nexor Solution Approach
By using Nexor’s expertise, organisations with a need for high assurance can bring the Cloud into their information architectures in order to reduce costs and gain greater operational flexibility.
As Gartner identified, “the automation and programmatic infrastructure … can significantly improve the security protection of public cloud workloads”.
By adopting SIXA, our customers can rest assured that the architectural approach provides a robust security solution, as it is built on architectural models from the UK’s National Technical Authority.
Our robust procedural approach delivered by our CyberShield Secure Services, to implementing automated and programmatic solutions, ensures customers can trust that their data is secure.
Be the first to know about developments in secure information exchange