File transfers for a data guard: automate or manually review?

September 2017

Whilst the global online environment is seeing an increase in cyber threats, companies and government bodies still need to share information, including sensitive intelligence documents, in a secure way within their organisation.

The temptation for users may be to email files between networks, as this is a convenient way of working. However, this convenience, also presents a security risk, as files will often be transferred outside the organisation to get from one network to another (an email guard can mitigate this). And you also need to remember that email is not available on all networks.

CD and USB GreyscaleAnother option that organisations have is to use USB sticks. Users physically carry electronic documents between domains or locations, but this labour-intensive process is slow, cumbersome and more alarmingly, untraceable and open to abuse.

This is where a data guard can help; by reducing the risk of malware getting into a network; of sensitive data leaking out; and ensuring that appropriate controls are in place for the data to be released between the networks.

One of the questions that I often get asked is what approach organisations should take when they are setting up the implementation of a data guard.

“Should the data guard be configured to automate file transfers or should the files be manually inspected and released?”

What are the options for setting up a data guard?

In fact, there are more than two options available to organisations when deciding on the best approach to implementing a data guard:

  1. Automated transfer without a quarantine function – files are automatically passed through from one domain to another, providing they meet the defined security policy. If they don’t meet the criteria, files are simply rejected and deleted.
  2. Automated transfer with quarantine – like above, the files are automatically passed from one domain to another; however, this time, if a file fails to meet the security policy it goes into quarantine as a policy violation, where an administrator will deal with it.
  3. Automated transfer and manual review of quarantined files – similar to the above option, but this time, pre-determined workflows are in operation and relevant authorisers across the organisation deal with quarantined files in line with the organisation’s business processes.
  4. Manual review of all files – due to the highly sensitive nature of documents and the associated security risks and implications, some organisations want a human release check within their data guard for all documents passing into and out of their networks.

So, how do I select the right option?

There is no one size fits all answer to this. Each cross-domain scenario is unique and must be examined individually. The potential benefits of becoming more joined up in a controlled and managed manner are huge, but the variables will differ for each organisation.

Factors that will shape the choice of approach for setting up a data guard will include:

  • Information types – what kind of files types are being transferred and how complex are they?
  • Depth of the automated checks – will you be verifying that the data conforms to the format that it claims or appears to be? Validating that the data conforms to the configured security policy? Will you be checking for prohibited words or carrying out security label checks?
  • Data volumes – how many files will be transferred between domains? Does your organisation have the capacity to cope with manually reviewing all or some of the files? Whilst using a data guard is far more efficient and secure than using USBs and CDs, the greater the level of manual intervention, the more people will be required to make it function.
  • Risk appetite of the organisation – as the cyber security industry moves to a more risk-based approach, rather than following prescribed approaches by regulatory bodies, each organisation needs to identify the risks associated with their data and decide what level of risk they are willing to accept.
  • Accreditation – even with the greater emphasis on risk, many organisations still need to gain accreditation of their cross-domain solutions from industry regulators or their national technical authority, so the view of the accreditor will influence the approach to configuring a data guard.

The good news is that whichever option is the most appropriate for your organisation’s cross-domain needs, there is a data guard in the market that can address all of the options. Nexor Guardian is a high assurance data guard that provides a highly secure, high-throughput content checking capability.

Nexor Guardian in action

Our latest case study features an organisation who implemented a cross-domain solution using Nexor Data Diodes and Nexor Guardian to replace the use of USB stick transfers of files between its administrative and secure networks.

After assessing their circumstances, we recommended that the data guard be configured so that all files were manually inspected and released. (As per option 4 above)

The impact of the solution was that the organisation completely stopped the use of USB sticks for transfers between segregated networks in one swift move. You can read all about this in a case study on Nexor’s website.

So, when customers ask me “should we configure automatic file transfers for a data guard or should we include a manual review?”, my answer is that one isn’t necessarily better than the other – it depends on the individual circumstances.

However, a good way to find out what the most appropriate option should be is to engage with a cross-domain expert like Nexor. 


Author Bio - Jack Akehurst

Jack AkehurstJack Akehurst is a Technical Consultant at Nexor, helping to create and deliver trustworthy, secure solutions to governments, defence and critical national infrastructure to enable them to protect and share their data.


Be the first to know about developments in secure information exchange