Nexor’s new release capability enables manual review of sensitive file transfers
Nexor has recently incorporated a manual release capability into its high assurance, cross domain guard platform Nexor Guardian. This new functionality provides a mechanism for a “human-in-the-loop” oversight of your most important and sensitive cross domain file transfers.
This innovation can be viewed as a vital development in a global arena. Information sharing is essential for productivity, efficiency, accurate decision making and more effective collaboration, but also brings security risks, particularly with untrusted or uncontrolled networks.
Whilst the global online environment is seeing an increase in cyber threats, companies, organisations and government bodies still need to share information, including sensitive intelligence documents in a secure way – often to domains outside of the organisation. However, due to the highly sensitive nature of the documents and the associated security risks and implications, some organisations want a human release check for all documents passing into and out of their networks.
Manual reviewing procedures of this type can be carried out using USB sticks and users physically carrying documents to authorisers for review, but this labour-intensive process is slow, cumbersome and more alarmingly, untraceable and open to abuse.
Usually, this kind of review is carried out on an ad-hoc basis, so there is no management or audit of these activities and it is easily possible to circumvent the manual process. In addition, ongoing manual reviews bring additional workload for users releasing files, and inconvenience for line managers and information security managers within companies and organisations.
What is needed is a more automated process to enable users to transfer files more easily, and line managers to check documents more efficiently and in a manner that fits in with their daily or weekly schedule.
Incorporated into Nexor’s proven Guardian platform
Nexor has used its high assurance cross domain guard platform, Nexor Guardian, to provide a network share folder that users can easily drag and drop their files in, for submission into the Guardian validation framework.
Guardian was developed to protect the confidentiality of organisations’ information by automatically validating that data is conformant and complies with the security policy of the protected domain. It ensures that an electronic exchange can only pass from one domain to the other via a trusted path and via a deep content filter to check it is releasable.
The new manual release capability builds on this to stop all submitted files and store them securely for a human-in-the-loop validation check.
Once the file is submitted to Guardian, authorisers are notified that files are waiting for their review at configurable times, such as morning, lunchtime, or every day, so as not to interfere with their work. Once authorised, Guardian notifies users when files have been released so that they can be accessed in the other domain without delay.
To simplify authorisation, the manual release capability uses an Active Directory structure to enforce access control rights for all submission and validation activities.
All activities on Guardian are fully audited to provide complete oversight of all information transfers out of the domain. It provides a seamless transfer of files for authorisers and users, whilst improving working efficiency and reducing the risk of bypass.
The manual release facility has been developed and implemented due to increasing demand from customers for this type of additional capability. It is now a standard capability within Nexor Guardian that is available to the rest of our customer base, and is a unique feature in the high assurance space.
Andy Walker, Managing Director at Nexor, commented:
“Demand from our customers has led to the design and development of this important new capability within the architecture of our Guardian guard platform. Fully auditable, it brings a seamless, more efficient transfer of files for both authorisers and users, and greatly improves working efficiency. The Active Directory structure also facilitates simple integration of the authorisation process.”
You can also watch this short interview with our Portfolio Manager, Kieran Barnes, explaining how the manual release capability works.
Be the first to know about developments in secure information exchange