COMMON SECURE INFORMATION EXCHANGE SCENARIOS
Ensuring you balance security and usability
Secure information exchange is the process of getting information in to or out of secure (classified or highly protected) networks.
All information exchange scenarios are unique and must be examined for their business benefit and the risk that they are exposing the organisation to, but the potential benefits of becoming more joined up, in a controlled and managed manner, are almost limitless.
Here are some examples of secure information exchange scenarios that we regularly deal with. They can be achieved, even in higher classification networks, by following the appropriate cyber policies from national technical authorities.
- Network Monitoring – it is often necessary to get all management information into a single location, such as a Security Operations Centre (SOC), for visualisation and analysis.
- System Updates – it is imperative that applications, systems and networks are kept up-to-date, for functionality and performance reasons as well as to protect against vulnerabilities and a changing threat.
- Communication – the secure import and export of emails (with attachments), chat messages and voice/video teleconference streams allows much more streamlined communication between communities operating at different trust levels.
- File Exchange – most corporate knowledge is captured in the form of electronic files, be they written documents, spreadsheets or presentations. Being able to share these documents across trust domains, when appropriate, allows knowledge to be pooled and informs decision making.
- Secure Printing – it is often necessary, normally for cost saving purposes, to provide a large group of individuals with access to centralised print resources from a variety of corporate and operational networks at different trust levels.
- Device Control – not all of the devices that we may want to interact with will necessarily be on your network(s). For example, the control and monitoring of CCTV networks, where the cameras themselves tend to be placed within unsecure environments but operated from a secure control room.
Discovery & Access
- Discovery and Web Access – the Internet has become an invaluable tool for finding and discovering open-source information but it brings with it considerable risk. Preventing access to this rich source of intelligence is mission-limiting but access must be appropriately protected and authorised to ensure safe usage as information flows in to and out of the secure network.
Cloud & Internet of Things
- Cloud-based information sharing – The Cloud brings new opportunity to share business information for enhanced operational efficiency and stakeholder engagement, but it brings with it information disclosure risks.
Additionally, sharing is often cross-domain, between different organisations, at differing levels of trust. The Cloud not only provides broad access to facilitate sharing, but provides enhanced security benefits that cannot be obtained from on premise solutions.
- Internet of Things – Deploying the Internet of Things requires organisations to approach solutions differently to traditional IT services. Data from sensors typically resides in a different domain and trust environment to the services processing the data; in some cases, there is also a need to send control information back to the Internet of Things device. The approach requires concepts taken from secure information exchange solutions to ensure the trustworthiness of the data.
- Information Exchange Gateways (IEGs) – with the increased reliance on coalition working, IEGs are systems designed to facilitate secure communication between different security and management domains. They have been adopted by a variety of defence-related organisations including NATO and the European Defence Agency.
- Military Messaging Handling Systems (MMHS) – despite differing messaging standards and disparate systems, military organisations need to be able communicate with one another in a secure and timely way in order to ensure that critical sensitive information can be received on time and that it is not compromised in the process.
Be the first to know about developments in secure information exchange