SECURE INFORMATION EXCHANGE
Trusted cross-domain solutions for high assurance environments
The success of any business or organisation in the 21st century is built on information superiority. The ability to get the right information into the hands of decision-makers ahead of competitors or adversaries gives a tactical, operational and strategic advantage.
Information sharing is also key to improved productivity, efficient and accurate decision making and effective collaboration. However, the exchange of data between untrusted networks also brings cyber security risks. It must be protected appropriately and shared carefully only with trusted individuals and partners.
By following the cyber security policies of national technical authorities, our trusted solutions enable secure information exchange between network domains operating at different levels of security.
Why do problems arise?
Conventional approaches to security in high assurance environments have, unfortunately, led to many information systems being separated from each other and from the people who need access to the assets they contain.
This makes sharing data across network or security boundaries difficult, or impossble, and results in an incomplete or delayed picture of a given situation. The potential of using Cloud Services adds an extra dimension to this problem.
What is the knock-on effect?
The consequence of this is that any decisions or actions based on such a disjointed picture may be wrong or too slow to be effective.
It also means potentially avoidable but costly and, sometimes, highly damaging mistakes are made. In essence, information sharing gives businesses and organisations access to information that needs to be widely available. However, it comes with its own set of risks.
Overcoming security issues to connect networks
At Nexor we can help join up the networks and information systems that you need timely, yet secure, access to, even if they operate at different trust levels.
Our secure information exchange solutions can connect your information, people and domains even if their levels of security access differ. At the same time our solutions still ensure appropriate adherence to the principles of information assurance: confidentiality, integrity, authentication, availability and non-repudiation.
Nexor’s customers can benefit from:
- Secure access to systems and applications – both for users across a number of different organisations or to allow different levels of permission in the same organisation;
- Prevention of data loss to ensure sensitive information does not fall into the wrong hands;
- Resistance to malware entering the organisation;
- Ensuring the integrity of information;
- Resilience of service to safeguard availability for operational needs;
- The adoption of Cloud Services in a secure manner;
- Minimised management overheads by potentially reducing infrastructure requirements.
By choosing a solution that uses architectural patterns based on best practice guidelines from the National Cyber Security Centre (NCSC), (the UK National Technical Authority for Information Assurance), not only do you get security and flexibility, the accreditation of the solution becomes easier.
Common secure information exchange scenarios
All information exchange scenarios are unique and must be examined for their business benefit and the risk that they are exposing the organisation to, but the potential benefits of becoming more joined up, in a controlled and managed manner, are almost limitless.
Here are some examples of secure information exchange scenarios that we regularly deal with. They can be achieved, even in higher classification networks, by following the appropriate cyber policies from national technical authorities.
- Network Monitoring – it is often necessary to get all management information into a single location, such as a Security Operations Centre (SOC), for visualisation and analysis.
- System Updates – it is imperative that applications, systems and networks are kept up-to-date, for functionality and performance reasons as well as to protect against vulnerabilities and a changing threat.
- Communication – the secure import and export of emails (with attachments), chat messages and voice/video teleconference streams allows much more streamlined communication between communities operating at different trust levels.
- File Exchange – most corporate knowledge is captured in the form of electronic files, be they written documents, spreadsheets or presentations. Being able to share these documents across trust domains, when appropriate, allows knowledge to be pooled and informs decision making.
- Secure Printing – it is often necessary, normally for cost saving purposes, to provide a large group of individuals with access to centralised print resources from a variety of corporate and operational networks at different trust levels.
- Camera Control – not all of the devices that we may want to interact with will necessarily be on your network(s). For example, the control and monitoring of CCTV networks, where the cameras themselves tend to be placed within non-secure environments but operated from a secure control room.
Discovery & Access
- Discovery and Web Access – the Internet has become an invaluable tool for finding and discovering open-source information but it brings with it considerable risk. Preventing access to this rich source of intelligence is mission-limiting but access must be appropriately protected and authorised to ensure safe usage as information flows in to and out of the secure network.
Cloud & Internet of Things
- Cloud-Based Information Sharing – The Cloud brings new opportunity to share business information for enhanced operational efficiency and stakeholder engagement, but it brings with it information disclosure risks. Additionally, sharing is often cross-domain, between different organisations, at differing levels of trust. The Cloud not only provides broad access to facilitate sharing, but provides enhanced security benefits that cannot be obtained from on-premise solutions.
- Internet of Things – Deploying the Internet of Things requires organisations to approach solutions differently to traditional IT services. Data from sensors typically resides in a different domain and trust environment to the services processing the data; in some cases, there is also a need to send control information back to the Internet of Things device. The approach requires concepts taken from secure information exchange solutions to ensure the trustworthiness of the data
- Information Exchange Gateways (IEGs) – with the increased reliance on coalition working, IEGs are systems designed to facilitate secure communication between different security and management domains. They have been adopted by a variety of defence-related organisations including NATO and the European Defence Agency.
Military Messaging Handling Systems (MMHS) – despite differing messaging standards and disparate systems, military organisations need to be able communicate with one another in a secure and timely way in order to ensure that critical sensitive information can be received on time and that it is not compromised in the process.
We will work with you to understand your exact information exchange requirements, your operational needs and your security constraints. Our expertise will help you balance:
Usability, performance, timescales and budget
Threat exposure, risk appetite and assurance process
Working in partnership, we can design, deliver and support solutions to enable more efficient, yet secure, collaboration within your organisation and with your partners. This will allow you to make better decisions and be more effective in whatever your business or mission is.
Be the first to know about developments in secure information exchange