Innovative solutions to information exchange security challenges
Nexor’s SIXA® solutions are a collection of technologies and strategies created in response to the information exchange challenges that we have overcome. The solutions involve implementing innovative technology within the framework of our CyberShield Secure methodology: the framework through which we ensure that our solutions meet our clients’ operational and security needs.
The solutions that we discuss on our site are not intended to be exhaustive. The next information exchange challenge that we face may require something new. In every situation, we look to combine our technology and methodology to the best solution for the project at hand.
Common secure information exchange scenarios
All information exchange scenarios are unique and must be examined for their business benefit and the risk that they are exposing the organisation to, but the potential benefits of becoming more joined up, in a controlled and managed manner, are almost limitless.
Here are some examples of secure information exchange scenarios that we regularly deal with. They can be achieved, even in higher classification networks, by following the appropriate cyber policies from national technical authorities.
|Network monitoring||It is often necessary to get all management information into a single location, such as a Security Operations Centre (SOC), for visualisation and analysis.|
|System updates||It is imperative that applications, systems and networks are kept up-to-date, for functionality and performance reasons as well as to protect against vulnerabilities and a changing threat.|
|Communication||The secure import and export of emails (with attachments), chat messages and voice/video teleconference streams allows much more streamlined communication between communities operating at different trust levels.|
|File exchange||Most corporate knowledge is captured in the form of electronic files, be they written documents, spreadsheets or presentations. Being able to share these documents across trust domains, when appropriate, allows knowledge to be pooled and informs decision making.|
|Secure printing||It is often necessary, normally for cost saving purposes, to provide a large group of individuals with access to centralised print resources from a variety of corporate and operational networks at different trust levels.|
|Camera control||Not all of the devices that we may want to interact with will necessarily be on your network(s). For example, the control and monitoring of CCTV networks, where the cameras themselves tend to be placed within non-secure environments but operated from a secure control room.|
|Discovery & web access||The Internet has become an invaluable tool for finding and discovering open-source information but it brings with it considerable risk. Preventing access to this rich source of intelligence is mission-limiting but access must be appropriately protected and authorised to ensure safe usage as information flows in to and out of the secure network.|
|Cloud-based information sharing||The Cloud brings new opportunity to share business information for enhanced operational efficiency and stakeholder engagement, but it brings with it information disclosure risks. Additionally, sharing is often cross-domain, between different organisations, at differing levels of trust. The Cloud not only provides broad access to facilitate sharing, but provides enhanced security benefits that cannot be obtained from on-premise solutions.|
|Internet of Things (IoT)||Deploying the Internet of Things requires organisations to approach solutions differently to traditional IT services. Data from sensors typically resides in a different domain and trust environment to the services processing the data; in some cases, there is also a need to send control information back to the Internet of Things device. The approach requires concepts taken from secure information exchange solutions to ensure the trustworthiness of the data.|
|Information exchange gateways (IEGs)||With the increased reliance on coalition working, IEGs are systems designed to facilitate secure communication between different security and management domains. They have been adopted by a variety of defence-related organisations including NATO and the European Defence Agency.|
On Wednesday 22nd July, Colin Robbins of Nexor, hosted a virtual Masterclass on behalf of the Nottingham, Derby, Leicester Branch of the Chartered Institute of Information Security Professionals on an “Insight into the Murky World of Cybercrime”. The event was well...
Be the first to know about developments in secure information exchange