Archive | Secure Information Exchange RSS feed for this section

Building an Information Exchange Gateway

10 Feb

In my last blog post I looked at what Information Exchange Gateways (IEGs) were and why they were so popular at the moment. In this post I will look at how you go about putting together a solution to solve the problem. Continue reading

Browse Down

27 Jan

Over the last year or so, our customers in high assurance environments have been very interested in the concept of “Browse Down”. What does Browse Down mean?

Continue reading

An introduction to Information Exchange Gateways

19 Jan

Today marks the beginning of an exciting week for me. I am on site at one of our major clients installing an Information Exchange Gateway demonstrator that I’ve been working on for the last few months. Over that time I’ve seen a growing amount of interest in Information Exchange Gateways (IEGs) from various military organisations, so I decided that it was the right time to start a mini series of blog articles on the topic. Continue reading

To Stop Data Theft, Disconnect From The Internet?

13 Jan

At the back end of 2014, Forbes published a great article “To Stop Data Theft, Let’s Start Disconnecting Computers From The Internet

The last paragraph says:

Some corporate and government data simply doesn’t belong on the Internet. Why is that so hard to understand?

A good question indeed. 
Continue reading

Guards are not Air Gaps

9 Dec

“An air gap is a network security measure that consists of ensuring that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an unsecured local area network.”  (Wikipedia)

Note the emphasis in the word physically.

A number of forums have discussed whether data diodes are equivalent to air gaps in one direction, including a number of articles on Cyber Matters.   In reality you can argue it both ways.

Continue reading

Validating the Payload

10 Nov

In the blog Secure Delivery of a Payload we discussed how secure information exchange consists of two distinct elements: the information you need to convey – the payload, and the technical method used to carry the payload – the protocol. Attackers wishing to break into your network can exploit either of these: the protocol or the payload.
Continue reading

Secure Delivery of a Payload via a Protocol Break

21 Oct

A secure information exchange consists of two distinct elements: the information you need to convey – the payload, and the technical method used to carry the payload – the protocol. Attackers wishing to break into your network can exploit either of these: the protocol or the payload.

In this blog we briefly look at protecting protocol-based attacks. In a future blog we will look at content-based (payload) attacks.

Continue reading

Diodes are Diodes, Guards are Guards

15 Sep

Over the last 3-5 years Data Diodes have grown in popularity as a solution for moving data between isolated networks. With this has come creative marketing to leverage the term ‘Diode’ for solutions that are anything but.

Let’s just take a few moments to revise some of the fundamental modes of secure information exchange.

Continue reading

Building the Guard

25 Feb

Okay. We’ve analysed the problem, we’ve produced an excellent design, and we’ve got our security approach nailed down. It’s time to get our hands dirty and actually build it.
Continue reading

Nexor Directory Guardian

21 Jan

As readers of this blog will know, NEXOR have recently moved offices. Part of the culture of the new building is a less clutter.  The journey involved opening many cupboards and draws that had not seen the light of day for a long time… until now…
Continue reading