Import of 3rd party antivirus and software updates are, also for many sensitive environments, required. However, importing software into a high security environment provides a risk in terms of opening up a potential channel for attack.
- The update channel being used for unauthorised access to extract sensitive information.
- The update channel being used to inject malware.
- The update channel being used to operate a command & control attack through a Trojan.
A SecuriCDS Data Diode is used to ensure that information can only pass into the information system. This eliminates the risk of unauthorised access and information extraction, as well as the risk of operating a command and control channel through a Trojan.
Following this, a SecuriCDS ZoneGuard is used to validate that the information carries the authorised signature of the 3rd party supplier, and that the files adhere to a set format. This significantly reduces the risk that the channel is used to inject malware.
Read more about SecuriCDS Data Diode at advenica.com/en/cds/securicds-data-diode
Read more about SecuriCDS ZoneGuard at advenica.com/en/cds/securicds-zoneguard