Transferring information between secure information systems often include label management, i.e. checking that security labels have been assigned to a document and that the document has the correct label to permit it to be transferred between information systems.
A starting point is that a SecuriCDS ZoneGuard can be placed between information systems to verify that the information to be transferred carries a security label, and that the security label adheres to set policy to permit it to be transferred.
This means that if the information does not carry a security label, or that the security label is not permitted against set policy, the information will not be transmitted between information systems. (For example; information labelled SECRET is blocked from being transmitted between systems where policy dictates that only information up to level CONFIDENTIAL is permitted).
Adding Information inspection and/or verification of digital signatures for improved confidence
A risk with relying on security labels alone is that a piece of information is labelled incorrectly, either by mistake or on purpose. In this case, a simple labelling management solution will not pick up on this.
The SecuriCDS ZoneGuard permits additional rules to be set for validation, which opens up for adding functionalities such as message inspection, etc. Therefore, a piece of information labelled CONFIDENTIAL in the example above, may be blocked if there somewhere in the information is mentioned certain terms, e.g. “abc123”.
In addition, the SecuriCDS ZoneGuard can also inspect that the piece of information has been digitally signed by an approved individual or system.
To sum up, the SecuriCDS ZoneGuard can be used to combine rules against which information is validated based on different criteria, which significantly strengthens the ability to ensure that only approved information is permitted to be transferred between information systems.
Read more about SecuriCDS ZoneGuard at advenica.com/en/cds/securicds-zoneguard