One-Way Data Flow, Secured by Design
March 30, 2018
Let's address the news.
We thought long and hard on what to write about for our first blog post. It’s a special milestone! But it was inevitable that we address the current news headlines around cyber-attacks, the risks and the strategies to fight these threats. The New York Times recently published an article announcing the Russia hacking of utilities and critical infrastructure. Though some infiltration did occur, this was solely and specifically on the network side, operations were untouched. This is thanks to a hardware-enforced security technology called a data diode.
Traditional cybersecurity solutions are susceptible to getting hacked for one of two reasons:
- Some kind of flaw in the software configuration or operation of the solution exists and can be exploited. These flaws manifest themselves in many different ways but the bottom line is that a mechanism exists where by an intruder can bypass or disable the security barriers that have been put in place to stop them. These flaws or vulnerabilities are discovered on a very frequent basis across all kinds of devices and are constantly in the news, putting companies and digital assets at risk.
- The second kind of failure is the compromising or stealing of legitimate credentials, through social engineering, phishing, etc., that allow an intruder in through a verified and legitimate access point.
Fortunately, data diodes are not susceptible to either of these two methods of network compromise. The first reason cited above is thwarted by the hardware design of a data diode. Data diodes rely on hardware enforcement, which cannot be changed or manipulated electronically and therefore there is nothing to exploit.
The second reason identified above is thwarted by the operational characteristics of a data diode. The hardware of a data diode only physically allows data to move in one direction, therefore even with legitimate credentials, an intruder cannot hack into a network through a data diode. Without the shortcomings of a software solution, data diodes cannot be hacked or used as a threat vector into a network.
What does Owl bring to the table?
Owl Cyber Defense has been providing this unique and relatively unknown cybersecurity technology to the market for almost two decades. Our devices are based on a proprietary hardware design which maintains absolute control over the one-way flow of data, enforced by the laws of physics. At its most basic level, a data diode only operates based on the circuitry it contains – an LED sends data to a photo-receiver, one-way, with no physical return path. It is not reliant on software applications, permissions, signatures or configuration parameters (all of which can be changed and compromised) to perform its job.
If they’re so great, why don’t we hear about them all the time?
A few reasons:
- They are a security device and most users don’t like to disclose how they are protecting their networks.
- They work at the network level and most people aren’t familiar with how networks operate.
- They were initially adopted by the U.S. Department of Defense, Intelligence community, and other government agencies and there wasn’t a lot of publicity around them for good reason.
- They operate in a more secure manner which requires network designers and security teams to plan a little differently. However, the increased security is well worth it to ensure data is protected, client/customer information and operations are secure, and vital systems like the power grid are stable and reliable.
How can we mitigate risk and ensure security across networks?
Organizations are actively decreasing reliance on software and firewalls for cyber defense and opting for hardware-enforced security that is much more reliable and completely unhackable. According to Gartner, cybersecurity spending is expected to exceed $1 trillion by 2021. Because of this growth, we’ve seen rapid adoption of hardware-enforced security, and thousands of data diode deployments globally. It’s clear that cybersecurity needs and requirements have changed drastically, which is why we continue to innovate and provide solutions for industries expanding well beyond the military and intelligence community. Data diodes are now in use across a wide range of industries: oil & gas production, financial services, transportation, telecommunications, power generation / transmission / distribution, water / wastewater, universities, and manufacturing to name a few.
Owl products are verified, authorized, and certified by the U.S. federal government, including various departments and agencies, NATO, and a number of independent third parties.
- Data diodes cannot be hacked
- Data diodes are used in the most secure, most trusted networks in the world
- Data diodes are used in a wide variety of use cases
So now that you have the general gist of the security advantages of data diodes, for even more information, download our free eBook – The Definitive Guide to Data Diode Technologies.