Addressing Security Holes in Air Gapped Environments
As IT and security deployments migrate to the cloud, security gaps in air-gapped systems can be created unless attention focuses on threats such as data transfer from external storage media – for example, USB devices. Paradoxically, many agencies continue to maintain critical systems and data on air-gapped servers or on systems running end-of-life operating systems.
The U.S. Department of War maintains critical air-gapped systems even as it transfers more of its systems and activities to the cloud. Using a positive security model, which identifies software with a known degree of trust, only allowing access to trusted resources, assumes that unknown software is not to be trusted and requires that trust be assigned before granting access and usage.
Learning Objectives:
- Identify the types of security holes that free tools do not address
- Walk through scenarios where a trust-based approach to content approval provides protections that address those gaps
- Outline best practices and methodologies for all DoW agencies, including designating trusted publishers, and custom rules that provide more granular control, allowing files to be approved by path, process and users
Speaker Details
Mark Krzysko
Retired Principal Deputy Acquisition Policy
and Innovation Director, Enterprise Information,
DOD
Carlos Soto
Senior Industry Consultant,
Radix
Garrett Lee
Regional Vice President, Enterprise
Security Group, Broadcom
John Breeden II
Contributing Editor,
FedInsider
Event Topic
Cloud Computing, IT, SecurityRelevant Audiences
All State and Local Government, All Federal Government, National Guard, Air Force, Coast Guard, Navy, City Government, County Government, Municipalities, State Government, Central Intelligence Agency, Department of Agriculture, Department of Commerce, Department of Defense, Department of Energy, Department of Health and Human Services, Department of Homeland Security, Department of Housing and Urban Development, Department of Interior, Department of Justice, Department of Labor, Department of State, Department of Transportation, Department of the Treasury, Environmental Protection Agency, Equal Employment Opportunity Commission, Federal Aviation Administration, Federal Communications Commission, Food and Drug Administration, Federal Emergency Management Agency, General Services Administration, Government Accountability Office, National Aeronautics and Space Administration, National Institute of Health, National Security Agency, U.S. Agency of International Development, U.S. Census Bureau, U.S. Office of Personnel Management, U.S. Postal Service, Veterans AffairsOther Agency
Office of the President (includes OMB), Other Federal Agencies, Judicial Branch Agencies, Foreign Governments/Agencies