File Share Solutions-01

Info Sharing & Safeguarding

“It’s not reality unless it’s shared.” – Pete Blaber, The Mission, the Men, and Me

 

Information Sharing is Key

Information that just exists has almost no value. Only when information is analyzed and acted upon does it become meaningful and valuable. Information has built the world around us, and many of our most important advancements have been due to the sharing of information. In today’s hyper-connected world, where information is a valuable commodity, sharing the wrong information with the wrong people is disastrous, especially when that information is important for national security. Information sharing is inevetable, but ensuring the right security is behind it is where the focus should be.

private information key

This is why, in six of the seven objectives of the 2019 National Intelligence Strategy, controlling the sharing of information is mentioned in one form or another. Sometimes the sharing is within the Intelligence Community (IC), but quite often it is sharing with external partners. In its simplest form, external partners fall into two categories: trusted and untrusted. Trusted partners include other agencies, institutions, or organizations within our borders or those of our allies. Untrusted partners would be those same groups but in countries who are not yet our allies, or not as close as other allies, plus individual sources and informants. To make matters even more complicated, sometimes our trusted partners are in untrusted environments or the partnership is only for a single mission. So, sharing information isn’t as easy or safe as it sounds, but it can be . . . with Fognigma.

“[C]ritical decision making data will be made available through modem cloud networking, access control, and cross domain solutions to those who require access.” – Department of Defense Cloud Strategy

 

Fognigma Protects Sharing within Agencies

When Agency A collaborates with Agency B, data needs to flow back and forth in a safe and secure manner. But (and this is a really big but), it has to be tightly controlled so as to share only the information intended. That is, it can’t be everything Agency A and B know, but just those bits of information applicable to the mission at hand. This is the exact reason we call Fognigma’s traceless and encrypted networks Mission Partner Networks (MPNs).

But first, a little background. Fognigma’s patented enterprise software creates networks using strategically leased virtual machines (VMs) spread out over one or more cloud service providers. These VMs work together, forming one network that is wrapped in FIPS 140-2 validated, cascading AES-256 encryption. MPNs are as persistent or temporary as needed, created manually or on a schedule for optimum cybersecurity and conservation of resources.

mission partner networks

Now back to the MPN name, itself. When multiple agencies need to work together, they create an MPN and tailor it to their needs. Inside the MPN, they’ll have access to communication tools (such as traceless phones, secure chat messaging, and encrypted video conferencing) and protected file share.

The key here is that MPNs are brand new networks that are created when agencies need to work together. Resources and components inside the MPN can be shared between agencies and agents on a granularly controlled “as needed” basis. And then, when the mission has concluded, the MPNs are destroyed leaving no trace the networks (and, equally important, the collaboration between agencies) ever existed. This temporary nature of the MPN makes it supremely difficult to discover, which makes its protected data even more secure.

“6,515 breaches were reported [in 2018,] exposing approximately 5 billion records.” – 2018 Data Breach QuickView Report

Fognigma Protects Sharing in Untrusted Locales and with Untrusted Locals

Often on missions agents must venture into untrusted or unsecured territories—places where communicating over the public infrastructure is almost synonymous with handing third parties access to your communications (i.e., interception is a given). When using Fognigma in these scenarios, agents use any device to connect to their agency’s MPN. Once connected and inside their MPN, any data shared is encrypted and invisible to outside eyes and ears.

Information sharing with untrusted assets, such as informants or other sources, is also safer using a variety of Fognigma tools. If such an informant wants to deliver documents and photos, for example, a special link is created that allows the informant to transfer the information without being able to access anything else on the network. It’s like inviting someone into a bare room with no windows where they can store things, but there isn’t anything for them to look at or take and the only door is the one through which they entered. Containerized, for your protection.

encrypted file sharing

Fognigma’s telephony solutions provide two methods of safeguarding information over the phone: encrypted VoIP over cellular infrastructure and misattributed calling. Both methods assist communications to and from untrusted locations and assets. Organizations can create entire VoIP phone networks (complete with extensions and customized inbound and outbound numbers) for end-to-end protected calls. Misattributed calling is accomplished by creating a call chain where phone calls pass through two intermediary numbers which completely dissociates the end users and makes calls appear to be coming or going from local numbers, instead of to or from the agency itself.

“To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.” – Senate Bill S.754

 

Fognigma Protects Sharing with Global Allies

In a world where information is constantly flowing and each day brings new stories of massive data breaches, it’s more important than ever to protect data. When data is traveling between agencies or beyond our country’s borders, safeguarding it becomes crucial (often quite literally a “life or death” undertaking). Whether it’s being shared with the Five Eyes alliance (Australia, Britain, Canada, New Zealand, and the US) or any other countries we’re partnering with, international info sharing must be protected. And not just protected, but also dissociated, as global diplomacy is a precarious (at best) balancing act of working together and putting one’s own best interests first.

As illustrated in the previous sections, Fognigma is ready, willing, and able to assist international information sharing with leading-edge and patented technology, while insuring that information remains secure. Fognigma is also constantly evolving—adding more features and technologies to provide agencies the most secure communications and collaboration tools possible.

For more information on how Fognigma can assist your agency with info sharing and safeguarding, contact Dexter Edward today.

Isometric businessmen with gadgets, work on virtual screens, on-line management of electronic devices, virtual glasses, virtual reality.

Fognigma Bolsters Strategic Intelligence

Strategic Intelligence and the 2019 National Intelligence Strategy

Recently, the Office of the Director of National Intelligence released their 2019 National Intelligence Strategy. The Director of National Intelligence, Daniel R. Coats, stated in his introduction, the purpose of this strategy boils down to a singular goal: “to ultimately keep our Nation safe.” The Intelligence Community (IC) is therefore charged with venturing out into the known and unknown, the safe and dangerous, to collect and analyze the “capabilities, activities, and intentions of states and non-state entities” with the ultimate goal of protecting U.S. national security. This information is used to identify trends and developments to better plan for issues that may arise in the future (Anticipatory Intelligence).

Without the information gathered IC, the safety of our country would quickly erode, falter, and crumble. It behooves the IC, then, to use whatever tools and solutions they can find to give them a competitive advantage in the global arena of information. Fognigma is such an advantage.

Where Does the IC Look?

Since all communication and online activity produces information, the IC has a vast landscape of information to scrutinize. One of the easiest ways to gather data about a group of people is to monitor and study social media. Ah, social media – those freeform beds of communication where people express their thoughts, wants, and observations, quite often with photos and video. Social media has created a culture wherein people feel the need to share everything. For the IC, this is a veritable feast of information.

intelligence community monitoring data

But it’s not that easy. For one thing, many regions and countries have their own social media platforms — often so government agencies can monitor their populace. An outside observer probably won’t be able (or want) to create an account or access another country’s social media — the data collection would be too overt and state-based social media platforms often block outside IP addresses. It would look bad (read: suspect), for example, for an account on a Russian social media site to have a U.S.-based IP address. Fognigma gives the IC many advantages to circumnavigate these issues. How? Well…

Fognigma Gives the IC an Advantage

There are quite a number of ways Fognigma supports the IC’s mission as spelled out in the 2019 National Intelligence Strategy. But first, a quick Fognigma primer. Fognigma is patented enterprise software that gives agencies the ability to create invisible and encrypted cloud-based networks built from strategically leased virtual machines. These networks are dynamically scalable and globally accessible from any desktop or mobile device, over any available public Internet connection. Once users connect to their Fognigma network, they have access to all sorts of communication and collaboration components, such as file share, telephony, video conferencing, chat messaging, and Virtual Desktops (VDI). [We’ll delve into these components more in just a bit.]

network with capabilities

Inside the Fognigma network, users exist in a safe space wrapped in cascading AES-256 encryption. They have access (based on their admin-defined permissions, of course) to the communication tools mentioned above. Fognigma networks and components are activated and destroyed with just a few mouse clicks. They are as persistent or temporary as needed or desired. And when a user leaves their Fognigma network and reaches out to the regular Internet, their IP address will match the specially created exit point from which they egress. That is, a user could join their network in Germany, leave through an exit point in the Middle East and appear (to anyone looking) to be a computer in the Middle East. Then, in an instant, switch exit points and suddenly appear to be a computer in Japan or anywhere else the Agency has set up an exit point.

Fognigma Gives the IC Another Advantage

VDI. The ability to launch a self-contained virtual computer from any standard computer is powerful in itself, but Fognigma VDIs have even more superpowers. Just like Fognigma exit points, VDIs are built on any cloud service provider (CSP) Fognigma is integrated with (as of this writing, 8 of the major CSPs world-wide). Also, just like a user can dynamically switch exit points, so can the end points of a VDI be switched without interrupting operations.

Fognigma Networks span the globe

VDIs are important to the IC’s Strategic Intelligence mission because they are self-contained entities which exist in the cloud yet manifest themselves on any regular computer. They make OSINT activities easier — agents can research any global Internet location (those aforementioned state-specific social media sites, blogs, forums, etc.) without the risk of compromising anything else about their mission or agency.

Fognigma VDIs take the self-contained nature of VDIs to the next level. Imagine if you collected some photographs and had them on a thumb drive. You want to transfer one of them to your VDI and use it in  your operations. With a Fognigma VDI, you can just drag it from the thumb drive to the VDI, without the host computer knowing the file moved across its circuits. So, if you had to make this transfer at, say, an Internet Café, you could do so without the Café’s computer ever having a record of the file transfer. No record equals no association which, of course, is key to covert IC operations.

To go back to the 2019 National Intelligence Strategy, more information allows the IC to better analyze the capabilities and activities of states and non-state entities to learn or extrapolate their intentions. But collecting information is just part of the Strategy; agents also need to safely disseminate said information. Fognigma is ready for that, too.

Fognigma Give the IC Even More Advantages

Briefly mentioned earlier, Fognigma hides various communication and collaboration components inside its encrypted web of invisibility. Agents have access to telephony, chat, and video conferencing tools. They can safely communicate with anyone they need to inside their organization and, using some additional Fognigma solutions, external to their organization — all without exposing their local network. Fognigma keeps intra- and inter-agency communications secure by utilizing containerized communication environments.

Also, to be effective, agents must work together while appearing to be physically separated. This is the other side of the communications coin — Fognigma’s tools allow agents to work together without actually knowing where each other is located. In fact, the whole construction of Fognigma ensures that a failure at one point of contact cannot compromise the entire system. As history shows, association amongst agents can lead to disaster. When an agency uses Fognigma to its full potential, this sort of disaster can be prevented.

Conclusions

In order to advance the directives of the 2019 National Intelligence Strategy, the IC needs to be free to gather information without exposing its true location and intent. It also must be able to communicate in a protected environment to analyze and evaluate said information. Fognigma provides a full toolbox of solutions to assist the IC in its mission to protect U.S. national security.

 

To learn more about how Fognigma can assist your agency or to schedule a demo and see for yourself, contact Dexter Edward today.

bigstock-Isometric-Developing-Programmi-239531632-Converted-01

Ghost (Account) Busters

Be Afraid of These Ghosts

A whisper in an empty office; files moving without anyone there; the eyes of a portrait following you as you pass. Your office has ghosts. Not spectral hauntings that spew ectoplasm, but ghost accounts which haunt your organization’s cybersecurity. Ghost accounts are accounts which have credentials even though there are no longer any active users associated with them. To those attempting to exploit, ghost accounts are like extra doors on the outside of a building: each one is potential way into your network. Once inside, there’s no telling what things heinous exploiters will exfiltrate. Bad is a ghost account only giving an evil third-party entry into your organization; catastrophic is a ghost account which still has access to various file shares, data, and other protected parts of your network.

data leak with ghost accounts

‘But where do these ghost accounts come from?’ you wonder. Well, large organizations have a large number of users. That seems silly to mention, but it is important to spell out. By having a large number of users, quite often adding and removing user credentials take time. Well, to be honest, an organization needs to get the new user up and running as fast as possible, so those credentials and the access they entail are normally set up quite quickly. But when a user leaves an organization (either honorably or dishonorably), often the removal of those credentials is pushed to some later date or merely forgotten. And then your organization becomes a haunted house.

Ghost (Account) Busters

We’ve already written a bunch about Identity & Access Management (IAM) — the process of defining an employee’s role in the company as detailed as possible and then giving them exactly the access they need to do their job (no more, no less). IAM is extremely important for an organization’s internal security when new users are added, but it is equally as important when they leave. IAM strategies need to include the deletion of users and not just the creation. It’s second nature to make sure a departing employee gives back the keys to the office, so should it be to terminate their keys to connecting to your organization’s network.

employee cyber access

But as said before, there always seems time to help a new employee settle in, but never any time once they leave, normally because you’re preoccupied with on-boarding their replacement. And this problem compounds itself if more than one worker is leaving at the same time. All is not lost, however. Fognigma is here to not only protect your network, not only bolster your cybersecurity with leading-edge technology, but also to let you automate a little more than you thought you could.

Fognigma & Active Directory Make It Easy

Many companies use Active Directory to manage all their employees. Fognigma integrates with Active Directory to make IAM even easier. Just as Fognigma’s invisible and encrypted networks and communications help protect an organization, so can teaming it up with Active Directory.  Since Active Directory administrators already have their employees entered in, it would be silly to have them redo all that work when they add the leading-edge tech of Fognigma to their cybersecurity arsenal. That’s why Fognigma can import Active Directory users right into its console!

Active Directory is engaged to activate and deactivate the user. Fognigma, on the other hand, is where admins put users into all the groups they need to do their job. (A Fognigma network has its construction and components microsegmented, with access to each part given only to a specified group. Being in a group, then determines the amount of access a user has to Fognigma capabilities, such as file share, telephony, VDI, etc.) This means the setup of a user when on-boarding is just as easy as it always has been: create user and add permissions.

The brilliance comes when it’s time to say goodbye to a user. When that day arrives, all an admin has to do is deactivate the user in Active Directory. Active Directory then tells Fognigma about the deactivation, Fognigma deactivates the user in every group they were a part of, and the user instantly has all their access revoked at once. Fognigma and Active Directory easily eliminate the risk of ghost accounts haunting your network.

To learn more about how Fognigma, contact us today.

Smart home technology of interface with 3d plan building and internet of things or IOT connected objects. Control safety and automation of smart house. Internet of things isometric technology concept.

Fognigma’s Scheduler Automation: An Oasis in the Cybersecurity Drought

A Cybersecurity Drought

Sure, we don’t all have jetpacks or flying cars as all the science and speculative fiction of old prophesied, but one thing they sure did get right is our reliance on computers. Computers and the Internet are so completely woven into the fabric of our lives that there’s no turning back. The future is here. Yay. The only problem is: with every new technology, there come those who exploit that technology for their own evil ends. And thus, cybersecurity was born to protect the good against the threats of the bad. A big issue with cybersecurity is the manual oversight with protecting your network, imagine being able to implement network automation to more easily protect, create, and break down secure networks.

But there’s a problem which has recently come to light. Though organizations might be able to fully control their investment of time and money into their cybersecurity, they cannot control the amount of people who are qualified to actually do all the cybersecurity-ing.

There will be an estimated 3.5 million unfilled cybersecurity positions by 2021  –Cybersecurity Ventures

Sadly, it’s true: because of the rise in cybercrime, the job pool of cybersecurity professionals just can’t keep up with the demand. Security executives see one of the main reasons for this empty-ish candidate pool is prospective employees lacking the skills and training needed (less than 1 in 4 are qualified, according to a survey by ISACA).

The Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG) back this up in their own survey. Their findings show this shortage actively impacts an organization’s cybersecurity, leading 91% of respondents to conclude most organizations are cyber-vulnerable. Also highlighted in this survey is that 40% believe staff burnout and turnover (as few attempt to do the work of many) strongly contributes to the deficit of cybersecurity employees.

Office Cybersecurity

The US Government has noticed the shortage, as well, and is trying a new program to help train current employees not currently in IT fields to be the cybersecurity workforce of the future. It’s called the Federal Cybersecurity Reskilling Academy and though it’s not considered to be a complete solution, Suzette Kent (Federal CIO) has stated, “[this program] will let us understand the success rate and look to expand and industrialize [programs] across the federal government.” It’s a small step (the first class will most likely be less than thirty), but a step nonetheless in the right direction of increasing cybersecurity training.

In short, organizations need more qualified cybersecurity personnel than currently exist. However, all is not lost. If organizations were able to implement network automation to handle a majority of the usual manual work necessary, cybersecurity would become more of an everyday thing then something dreaded or caused by human error.

 

Network Automation with Scheduler

Let’s start out by saying we don’t think Fognigma is a panacea for the lack of cybersecurity staff, but it is a powerful tool in allowing organizations to better manage their resources. Fognigma (explained in more depth here) lets organizations create invisible and encrypted cloud-based networks which conceal the organization’s communications and collaboration. Fognigma’s networks are built of strategically leased virtual machines (from various cloud providers) all working as one network. Fognigma is patented, proven, and ready to take any organization’s cybersecurity to the edge and beyond.

But there is one key feature of Fognigma which provides this oasis in the cybersecurity desert in which we all find ourselves, and that is the Scheduler interface. Scheduler lets you plan out and schedule your network and component builds. Quite simply, our thought was, ‘If no one is in the house, why do the lights need to be on?’

network automation
Fognigma automates the build of networks, and the teardown of them as well

Actually, that’s not right. With Fognigma, it’s not that the lights aren’t on – it’s that the house isn’t even there and looks like it never was. Or, for example, if your network stays active but you only want your entry and exit points (i.e., where users get into and out of your network) active during business hours, then it’s like the doors on your house disappear at night and reappear somewhere else in the morning. Or, for another example (because examples are fun), you need a video conference server for just Thursday, then it’s as if an entire new room appears in your house with a home theater – but just for that one day.

What Scheduler does is allow you to control when (and where, since you can specify cloud service providers and location for some of the components) your network (in whole or in parts) actually exists. Since all the parts are specialized virtual machines, once they are destroyed, they are overwritten by the cloud provider. They truly cease to be. When you rebuild them with Scheduler, they are completely new with new IP addresses. Back to the house example, this would be like your house disappearing when you go to work and then reappearing in a different configuration in a different neighborhood when you return home, and only you know your new address each day.

Apart from the cybersecurity brownie points the dynamic nature of Fognigma gives you, there is an even more applicable bonus when applied to resources. In most organizations using a standard network, someone needs to be on call 24/7 in case something happens. Since it’s always on, that network is always visible and can be attacked at any time. Even during working hours, if a chat server, for instance, is used for team meetings every Friday, it still exists as a potential exploit for evildoers all the other days of the week. Someone has to monitor everything at all times.

Fognigma allows your cybersecurity team to do more with less. Are we saying you only need a tiny team to protect your organization if you use Fognigma? Not at all. We’re just trying to illustrate how Fognigma will let your team work more efficiently. Plus, if you think about it, there’s a major cost savings in not having everything on when it’s not needed. With an introduction of network automation to your cybersecurity strategy, it becomes less of an extra task and more of something you can depend on.

Back to the ISACA survey: 55% reported that it took at least 3 months to fill open cybersecurity positions, while 32% said it was more like 6 months or more. Whether you are in those percentages and searching to fill your cybersecurity needs or you already have your team in place and just want the most leading-edge protection possible, Fognigma is the twinkling oasis in the cybersecurity desert for which you’ve been searching.

update your software

Cybersecurity New Year’s Resolutions

Happy New Year

The New Year is here, and with it a deluge of resolutions to lose weight, watch less TV, exercise more, eat better, and all sorts of other promises which will be kept for a week or two before tapering off back into regular life. The best of us, however, will actually have the willpower to keep hold of a resolution or two and change our lives for the better. There is one resolution we all should take to heart and make sure we follow through with: bettering our cybersecurity practices.

Now, of course, this resolution isn’t just one easy thing to do. Much like “get in shape,” improving our cybersecurity habits is a multi-prong resolution. But just like “get in shape,” fostering a better total mindthink on a life-change as important as cybersecurity will only make your future easier and safer.

Simple Ways to Improve Cybersecurity

Update, Update, Update!

One of the easiest ways to improve your cybersecurity it to make sure your stuff is updated: programs and devices. Sadly, the rush to get products to consumers often means, upon release, there are holes and cracks in the software and/or hardware’s security. The suppliers of these products realize this and routinely release software updates.

update your software

These updates sometimes add functionalities to the products, but more often than not, they fix errors in the code, making the product more secure in the process. So make a schedule to check for updates for all your things and when you find them, take the time to actually update them. Not only will your stuff work better, it will also be more secure.

IAM FTW!

Identity and Access Management is very important to the cybersecurity of organizations. Basically, it’s first determining a user’s specific role in the organization (Identity) and then assigning permissions based only on what that role needs (Access). Proper Identity and Access Management (IAM) is the easiest way to limit the risk of insider threat, while also limiting external threat should the user’s credentials become compromised. IAM is tricky to implement (as users always want access to more than they need), but just like getting more exercise improves the whole body, IAM improves the security of the entire organization all at once.

Deputize Cybersecurity Rangers!

Though the bulk of cybersecurity is on the shoulders of a few in each organization, those few should make sure the many are informed and actively aware of their own cybersecurity. It is, in a way, a social contract — each user in an organization gives up a little bit of their own rights in order to maximize the safety of the organization. Every user tacitly agrees to be a part of the gestalt solution. And a big part of this resolution prong is information and training.

Cybersecurity Training

Everyone in an organization should have some cybersecurity training since every action from every user affects overall security. Training sessions should be scheduled for everyone, including management (all the way to the top). One of the first things taught should be the danger of phishing.

No Phishing!

We all know what phishing is, but getting an entire workforce always on alert for these sorts of scams is very difficult. Often, they prey on our own willingness to help someone out. An email from the boss near the holidays asking an employee to pick up some gift cards as presents for the board of directors sounds like something that could actually be real. But the knowledge to take a step back and examine the email more thoroughly, to never click on any links from a suspected phishing email, and to let admins know the suspect address the email’s sender (without forwarding any possibly risky message) is invaluable. It is this very knowledge which is important to impart to everyone within an organization. Show a person a phishing email and they’ll be safe for a day; teach them how to recognize and avoid phishing emails and they’ll be . . . well, you know.

phishing attempts

Plan Ahead!

No matter how long a person has been walking, they are bound to, at least once in their lives, trip and fall. The best way to help your organization minimize the fallout from a possible future cybersecurity trip-up is through planning. Starting with IAM plans from an employee’s onboarding, continue planning for everything. Plan for all the training, plan for all the updates. Plan for the policy if a breach is detected and what will be done to secure the breach and recover from the disaster. Make up possible worst-case scenarios and plan for those. Plan for what to do when someone leaves the organization (terminating accounts and credentials, resetting passwords, etc.). Often this last step is forgotten about, leaving a host of possible intrusion points.  And finally, plan for being surprised by something no one ever thought of – but plan on how to keep a level head while adapting to whatever happens. Always being prepared is actually extremely good advice.

Use the Best Tools!

The team behind Fognigma is proud to be creating tomorrow’s solutions for today’s cybersecurity problems. Or, rather, in creating solutions that allow organizations to deftly dodge the deluge of digital duplicity which constantly buffet the shores of security. If you care enough about your organization, your mission, and your users to safeguard them with the best leading-edge protection available, then contact Fognigma today.

Isometric dron Santas hat delivering Christmas gifts and presents. Vector illustration

Scrooge’s Three Ghosts of Cybersecurity

Three Visitations

Just as Scrooge was visited by three apparitions, so shall ye be greeted by three specters. These are not hauntings to change your feelings for the holidays, though. These diaphanous blobs of ectoplasm are here to remind you about cybersecurity and how to think about it as the holidays pass and the new year begins. They are here to show you the three directions you must always look in as you think about protecting your network, users, and organization. Do you feel that chill in the air all of a sudden? Yes, that’s right: The Ghost of Cybersecurity Past has arrived.

Ghost of Cybersecurity

The Ghost of Cybersecurity Past

There’s a knock on your office door. When you open it, you are face to face with the Ghost of Cybersecurity Past. It is small like a child, yet there’s something old about its face. It beckons you to follow it, and you both walk hand in hand into your cybersecurity past. Insert flashback special effects here.

Once in the past, you see how simple cybersecurity used to be. Organizations would set up firewalls to stop intrusion and install virus protection to deal with any viruses which found their way into your systems. Sometimes sites would be blacklisted so employees couldn’t access them. It was an early time, where organizations were slowly coming online for the first time. Things were new. And yet, it was during this time of technological change where the seeds of compromise were planted. (For a wonderful interview with the first person to create a virus, read this!)

Phishing Attempt

This was the beginning, the Ghost shows you, how organizations began to connect together, yet fought hard to remain separate and insulated. The Ghost leaves with a shiver (insert flashforward special effects here), and you are alone.

The Ghost of Cybersecurity Present

But you are only alone for a millisecond before a loud, booming knock shakes your office. It is the Ghost of Cybersecurity Present. This Ghost is not small like your first spectral visitation; this Ghost is a giant. It is the present, after all. The world is all connected, everything is attached to the Internet, and there are malicious third-parties hiding in every nook and cranny waiting to feast on your data. The present of Cybersecurity is expansive, as it strives to protect a global attack surface where over 77% of organizations have suffered some form of attack in 2018 alone.

Gone is just putting up walls and patching holes after they appear. Current cybersecurity must be proactive and seek to shore up weak spots before they become holes. It must evade and obscure, encrypt and disappear. It is as giant an undertaking as the Ghost who is by your side.

Privacy and security

You turn exhausted and you notice the Ghost is similarly spent. And yet it shows you two more things: children hiding in the robes around its feet. “These are Connectivity and Privacy – the two issues that plague all humankind now,” the Ghost explains. Each child grabs and hangs onto one of the Ghost’s arms and you watch as he attempts to balance them. You silently nod, realizing this balancing act is what makes the present state of cybersecurity so difficult: managing everyone’s interconnectivity, while respecting and protecting their privacy. Before you can say another word to the giant spirit, you are alone again.

The Ghost of Cybersecurity Yet to Come

Before you can take three breaths, you feel a presence behind you. Turning, you lift your eyes and behold a solemn Phantom, draped and hooded, coming, like a mist along the ground, towards you. If drifts along, taking you somehow with it, into the future of cybersecurity.

Clouds roll in and lightning flashes. In front of you, there are no more wires. There are just vacuum cleaners talking to microwaves talking to thermostats talking to computers talking to cars talking to cell phones talking to cloud storage talking to…. well, you understand.

Iot isometric Device


In the future, everything is connected and nothing exists in an isolated state. All new electronics access the Internet to provide more services to the user. It’s as if the digital world is made of whiffle balls — little points of access surrounded by holes that third-parties can exploit. The battlefield of the cybersecurity warrior of the future is one who instantly goes on the offensive when bringing a new device, network, or user online. One who moves their defense all around them, dynamically altering it as they go; one who appears to be one place and then another and then nowhere at all.

The future of cybersecurity is both terrifying and exciting — exciting because of the new tech which will be developed, but terrifying because each new connected device is also a new attack surface, so compromise can come from anywhere (not just the single point of entry from a modem like in the past).

But don’t be afraid. As the Ghost of Cybersecurity Yet to Come pulls back its hood revealing a sickly, skeletal form (looking ever so much like the Grim Reaper), you are reminded of the Death Tarot card. In Tarot, the Death card represents change. The Ghost is reminding you of the change that is to come in how you deal with cybersecurity, spurring you on to embrace that change. And then it is gone.

Bonus Ghost: Marley

You are left standing in the room where you started. No one is around, and no time has passed (the Ghosts have those timey-wimey, Twilight Zone skillz). There’s a lot of work to do. ‘But the title there mentions a bonus Ghost,’ you wonder, ‘where and who is this extra apparition?’

The fourth Ghost, reader, is the one writing these words. The one warning you to look to the past, present, and future as you craft your cybersecurity plans and processes. The one showing you the best way to prepare for the future is to combine the visions each Ghost showed you into one ever-evolving plan; the one who puts a little plug at the end of this night of visitations for an enterprise software product which can bring you leading-edge technology, the future of cybersecurity, today. That product is Fognigma.

Learn more how Fognigma can give your organization more than a ghost of a chance.

Network dissociation

The Importance of Being Apart

Playing on a Team

Working for an organization means working on a team – a group of people who, even if they are working in different sections on different projects, are all contributing to a common goal. But there are many times when a mission demands the team to not seem like a team for safety, secrecy, or other reasons. That is, the team must still work like a team but not seem to be connected to each other like a team. This is a very difficult thing to achieve – unless you’re using Fognigma! Network Dissociation or generally obscuring your identity can play a big part in thwarting people from obtaining your sensitive information.

Fognigma – In Brief

With Fognigma, your organization has the power to create your own invisible, encrypted network. Fognigma networks are constructed from randomly leased virtual machines (VMs) which reside on cloud networks in five continents. These VMs are spread out over the world, however they function as one unified network. This patented process is unique to Fognigma, and what makes it the most powerful tool for secure communication and collaboration on the planet. And it’s inside this network where your telephony, file share, chat servers, etc., all live – protected and safe. The ever-changeable nature of Fognigma networks which prevents an Internet pattern-of-life from developing (i.e., the things you do every day online which can be used to identify you). You can still do these things, but they will be separated from your online identity – who and where you really are. This is called dissociation and it is very important to the success of many organizations and missions.

Fognigma Virtual Machine
Fognigma Networks are constructed rom randomly leased virtual machines

But First, An Example of Association

If you go into Store A wearing a lime green cowboy hat on Tuesday and wear it going into Store B on Thursday, an observer will definitely see a person wearing the same unique hat. It is then a pretty safe assumption that the person who was observed on Tuesday and the person who was observed on Thursday are, in fact, the same. Once this is deduced, more connections can be made. The observer could enter the stores after you and, due to their crafty nature, discover information about what you purchased. They can then draw connections between the products you bought. If you purchased eggs, flour, baking powder, and baking soda from Store A and sugar, butter, and milk from Store B, then it could be inferred you are going to bake a cake.

Association
Private and Personal information can be shared easily, just by viewing you

But let’s pretend the observer watches more. On Friday, they view a car pull up in the park and that lime green cowboy hat come out. Now they know the make and model of your car, what state it’s registered in, that you probably have two children (based on the stick figure sticker on your rear window), your license plate, and possibly your car’s VIN number (depending on their location and the zoom power of their binoculars). They also see another person exit your vehicle and observe that you are carrying a cake. (See? They were right!) The observer watches the other person blow out candles on the cake and then the two of you share a slice, sitting quite close together. As you feed each other bits of cake, the observer views similar rings on each of your left hands. Your watcher now concludes you and this other person are married – but more than that, they know what your spouse looks like and their birthdate (give or take a few days). The observer focuses on the cake and sees the worlds, “Happy Birthday, Taylor,” and now they know your spouse’s name. All this private and personal information about you and those around you, discoverable because of associating the movements of someone wearing a lime green cowboy hat.

Why Network Dissociation is Important

As you can see in the above example, associating things is how people learn about who you are, who you’re with, and what you’re doing. For organizations, businesses, and missions, having full control over what others know about you is essential. The above example also illustrates how one tiny association can be enough for a third party to learn an awful lot about you. Now imagine how much could go wrong if you were working on a top-secret development project or part of a hostage rescue mission and adversaries were able to put pieces together and figure out not only who you are, but also information about your team, organization, mission, etc. It could spell anything from a small financial loss to a major catastrophe with casualties. The best way to approach your business is to remain as separate and as dissociated as possible.

How Fognigma Dissociates

Fognigma has multiple ways to dissociates you from everything. Let’s assume your network admin has Fognigma scheduled to automatically burn down at the end of the day and rebuild the next morning. This is the first path in your journey of dissociation. Since each day your network will be made from different virtual machines in different data centers on different clouds in different parts of the world, the network you travel on is already dissociated from every previous incarnation of itself.

fognigma globe network
Fognigma Networks Span the Globe

Since you have access to multiple exit points from your Fognigma network, you can pick a new one of those each day (or change during the day with just a click) to add even more dissociation. All your traffic will appear to emanate from the exit point. So, for instance, if you are working in Ohio, but going through an exit point in Hong Kong, it will appear to anyone watching your traffic that you are in Hong Kong. And with a simple drop-down menu change, you can instantly be in Spain, South Korea, India, the US, or anywhere else you have an exit point.

But it gets better – more disassociate-y. Your network admin has also created your Fognigma with a few dissociating joints, which your traffic passes through once you enter and before you exit to the rest of the Internet. dissociating joints do just what their name describes: they obfuscate who/where/what/why you are even more. Passing through each one shatters all your details; passing through all of them cranks your dissociation level to 11.

But it gets better. Your admin is also using Portal Proxies. This gives each user a unique URL from which to access your Fognigma network, so every single user looks like they are going to a different location. No one appears to be heading to the same place. Everyone appears to be separate. No one looks like they work for the same association (i.e., dis-association).

portal proxies
Portal Proxies are a component to Fognigma

But it gets better. You click on your unique URL and access a Virtual Desktop (VDI) on your Fognigma network. You access this VDI as an anonymous entry point, and from this VDI you exit to the Internet and do your browsing. When you are done, the VDI is destroyed, leaving no forensic footprint. You have become so dissociated by now, you might not even know who you are any more.

As you can see, Fognigma is capable of many layers of network dissociation – from what is provided by the innate structure of a Fognigma network to adding on more and more layers. Sort of like peeling an onion, but instead of peeling the layers off, you are adding them on around you, forming shell after shell of Fognigma-created power, guaranteed nothing but tears for anyone attempting to figure you out. Fognigma makes sure (callback time) to hide your lime green cowboy hat in a white box in the middle of a snow drift in the dead of night: completely invisible.

 

Software, web development, programming concept. Abstract Programming language and program code on screen laptop. Laptop and icons company network . Technology process of Software development

Fognigma Version 1.4 Has Been Released

Fognigma v1.4 brings a host of new and powerful features

Herndon, VA – Dexter Edward is thrilled to announce the release of Fognigma v.1.4. Fognigma still creates invisible and encrypted cloud-based networks full of communication and collaboration components, but now it has added some important new features. Fognigma is now FIPS 140-2 Validated and has added a wolfSSL TLS 1.3 layer to its already-unprecedented level of security and anonymity. Update 1.4 gives users the power to transfer files from a USB drive directly into a Virtual Desktop (VDI) completely bypassing the host computer. Plus, with the new Active Directory integrations, admins can import users from their already existent Active Directory straight into the Fognigma Console, greatly speeding up the onboarding of users.

“We are proud to bring even more abilities and security to our customers in Fognigma v1.4. We have raised the bar once more, while continuing to enhance the utility and capability of the system for the end users,” said Cael Jacobs, Dexter Edward’s Chief Technology Officer.

These new features (along with many under-the-hood updates) mark even more leading-edge advances Fognigma is making in the realm of communication security. Fognigma is ready to give organizations the power to create encrypted and invisible networks which hide all their communications and collaboration – now with even more superpowers.

About Dexter Edward:

Dexter Edward LLC is the premier integrator of secure, encrypted, and traceless communications and collaboration systems. We provide commercially available products ready for immediate implementation. Our solutions allow organizations to create invisible network spaces for multilateral, inter-agency cooperation without the risk of intrusion by external forces; provide an encrypted means to obfuscate Internet traffic and misattribute the connectivity of users; and safeguard communications, intellectual property, users, and other organizational assets. These solutions are ready to assist agencies (within the Department of Defense, Intelligence Community, Law Enforcement, and other organizations) to achieve mission success.

We are committed to providing organizations the enterprise software solutions they need to protect their communications, users, and data. This is what drives our business. Dexter Edward’s founders, investors, and employees are all American citizens and have a combined experience of over 150 years in cybersecurity and network development.

Defend-Forward-2-01

Defend Forward – Cloud Smart

A Change in Cybersecurity Tactics

The 2018 Department of Defense Cyber Strategy was released on September 18, 2018, and set the cyber-world humming. The path of cyber defense is shifting. No longer will cyber defense (at least as they DoD views it) be content to building a wall and making sure nothing breaches that wall.  The new directive is for cybersecurity to “defend forward to disrupt or halt malicious cyber activity at its source….” But what exactly does this mean?

Defend Forward

“The Department must respond to these activities by exposing, disrupting, and degrading cyber activity threatening U.S. interests, strengthening the cybersecurity and resilience of key potential targets, and working closely with other departments and agencies, as well as with our allies and partners.” -2018 Department of Defense Cyber Strategy

As you can see from the above quote, cyber defense is, in essence, going on the offense. An easy way to visualize this is by picturing a phalanx of hoplite soldiers in Ancient Greece. They have their protective shields in place and they are in close formation – amazing protection from any attack. However, they don’t stand still. They march forward and engage the enemy. They are bringing the defense toward the enemy’s position and using their defense as part of an offensive plan. They are, to bring it back to the new cyber strategy, defending forward.

defend forward

This is what the DoD plans for the future of cybersecurity. Rather than that waiting for the threat to attack, Defending Forward has your cyber defenses move forward to meet the attacker or, preferably, engage the threats before they can attack. It is an aggressive defense, but one that is needed in today’s ever hostile world. But that’s not all. Not only must we change our defensive tactics, we must also evolve our thoughts on the cloud.

Cloud Smart

 “Cloud Smart is about equipping agencies with the tools, knowledge, and flexibilities they need to move to cloud according to their mission needs.” – 2018 Federal Cloud Computing Strategy

According to the most recent (recent as of this time of writing – October 2018) draft of the 2018 Federal Cloud Computing Strategy, the Office of Management and Budget (OMB) is adding a new spin to how government should think of and interact with the cloud. The new Cloud Smart initiative is a trident approach to being safe on the Internet: security, procurement, and workforce.

First, Cloud Smart calls for a modernization of cloud security. Network security at the outer layer should no longer be the be all and end all – the necessity for security throughout a network is imperative, expressly surrounding actual data stored on the network. The Cloud Smart strategy points out that data is key, and it is an agency’s responsibility to the public to keep that data safe and secure.

office cybersecurity

The procurement tine of the Cloud Smart trident deals with giving agencies the power and knowledge to purchase the proper security products for their agency. But unlike the past, where each agency gets whatever it has found on its own, agencies are encouraged to share. In fact, the push is to standardize security products across all agencies.

The final prong of the Cloud Smart trident deals with the actual workforce of government agencies. To paraphrase the OMB, key cybersecurity talent needs to be recruited and/or grown and trained from current personnel. These new cyber-warriors will be responsible not just for cybersecurity, but also for procurement and engineering of Cloud Smart solutions.

Fognigma is Cloud Smart and Defends Forward

Fognigma is a patented enterprise software solution which creates secure, invisible, and encrypted networks on the cloud called Mission Partner Networks (MPNs). It does this by taking randomly leased virtual machines from multiple cloud servers and connecting them to form one network. Inside these networks are all the communication and collaboration tools organizations need for mission success: traceless telephony, encrypted file share, secure chat messaging and video conferencing, and virtual desktops (VDI) with Fognigma-unique features. These networks exist over public infrastructure yet are invisible to spying eyes.

Every connection in a Fognigma network is wrapped in cascading layers of AES-256 encryption using two separate encryption libraries, OpenSSL and wolfSSL, for added security. This encryption protects the connections that make the network, but also all the connections inside the network. This provides protection at the outer layer of the network, but also surrounding the data stored inside – just like Cloud Smart dictates. Plus, Fognigma is FIPS 140-2 validated.

Fognigma offers even more protection by giving admins granular user controls. Fognigma protects against threats from the inside, as well, by letting admins set which users can access which tools, folders, and files – controlling even the type of access each user has (read only, write, etc.). And Fognigma does all of this without any third-party access or oversight – you own it and you run it.

granular controls for admin

Fognigma’s MPNs are designed to allow for the easy collaboration of multiple agencies without disrupting or endangering each agency’s users or data. In our experience, once an agency gets a taste of what Fognigma can do, it wants Fognigma for its own operations. We completely support that choice (and so does Cloud Smart)!

Fognigma embraces the Defend Forward mindset. Since MPNs are built across multiple cloud providers, they can reach out into over 50 regions spread across 5 continents. Fognigma lets you boldly go into any part of the world your mission dictates. You will advance upon the enemy, yet they will not know you are there due to the invisible nature of MPNs. In fact, MPNs defend forward a little differently from other networks. They defend forward in space, but they also defend forward in time.

Let’s explain. Fognigma lets you extend your network, part of your network, and/or one or more of your communication components into enemy territory – you have defended forward in space. But Fognigma also gives you complete control over when the network, parts, and/or components exist, giving you the ability to defend forward in time. Because Fognigma acknowledges that “always on” isn’t always desired – both for conserving resources and extra security – it gives you the ability to manually or automatically, on a schedule, remove components, network parts, or the entire network. Or, conversely, you can add to your networks. Basically, your entire network’s topography can be constantly in flux; you will be defending forward by being everywhere and nowhere, seemingly at the same time (like Schrödinger’s network). Your shields will forever be raised, yet your troops will be constantly and silently moving around the battlefield defending forward in four dimensions (i.e., in space and in time).

Fognigma combines all the best parts of the Cloud Smart strategy with a solid Defend Forward stance. With Fognigma, your organization will be able to protect itself while not having to sit still hiding behind walls. It can move, it can flow, it can adapt to any situation. Your organization will be able to smartly glide through the cloud towards mission success, while defending in all directions. This is why we can proudly say: Fognigma helps you Cloud Smart while Defending Forward.

Isometric flat 3d abstract office floor interior departments concept vector. conference hall offices workplaces director of the office interior

What is Identity and Access Management (IAM)?

In the workforce, identity isn’t really who you are. It’s not your name, age, shoe size, etc. Your identity is your place and role within the company. Think of what your job title is and add all the other things you do. That’s your Identity (which we will now be capitalizing to distinguish it from your identity (name, age, shoe size, etc.)). It sounds simplistic, but knowing your Identity is extremely important for your cybersecurity team. Why? Because knowing your Identity allows you to be given the proper access to your company’s data and networks. Identity and Access Management (IAM), then, is accurately and precisely defining your role in the company (Identity) and making sure you can only use the tools and data you need (Access) to do your job.

IT Department
Your role plays a part in your identity

Identity and Access Management Issues

And still you are probably thinking this sounds like something basic and easy to do – but it’s not. Almost everyone can agree that the job description they were hired for isn’t exactly the job they ended up doing. It takes time to settle into a workplace and really get a feel for your true role in the company. In fact, in the 2018 edition of the Cyber Defense Magazine, Ketan Kapadia, VP of IAM at Herjavec Group, says it can take 6-8 weeks to complete a solid Identity Access Management assessment of an employee. That is a huge time to be in cybersecurity flux.

But a company can’t sit around on its elbows waiting to figure out an employee’s Identity and then grant access to network resources, files, etc. Access needs to be given (in some form or another) as soon as the employee starts. So, what happens? Access to resources is granted based on a guess of what the employee needs, the bare minimum based on the job description, or (horror of horrors) everything (just to make the sysadmins’ job easy). Many times, this last possibility wins out due to time constraints (because time = money, you know). None of these situations is good for cybersecurity, your workforce, or your company. 

Fognigma with the Identity Access Management Assist

Fognigma builds its Mission Partner Networks (MPNs) out of randomly leased parts on multiple public clouds. MPNs are a collection of parts, but they function as a whole. They are invisible to the outside world of evildoers and protected with two layers of AES-256 encryption between all the parts. And inside the MPN with its stealthy ephemeral style, reside components for secure communication, your files and data, and the see-through playground in which your users work. [For a more detailed explanation of Fognigma, click here.]

Identity and Access Management

Now you know the patented Fognigma engine lets you create a powerhouse of cybersecurity for your company. But that’s not why we brought you here. We want to showcase how Fognigma can make IAM easier to implement, and it does it with three words: granular user controls.

Granular user controls let the MPN’s administrator set precise permissions for each user. It’s still up to you and your company to determine your users Identities, but Fognigma makes adding users and granting/changing/removing Access as simple as a few mouse clicks. No more guessing all the permissions someone needs. No more just giving in and granting everything (while putting your entire organization at risk) because the Access management part doesn’t take a chunk of time anymore.

Because one aspect of cybersecurity that is quite important is speed. The faster you can deal with situations, the better. And the faster your team can manage an employee’s Access, the less chance of “no time” being an excuse for sloppy IAM practices. Fognigma give you the IAM speed you need and the controls to make sure your Identities have exactly the Access they require.