Richard Kistruck, Security Architect at Oakdoor, part of PA Consulting, investigates whether your access control and CCTV systems are putting you at risk.

Connected building access control systems and CCTV cameras extend the attack surface of your organisation’s IT network.

How can Cross Domain Solutions and data diodes defend organisations from threats like these?   

Most organisations understand they must segregate their Information Technology (IT) networks from their Operational Technology (OT) networks – because the threats and the assets at risk, are very different.    

CCTV and access control systems should be considered ‘OT’, because they are specialist and often legacy systems and yet they have a unique threat exposure profile. 

They must be sited in accessible areas, which makes every camera and card-reader a vulnerable point. 

But the system cannot be isolated either: edge devices must connect back to the central controllers, which must link back into your core IT.  So how can this be done safely?  

Cross Domain Solutions  

Cross Domain Solutions (CDS) are arguably the modern best practice for such an IT/OT link and offer far better protection than a simple airgap or a firewall.

They are an architectural pattern now championed by the UK’s NCSC (National Cyber Security Centre).  

The Cross Domain Solution approach secures every aspect of getting your data across the boundary from one domain to another. 

This includes data inspection, one-way data flows, and defence against protocol attacks.  A good CDS defends its own integrity and is easy to manage.  

That’s very different from a traditional ‘airgap’ approach, which in practice is always aspirational. 

At some point you will need to move data across and that moment becomes a high-risk event that relies entirely on people who are ‘only human’. 

It’s also very different from just using a firewall between domains.

While it obviously affords much richer data exchange than an airgap, when you assess its security a firewall only rates as ‘mostly safe’.

Firstly, firewalls do not ruthlessly sanitise every part of the data they let through.  Secondly, firewalls are largely controlled by a very complex body of software.

Despite every care, that software will have vulnerabilities, and once exploited there’s often no second line of defence. 

The CDS approach was designed to tackle these concerns.  

Importance of data diodes in CDS   

In the centre of the CDS is a data diode: purpose-built hardware, sitting exactly on the boundary between one domain and the next, where the data handover occurs. 

Exposed to both domains, it’s the most critical component.   

At a minimum, the data diode hardware ensures data flow in one direction only. 

So, depending on the scenario, the diode’s fundamental physical circuitry can defend you from infiltration of malware, or exfiltration of information.

For example, this could allow your IT network to send updates to your access control system, while blocking any possibility of an attack in the other direction.  

Modern data diodes do more: they act as a ‘protocol break’, stripping away all the ‘network packaging’ that data arrives within. 

Only the data itself gets through. 

This defeats attacks smuggled in lower levels of network protocols.

And advanced data diodes go further, with hardware that checks and rejects any data that does not match specification. 

Historically, data diodes were exotic, expensive, and tricky to use.

However, companies such as Oakdoor, part of PA Consulting, have developed revolutionary data diodes with these capabilities, that are far simpler, more performant, and more cost-effective than historical alternatives – while remaining equally secure.

This brings practical and affordable diodes within reach, even for the highest levels of classification where certification such as NCSC’s CAPS approval is required.   

The NCSC now publishes detailed guidance for safely importing and safely exporting data, to help organisations across a growing number of sectors adopt this approach. 

It’s no surprise – as we rely on data more, we need to defend it better.  

The upside  

The CDS approach allows transformative data links that bring cost savings, reduce risks, increase reliability, and enable an organisation to work more nimbly and efficiently. 

For example, with access control and CCTV, your organisation can safely gain access to instant alerts and long-term metrics that transform your responsiveness and future-planning, while simultaneously strengthening cyber-security.  

To get started, consider your security domains, the data that currently flows across those boundaries, and all the data you wish could flow across – if only you could do so safely. 

Implementing a Cross Domain Solution requires a solid understanding of your infrastructure, a thought-out plan, and the right partners and products.

It can seem daunting, but the important thing is to make a start on this best practice.

Your data’s value to you and the importance of keeping it secure from others, will only increase.  

This article was originally published in the October Edition of Security Journal UK. To read your FREE digital edition, click here.