Defining the Landscape
This post builds upon the concepts and definition laid out in What are Out-of-Band Communications?. We’ve included the definition of out-of-band communications for easy reference.
Out-of-Band Communications [out-əv-band kə-myo͞o-ni-kā-shəns]
noun
- Any alternative channel for communications operating outside the standard, primary network or systems used by an organization for everyday operations.
- Channels providing an alternative pathway for data transmission, especially crucial during times when the main channels are compromised, unavailable, or unsuitable due to security concerns.
- While these provide a crucial alternative, their inherent security is not guaranteed.
Secure Out of Band Collaboration™ [si-kyoor out əv band kə-lab-ə-rey-shuhn]
noun
- A specific variant of out-of-band communications that further addresses security, transparency, and independence from corporate infrastructure requirements even when enabling organizations to meet governance requirements.
- Channels providing an alternative pathway resilient against reconnaissance and surveillance, including credential compromise attacks on admins, users, and reviewers.
- Inherently secure by design, extending zero-trust, keeping the provider AND their suppliers, partners, and providers locked out of sensitive communications / attachments.
- An out-of-band communications solution addressing the following requirements:
- Requirement #1: It must be standalone
- Requirement #2: It must be more secure
- Requirement #3: It can’t sacrifice controls
The imperative for secure communication
When was the last time you thought about your out-of-band communications options during a breach? Do you even have a concrete option identified in your Incident Response (IR) plan?
In a world where communication breakdowns can lead to operational paralysis or worse, the role of out-of-band communications as an emergency conduit is well-acknowledged. However, the narrative changes when these emergency channels themselves are scrutinized from the perspective around the dual, often-at-odds, enterprise requirements of enhanced security and transparency.
While smoke signals, telegraphs, and even tin-cans on a string are all obviously absurd substitutes for modern communications platforms, are Signal or WhatsApp, common go-tos during a crisis, really that much better for enterprises? How would you address a rogue insider with access to sensitive communications channels on these platforms? Would you be able to produce an after-action report or audit trail of communications with proof of its completeness and veracity? While they may be ‘out-of-band,’ consumer privacy solutions lack user management, policy enforcement, and centralized governance.
The Secure Out of Band Collaboration™ Difference
Secure Out of Band Collaboration™ is a paradigm shift that redefines secure communication outside of standard networks. This distinction is not just academic but a critical strategic choice with far reaching consequences for enterprises as they prepare for inevitable incident response, business continuity, and post-breach obligations. ArmorText’s Secure Out of Band Collaboration™ relies on a patented user+device / scope-of-review specific end-to-end encryption, ensuring the security of communications up front and as a part of retained archives.
This post explores the leap from using any available alternative as a stopgap to implementing a solution designed from the ground up to be secure, transparent, and independent, fulfilling the stringent requirements of modern enterprise governance and security standards.
Analyzing common scenarios
We can summarize the definition of out-of-band communications above as any alternative to normal day-to-day channels of communication. For example a company operating Microsoft Teams in one workspace may:
-
- use scripts to launch a new workspace independent of the primary one as an out-of-band option;
-
- instruct external counsel to maintain a separate Google Workspace available as a quasi hot-standby option;
-
- or, instruct their teams to move to Signal or WhatsApp, keeping communications off of primary channels in case of compromise.
But, now let’s examine when and where each of the above may become problematic.
If you launch an exact replica of your existing workspace that was just compromised, can you be sure the vulnerability exploited by the attacker to gain access to your sensitive communications won’t also allow them into your new workspace?
If you maintain a separate workspace, whether from the same vendor or a similar alternative as a quasi hot-standby option, can you justify a doubling (or more) of operational costs? Can you be sure it’s any more secure than what was just compromised? What if the compromise was actually of an upstream resource used to provision access to both environments?
In both the case of an exact replica of your existing workspace or a quasi hot-standby option:
-
- Is your platform of choice designed to accommodate secure in-crisis onboarding where traditional methods, e.g. self-service enterprise email domain-based user registration or centralized identity & access provisioning, may be unavailable or less desirable?
-
- Will you have to create all intended users in advance?
-
- What if you need to expand beyond the originally intended scope to accommodate larger swaths of the business?
If you instruct your teams to move to a consumer privacy focused application, how do you deal with a rogue executive participating in conversations? What about their conversations that you are not a part of? How do you reconstruct an audit trail when general counsel requests a copy of all communications of security and incident response personnel involved with the remediation? How do you deal with sensitive communications left behind on an employee’s lost or stolen device? What about when they’re actively leaving for a competitor and taking their personal phone with them?
ArmorText’s Solution
While the concerns raised above may have you wanting to throw in the towel, operating without a viable out-of-band solution simply isn’t an option. If you can’t communicate, you can’t put your incident response plan into play and you can’t remediate.
Secure Out of Band Collaboration™ is an out-of-band communications solution that meets these additional requirements:
-
- Requirement #1: It must be standalone
-
- Not a duplicate of a current tool
-
- Does not rely on on-premise / self-hosted components
-
- Not dependent on your network
-
- Requirement #1: It must be standalone
-
- Requirement #2: It must be more secure
-
- End-to-end encrypted (where as most all day-to-day comms in the enterprise simply rely on encryption-in-transit and encryption-at-rest)
-
- Protects against insider threats
-
- Protects against 3rd-party breaches
-
- Requirement #2: It must be more secure
-
- Requirement #3: It can’t sacrifice controls
-
- Provides you the ability to implement user policy controls
-
- Enables you to meet records retention requirements
-
- But, does so without reintroducing on-premise / self-hosting dependencies
-
- Requirement #3: It can’t sacrifice controls
ArmorText’s patented user+device / scope-of-review specific end-to-end encryption approach underpins our Secure Out of Band Collaboration™ offering. Communications to and from users are encrypted uniquely per user per device prior to send, as devices do not share decryption keys.
At the same time, a distinct end-to-end encryption takes place prior to send for each authorized reviewer associated with participants in the conversation at the time of message send. This ensures that only when a scope-of-review is relevant, are messages encrypted for it.
But, it also means that administration and review are not linked together, rather your admins can administer your ArmorText environment, your users, policies, and information retention without ever possessing an ability to decrypt communications not directly intended for them.
With all of this in mind, let’s look at the three requirements and their criteria above.
ArmorText operates as a standalone capability, 100% in the cloud, disconnected from provisioning and SSO so it can’t be affected by a compromise of either.
Our end-to-end encryption approach enables admins to administer ArmorText without ever being exposed to others communications, and should they go rogue, because our end-to-end encryption doesn’t involve key escrow or a similar service exposed to us, rogue admins cannot retroactively enable access by themselves, leading to an Edward Snowden moment. Those compromising administrators credentials in the hopes of accessing current or retained communications, are similarly out of luck.
At the same time, legitimate retention and review can be setup and protected by:
-
- being kept offline generally as the end-to-end encryption for each scope-of-review takes place asynchronously whether a reviewer is logged in actively or not, and
-
- requiring multiple parties (two, three, or four) to come together in order to execute a scope-of-review.
The retained archives are kept in an end-to-end encrypted form 100% in the cloud until you need them, at which point you can pull them down, decrypt, review, and, if needed, export them into JSON or RSMF formats for effortless e-discovery.
Securing your enterprise’s future with Secure Out of Band Collaboration™
Secure Out of Band Collaboration™ is the out-of-band communications solution your organization needs to be resilient in the face of today’s cybersecurity threats. We take a closer look at why, utilizing real life examples that have taken place over the past seven years, examining the evolution of attack objectives and current trends, in Understanding Secure Out-of-Band Collaboration in Incident Response.
The question now is not whether your organization can afford to implement Secure Out of Band Collaboration™ but rather, can it afford not to?