The SolarWinds Hack Screams Need for Containerization

The SolarWinds hack that impacted the U.S. Treasury, Department of Homeland Security and Commerce departments, as well as other government agencies and private companies was a big wake up call for the cybersecurity world.

There are many things that will be learned from the SolarWinds hack, but I would like to focus on two critical lessons that every enterprise should address:

  • Every incident response, business continuity and executive team needs an out-of-band, secure, private communication platform that is set up BEFORE an incident happens.
  • Fully integrated systems are good for convenience and productivity, but can be catastrophic for security. Your most sensitive information and communication should be containerized.

The military has a classification systems to determine how sensitive information is handled and accessed. One of the highest levels of classification is called Top Secret / Sensitive Compartmented Information (TS/SCI).

Access to TS/SCI material is permitted on a need-to-know basis for those with appropriate security clearance levels. Often times, no single person has access to all of the information. Containerization is a proven effective way of protecting sensitive information.

We’ve spoken with a number of enterprises that pay lip-service to the need to set up out-of-band communication, but only a fraction have taken the steps to do so. Instead, they are consistently caught flat-footed when incidents occur and they tend to use unauthorized consumer tools in the scramble to establish communication – especially in today’s remote working environment. Setting up communication lines mid-breach is not only stressful, but the use of consumer tools may pose additional risk to the enterprise.

The SolarWinds fiasco should and will push CISOs and IT executives to approve and establish out-of-band communication systems in 2021.

With respect to integration, the pendulum has swung so far in the direction of fully intertwined software that breaches like the ones we are seeing today will become increasingly more common.

Enterprises would be wise to learn from the military’s approach of compartmented information and strict, need-to-know access controls for information that matters most.

Enterprises and executives that adapt quickly and begin properly containerizing their information will enter 2021 prepared and protected. Those that don’t will be leaving themselves vulnerable to potentially catastrophic risks.

LockDown solves this problem. Reach out to us to get started.

 

A.J. Auld is the CEO of LockDown, an all-in-one platform to safely store, share and communicate with complete privacy. Prior to LockDown, A.J. founded several successful companies including Distributed Alpha, a cryptocurrency investment firm; Bright Discounts, a fundraising company; and Titanium Lacrosse, a sports management company, which was acquired in 2015. A.J was a Columbus Business First “Forty under 40” awardee and earned a degree in Finance and Entrepreneurship from Miami University.

Recent Posts

You’ve heard of Signal, but what about LockDown?

Last week, following a viral tweet from Elon Musk, Signal became the #1 downloaded free app in both the Apple App and Google Play stores. Here at LockDown, we’re often … Read More

Why privacy matters more than we think.

What is privacy? Contrary to widespread belief, privacy is more than just personal identifying information, medical records, and personal communication. Privacy, by our definition, includes any digital information you decide … Read More

LockDown’s most loved security features – and how to use them

Hey there, this is Annie from LockDown. During my last 2 years on the team, one of my favorite opportunities has been listening to the needs of our users and … Read More