technologyreseller.co.uk CYBERSECURITY 27 Goldilock targets MSSPs to supercharge sales of its ground-breaking TruAirgap technology Back to basics is not a guaranteed vote winner – just ask John Major. But for businesses that keep adding layer upon layer of cybersecurity software and services to their defences and still feel unsafe the promise of an uncomplicated but effective hardware-based solution has obvious appeal. This is exactly what Goldilock is offering with a new Layer 1 security device based on the simple premise that the best way to protect networks and digital assets, including back-ups, from ransomware and other cyber threats is to control when they are physically connected to the internet. TruAirgap lets you create a physical air gap between protected assets (servers, networks, OT systems, data repositories) and the internet by disconnecting them completely when they don’t need to be online or are under attack and then reconnecting them when online access is required or an attack has been remediated. At its simplest, disconnection/ reconnection can be done manually, in-person by pulling out/inserting the relevant cable(s). More practically, this can also be done remotely, in seconds, using a patented, non-IP control mechanism triggered by SMS or analogue voice – i.e. without using the internet. “We deliver a device which remotely connects or disconnects any of your devices from the internet without using the internet. That is the secret sauce; that is the patent; that is what separates Goldilock from other airgap solutions – the fact that we’re using a non-IP control mechanism,” explains Chief Operating Officer Stephen Kines. “It’s a full physical disconnect and that’s why it has been deemed as unbreachable. It is unbreachable because you can’t overcome the laws of physics.” Three functions Through a combination of secure noninternet communications, biometrics, strong multi-factor authentication, non-IP technology triggers and cryptography, Goldilock is able to provide three main functions in one device: 1 A kill switch. If your system comes under attack, TruAirgap enables you to disconnect and isolate ports within seconds, from anywhere. You don’t need to be on the premises or know where all the cables are. 2 Isolation. TruAirgap lets you reduce your attack surface by disconnecting systems when they don’t need to be accessible or online. Just doing this outside working hours can reduce your vulnerability by 76%. Isolation can also help protect backups from ransomware, enabling organisations to clean up and recover from breaches more quickly. 3 Segregation. TruAirgap can also be used to segregate specific infrastructure and assets in encrypted digital data vaults with on-demand access and additional levels of security. Because each of the appliance’s ports is isolated from the others, customers can cover the whole spectrum from convenience to high-level security in the same unit. A bank that wants employees to have access to, say, know your customer (KYC) documents during working hours could schedule port 1 to be open and accessible from 9 to 5 and disconnected at other times. At the other end of the spectrum, it could provide access to its most critical data – its crown jewels – via port 12, say, on-demand, using a two-key system. “Each packet is isolated, so if you have left port one open from nine to five and it is attacked during those hours and infiltrated before you use the kill switch, ports 2 to 12 won’t be affected,” explains Kines. Although Goldilock’s appliance is essentially an airgap device (named because it creates a physical gap between critical systems and unsecure networks like the internet), Goldilock is using the name TruAirgap to differentiate its technology from other airgap solutions that don’t have a remote connect and disconnect capability. In fact, Kines is somewhat wary of associations with traditional airgap solutions. “We are starting to use the analogy of a drawbridge, a data drawbridge, and that resonates with some customers. You lift the drawbridge to secure the fortress. We have a team in Europe going after Germany, Austria and Switzerland (DACH), which is going to be our big push in the next six months, and we’re going to be using the data drawbridge analogy more than the notion of an air gap.” Range of devices The first product to be launched by Goldilock is a $15,000 12-port, rack mountable, pass-through appliance, which comes with a $1,500 per annum three-year service package – also available on a hardwareas-a-service basis for $1,000 upfront and $300 a month – but the company is already developing additional solutions. Kines showed Technology Reseller a prototype of a four-port, ruggedised, IP67compliant model that it has developed for the MoD’s Defence and Security Accelerator (DASA), which it will also be launching in a rail-mounted version for industry 4.0 through a newly formed industrial division. The company’s long-term vision is to have ‘Goldilock in every home, Goldilock inside’, to which end it is developing a miniaturised OEM version small enough to be incorporated into any connected device. Targeting MSSPs To date, Goldilock has gone to market via its direct sales force. However, Kines expects MSSPs to be its primary route in the future, accounting for 80% of sales. He adds that Goldilock is already a ‘compelling offer’ for MSSPs. “It is a simple and easily installed appliance – we ship the device from our Cannock facility to three continents. It’s been tested, verified and has very low support requirements. It’s a very easy thing to explain compared to a lot of things in the cybersecurity market. And we have a 40% model, so it’s a pretty good margin.” He points out that TruAirgap is now in version 2.1 so early adopter issues have been resolved, making it a safer Back to basics continued... Stephen Kines
RkJQdWJsaXNoZXIy NDUxNDM=