Operators and services companies know too well that the oilfield environment can be a data security nightmare. Complicated data flows, 3rd party devices, challenging physical environments, combined with an ever changing range of security risks and threats all add up to an uniquely demanding scenario.
DataGuard is the world’s first data security device designed specifically to address these threats. DataGuard ensures network integrity and confidentiality while preventing intrusion and data leakage. Using a two pronged approach of an enforced protocol break and reconstructing data flow between the two segments, it prevents all content threats, including zero-day exploits and human errors. Check-sum integrity validation of the border device also allows them to detect and report compromises of a network segment, while still allowing data transfer from sensors on that segment.
The dual approach of an enforced protocol gap and content reconstruction ensures that only valid, safe content can pass from end to end. Malware cannot be transmitted via the reconstructed data, or try to spread itself to adjoining network segments due to the protocol gap. In addition it prevents covert outbound data loss using techniques such as image steganography.
Historically the industry has had to rely on either firewalls or One Way Data Diodes to try to mitigate these threats. Unfortunately neither approach gives the absolute certainty required in the E&P industry:
- Firewalls work by monitoring and controlling the traffic between different network segments, based on predetermined security rules. The problem with firewalls is that, like any computing device, they can be compromised. Even when a firewall is fully patched and properly configured, there is always the possibility of a zero day exploit that enables a hacker or malware to circumvent the rules.
- Data Diodes are network devices that allow only one one-way transfer of data between segmented networks. While these are useful devices for many networks, they are extremely limiting when two way data flow is required, and do not cover some forms of threat at all. Of itself, a one way data flow does not do anything to combat malware in content. As such they do not offer any protection from the possibility of there being malicious content in the data that is allowed into or out of the business. Perhaps worse though, if you isolate a system or network with a data diode you are isolating it from information. In the rig environment information needs to flow both ways. While this can be done with two data diodes, one allowing outgoing traffic, one allowing incoming traffic, you now have a standard bidirectional network link. Some diodes aim to overcome this issue by allowing for rule based control of what traffic can flow in each direction, but this effectively brings us back to a normal network with firewall protection, just as vulnerable to zero day exploits concealed in content.
The DataGuard system takes an entirely different approach to ensure absolute security from malware and data breaches. Incoming data is aggregated by a boundary UniDAQ device. It is converted into a proprietary data format, and then passed on to the DataGuard box. The DataGuard device has only two connections: a TCP/IP connection to its assigned UniDAQ device; and an optical serial link to its twinned DataGuard on the network segment, where the data will be received.
Essentially, the content is received from the UniDAQ and deconstructed into pure data. This is then transmitted via a separate protocol to the receiving DataGuard, where it is reconstructed. There is no mechanism or opportunity for malware to pass across, as the receiving system will discard or ignore anything other than the data that is formatted correctly. This combination of protocol gap plus content transformation creates an inherently unbreakable barrier.