The Sixth Flag Introduces Cell Structure Security To Secure Cloud
First Workspace-As-A-Service To Apply Traditional Clandestine Warfare Tactics in a Modern Approach to Cloud Security
by The Sixth Flag
February 2, 2016
Raleigh, NC - The Sixth Flag, Inc. today revealed its model of Cell Structure Security to secure its Workspace-as-a-Service in the Cloud. Recognizing traditional approaches to securing the cloud and enterprise networks are still falling short, Pete Kofod, founder and CEO of The Sixth Flag, has found that this concept, which he developed from experience in the military, to be highly effective in securing his Workspace-as-a-Service.
"A cell structure is a system that is highly resilient to external compromise and severely limits the ability of an attacker to further exploit the organization beyond the cell. Should the cell be compromised, the parent organization immediately isolates and collapses it. This is a concept regularly employed in clandestine warfare, which we have adapted to the securing of our virtual workspace," says Pete Kofod, Founder of The Sixth Flag, Inc.
The industry response to advanced persistent threats has been to continue to focus on hardening single points of failure, including central authentication systems. While this is certainly a worthwhile activity, little has been done to mitigate the consequences of inevitable compromise. "It's not good enough to harden a system against an attack,” Kofod explains. "You must also have a process that contains the effects of an inevitable breach."
Pete likes to point out the following paradox: "If the systems that employ multiple layers of security all rely on the same single 'Central Authentication' mechanism, the question that never gets asked is whether those systems actually provide independent layers of defense, or 'Defense in Depth.' This is not an academic exercise. Recognizing the criticality of authentication systems, attackers have spent significant resources on compromising them, often successfully."
The remote user is often an initial target and while systems such as Time-based One-Time Password (TOTP) protect against compromise of user login credentials, they do little to protect the underlying authentication system.
The Sixth Flag applies Cell Structure Security to its virtual workspaces, transforming the Cloud into a security asset. In a bold prediction, Pete Kofod states that "2016 is the year the cloud will be considered an asset rather than a liability."