The role of Security Domains in Gateway Design
Secure Internet Gateways like Macquarie Government’s SIGNET play an important role in protecting digital government. To better understand how gateways work, it helps to understand the “security domains” they protect.
In an earlier post, we discussed the Gateway Security Guidance released by the Australian Cyber Security Centre (ACSC).
To help contextualise the guidance, a section on key gateway concepts is included. Aside from describing what a gateway is, two other concepts are described in detail – Security Domains and Policy Enforcement Points.
Using the Information Security Manual (ISM) as a reference, the guidance defines a Security Domain as “a system or collection of systems operating under a consistent security policy that defines the classification, releasability and special handling caveats for data processed within the domain.”. The Guidance uses an organisation’s PROTECTED and OFFICIAL networks as examples of separate security domains.
Gateways sit between security domains to ensure that data flows between them are consistent with the organisation’s security policies. The guidance uses the example of a data flow between an internal network and the internet. This is the traditional purpose of a Secure Internet Gateway.
When designing a security domain, the guidance recommends several factors to consider. Most of these factors (for example purpose, value, threats and risks, classification) are specifically applied to the information within each domain, while there are three that we believe should be universally applicable:
The impact of ownership and sovereignty, (Australian or foreign owned/controlled).
Securing data belonging to Australia requires knowledge of its location, who has access, and importantly who holds legal authority over it. This applies equally to the data flows as well as at rest.
Sovereign data should always remain within Australia’s jurisdictional control. Data sovereignty is more than just data residency. It includes the jurisdictional control or legal authority that can be asserted over data because of its location.
As the first Australian company to have both our cloud and data centers DTA Certified Strategic, we have undertaken guarantees that there will be no significant changes to strategic direction, operation, or ownership that would adversely affect the Commonwealth’s interests and Australian public trust in the Commonwealth.
Consistent administrative and security control.
The move to the cloud and distributed workforces has blurred the lines between “internal network” and “internet”. Applications are now commonly deployed to public cloud infrastructure, platforms, or software environments.
Organisations are advised to determine if that environment is an extension of an existing domain or a separate domain. If a security domain is extended, those “consistent security policies” should not be compromised by differences in an environment’s underlying architecture.
Recognising the need for consistent infosec controls across datacentre and public cloud led us to build our Virtual Services Gateway and Managed SSE products.
Consistent security and operational visibility.
Likewise, visibility of security as well as performance and availability should be consistent across a domain, regardless of its location. There should not be any “dark side of the moon” environments, network segments, or devices.
This is also one of the core design principles of SIGNET, our latest Secure Internet Gateway.
The concept of Security Gateways allows agencies, indeed any organisation, to view their IT infrastructure in a more nuanced manner than the traditional “internal safe, internet unsafe”. This nuance is critical given how users and their apps are now widely dispersed.
Macquarie Government has been protecting digital government for almost years, playing a leading role in the evolution of gateways that secure a wide range of government security domains. If you would like to learn more about how we do this, get in touch using the form below.
