Lsl dayinlifeuser
-
Upload
labelled-security-limited -
Category
Technology
-
view
110 -
download
0
description
Transcript of Lsl dayinlifeuser
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
A Day in the Life of a User
20/03/12
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
Our User...(let's call him / her Hilary...)
• Deals with multiple protective markings
• could be sensitivities, could be caveats / codewords
• Lives in a Government or List X facility approved forall the markings involved
• Occasionally needs to distribute data from a markedinput source to one or more differently marked outputdestinations
• Occasionally needs to attend meetings in a roomapproved for a subset of markings
• Has at least one Security Controller looking after acodeword who's “a bit of a Jobsworth”...
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
Welcome to the Office...
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
First thing in the morning...
Traditional Get Flagstone drives
from safe (1 or 2 drivesper marking)
Load into desktops Power on Wait Unlock drives with
iButtons, passwds Boot desktops Wait Log in to each desktop Log in to each remote
infrastructure
Sun Ray Power on Insert smartcard Enter Sun Ray password Double-click remote
desktop at each marking
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
Moving data...
Traditional Go to appropriate app
on appropriate desktop Highlight Save to file Cryptographically sign Copy to media (CD
ROM, <wince> USB stick</wince>)
Mount media ondestination desktop
Copy file to destination Extract data and paste
accordingly Wipe / destroy media
Sun Ray Go to appropriate app in
window at appropriatemarking
Highlight Copy Go to appropriate app in
window at appropriatemarking
Paste No media to mishandle!
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
Going to a meeting...
Traditional Log out of appropriate
desktop(s)
Go to meeting room
Log into desktops
Re-launch apps etc
Sun Ray Remove smartcard
Go to meeting room
Insert smartcard
Log into Sun Ray
Resume availabledesktop sessions
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
Before going home...
Traditional Log out of remote
sessions on desktops
Shut desktops down
Wait
Remove drives
Put drives back in safe
Sun Ray Remove smartcard
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
Interesting?
These scenarios add up to a saving of maybe 20minutes per day, per user.
Add up all those users.
Add up all those desktops that won't be needed,too.
Also, consider that any cross-domain data transferstays firmly in the system; there's no media, at anypoint, to mishandle.
Talk to us.
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
Making Britain More Secure.