A data diode is a cybersecurity solution that insures unidirectional information exchange. This high assurance hardware device maintains both network integrity by preventing intrusion, as well as network confidentiality by protecting the most security sensitive information.
How does a data diode work?
Data diodes are the failsafe way to protect sensitive systems and confidential data. Data diodes are small hardware devices, also called "unidirectional security gateways", which sit between two networks. Working like a check valve, the function of a data diode is to allow all data to pass in the forward direction, while blocking all data in the reverse direction. The fiber optical connection makes it physically impossible for data to travel in the opposite direction. And as it is not software, it cannot be directly attacked by malicious code, which results in high assurance.
Why do you need a data diode?
A common solution to keep sensitive or classified information safe from leakage or manipulation is to completely disconnect it from other networks. However, there are situations when data needs to be transferred to or from the protected network.
By using a data diode, you can ensure that the transfer is done securely without jeopardising the integrity or the confidentiality of the network.
Who needs a data diode?
A high assurance data diode protects assets for operators within critical infrastructure (ICS/SCADA) and defense industries. However, along with digitalisation and the increase of sophisticated cyberattacks, every organisation that operates with sensitive information has great use of a data diode in order to protect its valuable information and securely exchange data.
What makes Advenica’s SecuriCDS Data Diode unique?
Advenica provides cybersecurity solutions to customers within the armed forces and defense industry, which means they place high demands on the security of our products. Therefore, our data diodes fulfill the requirements both in terms of security and assurance.
When designing our data diodes, we make sure to eliminate any risk of covert channels that may appear in the reversed direction.
All of Advenica’s products are designed, developed and manufactured in Sweden which means that we can guarantee high assurance products.
The separation between the two data interfaces on a Data Diode is vital. In the SecuriCDS Data Diodes, the separation and diode functionality is based on optical transmitter and receiver. The design guarantees that no data will pass in the opposite direction. The SecuriCDS Data Diodes even includes the possibility to use dual power supplies to eliminate potential covert channels in the reverse direction. The dual power supplies strengthen the vital separation.
How does a data diode communicate with bidirectional protocols?
To be able to communicate with bidirectional protocols, proxy services are needed. The proxy services convert bidirectional protocol into unidirectional protocol, so it can be transferred over the Data Diode. By using a proxy service, Advenica’s SecuriCDS Data Diode can handle common communication protocols. Such services translate these protocols into unidirectional protocols, offering you data communication with the impenetrable security of one-directional hardware.
Read more about how data diodes can be used in our Use Case #02 "Protecting information in critical infrastructure"
Want to invest in your cybersecurity? Contact us today.