TECHNOLOGY

ENCLAVE STRATEGY

The need for protecting highly sensitive data is not limited to the government’s Classified or Controlled Unclassified Information (CUI) safeguarding requirements. Commercial businesses are also facing increased cyber risks to their conﬁdential data that can contain customer, patient, financial, and intellectual property information.

In collaboration with defense and intelligence agencies, cyber security experts at eResilience developed solutions that apply an Enclave strategy for protecting CUI and other highly sensitive data from cyber-attacks. By putting sensitive information that needs to be protected within an Enclave, the boundary can be strictly controlled and monitored. This strategy reduces the avenues of approach and creates a defense-in-depth for your most critical data and applications.

ENCLAVE EXPERTISE

eResilience is a division of Referentia Systems, a National Security Agency (NSA) Trusted Integrator with a strong track record of providing secure, compliant and easy-to-use solutions. The company has been developing information assurance technologies and solutions for the DoD for more than 15 years, and offers cross-domain security expertise, in-depth experience with NIST 800-30 risk assessments, Cyber Security Framework (CSF) and Risk Management Framework (RMF) implementation, and staff that has obtained DoD’s recognized Certiﬁed Authorization Professional (CAP) certiﬁcation.

Our experience includes applying Enclave strategies to protect sensitive information for commercial enterprises, critical infrastructure sites, and the U.S. Military.

ENCLAVE TECHNOLOGY

The eResilience Enclave technology was developed for the U.S. Military as a best-in-class cost effective solution for information assurance within cross-domain operations (separating unclassiﬁed and classified information on virtual networks and assuring the separation, which could have life-or-death consequences if not separated). Within government agencies, the Enclave technology allows isolated critical networks to exchange information with others, without introducing security threats that normally come from network connectivity. For commercial enterprises, the eResilience Enclave technology and process meets technical requirements for compliance with DFARS 252.204-7012 and NIST SP 800-171 R2.

Setting up a secure network Enclave requires strong cross-domain knowledge, a deep understanding of the limitations and strengths of different components and devices, and expertise that can only be gained through years of experience. eResilience has developed tools to automate the setup and conﬁguration process, ensuring that each device is set up securely. The team identiﬁes what needs to be protected, and creates Enclave barriers to establish a defense-in-depth strategy around the mission critical data and applications. This reduces the avenue of approach, lessens the opportunity of a security breach, and restricts unauthorized access.

ENCLAVE ARCHITECTURE

Enclaves provide the ability to create secure barriers at the user, workstation, network and server level, to protect what is inside the Enclave. Combining the eResilience Enclave architecture with a unique set of automated tools, the detection capabilities to look for lateral movements and leakage are increased, making threat identification easier and more accurate. Enclaves are deployed at the most critical parts of the network, so a breach in one area will not compromise or bring down operations that are Enclaved within another area.

Utilizing the Enclave approach, the eResilience team has developed an end-to-end architecture capable of securing data for U.S. defense, intelligence and critical infrastructure projects. This same architecture is now available to defense contractors to help achieve rapid compliance with DFARS, NIST and other cybersecurity regulations. In addition, automated tools allow for accurate and easy to manage threat and policy monitoring.

WE CAN HELP

LEARN MORE

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
vuid	2 years	This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website.

Cookie	Duration	Description
_gat_gtag_UA_136970874_1	1 minute	No description
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-others	1 year	No description