What is ‘compartmentation’? What do Donald Trump and the A-bomb have to do with it? Find out. In this post, I define compartmentation and how it’s used – and sometimes abused – in the most sensitive situations.
Securing business-critical data
‘Since security is top of mind for IT, leaving employees to their own devices is not an option. Companies cannot take the chance of losing control of business-critical and sensitive data by having it compromised, corrupted, deleted, or worse,’ said Terry McClure and Leah Matuson, Senior Analysts, at the Enterprise Strategy Group. The ‘worse’ could be seeing your data stolen and sold to competitors or rogue nations.
What is ‘compartmentation’?
‘Sensitive Compartmented Information’ is a term used by the military, national security and intelligence communities for information that’s critical to a nation’s security.
The implication is that it would be disastrous if such information got into the wrong hands. Think about Trump’s security advisers’ proposals for what to do about Russian attacks or how to respond in Venezuela. Going back years, think about the plans for the A-bomb.
The idea of compartmentation is to provide secure, separate compartments to which only those who need to know the contents are granted access.
This means that even those with high-security clearance or seniority won’t gain access unless they specifically need to know the contents. That’s the principle.
Compartmentation’s long history
Also known as compartmentalisation, this approach dates back to antiquity, when the Greeks used it to keep their ‘Greek Fire’ weapon top secret.
In more recent times, it’s used to keep high-security installations secure, where the keys and codes needed to open vaults are held by different people.
When the principle is applied properly, it works. When it isn’t, you run the risk of a sequel to the Chelsea Manning incident; the clearance level may have been correct but there was definitely no need to know.
Governments also use this principle in physically and electronically secure SCIFs (Sensitive Compartmented Information Facilities) to access classified documents and discuss sensitive issues. The image above is apparently of Donald Trump in his ‘SCIF’ at Mar-a-lago – his ‘winter White House’. We’re not so sure.
In principle, access to SCIFs is strictly limited to people with appropriate security clearance – and who need to know what is being discussed.
That’s fine in principle, but it wouldn’t protect sensitive snippets if Trump were to send out a tweet or have a private chat with someone outside the room – and give the game away.
Manhattan: compartmentation in practice
A potent example of successful compartmentation is the project that launched the Atomic Age: the Manhattan Project. If any of the contributors had access to all the information, the project could have been easily sabotaged.
That’s why Major General Leslie Groves made sure that those who were enriching uranium had no idea why they were doing it, or what it would be used for. He had parts of the bomb designed, developed and assembled in different facilities, with designers and factory workers having no idea what the completed article would be. This is effective compartmentation in practice.
The cone of silence
Remember ‘Get Smart? It’s back on TV and new audiences are laughing at agent 86 Maxwell Smart and his excruciating sessions with ‘the Chief’ under the ‘cone of silence’. Funny it is, but it’s also simple compartmentation in action. The cone made sure that no one except Smart and the Chief could share any of their conversations.
Contrast this with the present day, where the Internet makes sharing so easy and makes it harder to secure sensitive information; think about the Wikileaks and Snowden data breaches. The numbers are staggering: 1.7 million NSA documents were stolen by Snowden.
Too easy
Laptops and smart mobile devices have made it really easy for people to share information with almost anyone. Knowledge workers can share documents with colleagues anywhere with one click. The problem is, most of the sharing happens using email or generic file-sharing services, despite the obvious risks.
Shared documents can contain very sensitive corporate information, such as details of special projects, new inventions or initiatives. It’s not just the risk of this critical data falling into the hands of competitors or foreign nations: McGill IT reports that criminals ‘prey on people who share documents through collaboration tools such as Office 365’s OneDrive, DropBox and others.’ If staff fall for these scams, the door is wide open for hackers with far more malicious weapons, like Advanced Persistent Threats which can exfiltrate data over months or years without detection.
For most people, sharing files via the Internet has become indispensable to their work. Gartner predicts that ‘by 2020, 80% of large and midsize organisations in mature regions will have deployed one or more content collaboration platform (CCP) products …’ The problem is that CIOs and CISOs have limited control over the sharing process; many can’t even see which files are being shared. How can they secure the process if they don’t have the right tools?
How can collaboration be made secure?
The simple answer is compartmentation.
Imagine a large project with many participants inside and outside an organisation, many with different roles or needs; for instance, a major government infrastructure project, worked on by staff from several departments, ministers and their assistants, external private contractors and subject matter experts.
Some contributors just need to read certain documents, others need to add comments, some need to edit, others need to share and, ultimately, someone has to approve a final version. Different levels of access are critical to preserving the integrity of the project, and the principle of ‘least privilege’ must be applied: people should be given enough privileges to do their jobs – and no more.
The simplest way to do this is to create compartments, each with controls for what users can do. This way, staff with different clearance levels might access one compartment, but only some levels can change content and only in very controlled ways. In fact, the person with final approval may have no access to early or interim compartments, because he or she doesn’t need to be involved in the early workings.
From the cloud to the pocket
Compartmentation on this level is a big step forward for securing sensitive data, but you also need to check more general security issues:
- Is the cloud repository that holds the information secure?
- Can you establish which geography or jurisdiction the information resides in?
- Do you know who has access to it (your IT contractors, the cloud providers’ admins … )
- How secure is your sensitive data on mobile devices?
- How secure is it while in transit across public networks?
Encryption is crucial for data security, as long as it’s strong enough and effective in transit and at rest. However, some data is always left in the browser’s cache after a session on the Internet. That’s an even bigger problem with mobile devices. Not only is data stored in the device’s cache but almost 200,000 mobiles are left in cabs every year in London alone; no one’s done the figures for the whole world yet. That’s why mobile security heads the list of issues that keep CIOs everywhere awake at night.
A truly secure collaboration platform can help organisations address all of these issues – so long as it enables information compartmentation, has granular controls for each compartment or level of a compartment, and includes robust information protection on mobile devices.
Trump and the Atom Bomb
So, what do they have in common?
Well, both are clearly explosive, unpredictable and dangerous if not contained; both pose risks to other countries and to their own, and the legacies of both will last for many years.
They also both involve compartmentation but only one has proven to be 100% secure.
The Manhattan Project has stood the test of time (over 70 years) as the most successful multi-person, multi-location collaboration on critical, classified information – that was based on compartmentation – and remained secure and uncracked.
I wonder what Trump’s record will look like?
Contact us if you’d like to be sure about the security of your sensitive collaborations.