C-Suite

The C-Suite has the most access to valuable information about strategy, financial results, customers, partners, employees, and intellectual property. In particular, executive boardrooms, suites, and even homes hold, carry, and publish very sensitive information in both oral and written format. Whether you are a Fortune 500 corporation or a mid-sized business, keeping the C-Suite protected is a top priority.

 

THE PROBLEM

Bob Baxley, Chief Engineer at Bastille Networks discusses "C-Suite Security".

Many critical meetings and data pass through the executive suites and boardrooms which makes this area susceptible to bugs, International Mobile Subscriber Identity (IMSI) catchers, and other nefarious tools used to listen and record. Typical solutions try to solve this problem by point-in-time methods such as bug sweeps, which prove to be very costly and ineffective. In order to fully protect the C-Suite, the radio frequency spectrum needs constant monitoring to understand the transmissions of devices in the environment.

In the C-Suite, it is imperative to monitor for unauthorized access to secured areas, based on badge level or known and unknown employees. The boardroom is often required to be a no-device-allowed zone, but enforcing this policy can be time consuming, costly, and ineffective. 

C-Suite vulnerabilities include:

  • Unauthorized employee access
  • Tailgating and other methods of entry to high risk areas
  • Rogue wireless devices and networks being used for data exfiltration and eavesdropping through the RF spectrum

Typical security solutions have very little visibility into the radio frequency space allowing for no knowledge of the devices in call centers and how they are behaving, making BYOD policy enforcement very difficult.

THE REQUIREMENTS FOR A C-SUITE RADIO SECURITY SOLUTION

A C-Suite radio security solution needs to:

  1. Provide visibility into the wireless networks, traffic, and devices operating in your environment, 
  2. Inform you of the attack surface for each of these devices, 
  3. Alert on active wireless attacks on those devices through your existing SIEM systems, and
  4. Suggest best practices for minimizing the attack surface and mitigating an attack in action.

Specifically, a solution must:

  • Detect all devices operating in the wireless spectrum, to include but not limited to, Wi-Fi, cellular, Bluetooth, and the hundreds of other protocols in the Internet of Things (IoT)
  • Provide awareness into any wireless threats including active attacks, rogue networks, and misconfigured devices. 
  • Have the ability to track the movement of devices, which include radios, to augment existing security measures. 
  • Show the movements of devices to help enforce access policies. 
  • Enforce company BYOD/IoT policies
  • Detect unauthorized access
  • Detect data exfiltration through wireless devices
  • Allow the physical security to quickly detect and localize any malicious devices
  • Include geofencing capabilities to understand and protect areas with sensitive data
  • Detect vulnerable devices being installed
  • Detect rogue cell towers which can send signals into your C-Suite

What kinds of organizations need solution?

All organizations which have meeting facilities and executive office suites where sensitive matters are discussed.

"