ArcLight
ArcLight is “Out of the Box”, MOD CyDR accredited, penetration tested by multiple vendors, hardened, and secured standalone IT suitable for storing or processing data up to the highest UK HMG protective markings. It is designed to be used in specific circumstances where enterprise IT is insufficient, and a high level of security assurance is required.
ArcLight is built to comply with the Centre of Internet Security Level 1 and 2 benchmarks, and all controls are aligned to the Baseline Controls for UK-SAP through MoD. ArcLight can be fully hardware customised as accreditation lies with the build/configuration combined with the use of High-Grade cryptographic protection.
ArcLight allows Industry stakeholders to liaise with government and defence/national security suppliers or to conduct operations requiring portable, highly secured devices.
Arclight has adopted UK MOD’s Key Secure by Design Principles:
Principle 1: Understand and Define Context
Understand the capability’s cyber security context and how it will use and manage MOD data while achieving its primary business/operational outcome(s).
Principle 2: Plan the Security Activities
Establish a security workstream of the capability, perform initial planning including assessment of cyber threat and potential risks while defining clear security requirements, validation, and verification.
Principle 3: Implement Continuous Risk Management
Embed cyber security risk management into existing program governance as a continuous process.
Principle 4: Define Security Controls
Define, architect, and implement security control requirements to address risks identified. Reuse existing services and patterns where they exist.
Principle 5: Engage and Manage the Supply Chain
Understand the supply chain roles and risks posed, including how to ensure they meet their responsibilities and implement good security.
Principle 6: Assure, Verify and Test
Work with security experts to gain security assurance, test and validate throughout the capability’s lifecycle.
Principle 7: Enable Through Life Management
Ensure continuous security monitoring and improvements, including ongoing assurance requirements are enabled, met, and disposed.
Once the system is built to your desired specifications the system will be ready to use, pre-accredited, assured and fully hardened in-line with pre-agreed levels and within tolerable risk levels.
ArcLight has UK Government accreditation until August 2024 at which point it will transition to Secure by Design and Continual Assurance processes.