Instead of relying on endpoint protection or user training to improve security, the UK-based security company Garrison wants to use hardware to prevent malware infections and data breaches. David Garfield, co-founder and CEO of Garrison, said the company’s goal is to provide ultra-secure browsing that removes all risk of a user accessing risky content. He described the hardware-centric solution as the equivalent of pointing a video camera at the monitor and using a robotic arm to control the keyboard.
To accomplish this, Garrison uses ARM processor chips found in cell phones and tablets. One cell phone chip runs a browser. The pins of that chip that normally go to the screen of a cellphone instead connect to the camera input of the second chip.
“The second chip is literally watching a video of the first chip as it browses the internet,” Garfield said. “It’s as close to an air gap as you’re ever going to get.”
Repurposing existing technology means this new approach to security has a good price-to-performance ratio.
“When we realized that somebody had already invented and commoditized this, that was our eureka moment,” Garfield said.
The company plans to provide this secure browsing through hardware appliances in a cloud infrastructure.
Garrison’s platform requires a philosophical shift in the security mindset away from the default approach detecting risk.
“What we’re doing is converting it to a form that can only be safe,” he said. “If you add security into the first few lines of code, everything above it doesn’t matter.”
SEE: Cybersecurity: Let’s get tactical (free PDF)
Garfield said the other reason to adopt an entirely different approach to security is because spending on cybersecurity continues to increase, at almost the same pace as the frequency and intensity of cyberattacks.
“We’re seeing more and more people show distrust in software solutions and quite a few examples of security software being the attack vector,” he said.
How it works
Garrison’s Silicon Assured Video Isolation (SAVI) uses physically separate processing systems and an information transfer approach.
The Garrison SAVI Isolation Appliance (GIA) is a rackable hardware appliance that supports up to 280 concurrent active users. The GIA uses three physically separate network interfaces:
- A client network interface for connection to the higher trust network, where users’ endpoints will be connected
- A remote network interface for connection to the lower trust network, where services are located that the user may wish to access
- A management network interface for connection to a management network used to configure the appliance and which is assumed to have the highest level of trust
The remote environment processor chip (REP) runs software to connect to the risky network. This software could be either a web browser or a virtual desktop infrastructure client. The client connection processor chip (CCP) runs software to connect to the user’s sensitive endpoint, over the client network. The security enforcing functions of the GIA allow the CCP to control and view the REP while keeping the CCP safe even if the REP is running malware.