Quark Security provides consulting support for our customer's using Linux, Security Enhanced Linux, and Security Enhancements for Android. Our service offerings include security architecture design, implementation, and analysis support. Our engineering team is experienced with all levels of these platforms, from the low-level kernel through the application interface.
Quark Security is advancing the mobile device security environment by building on the strong platform present in Android devices. We develop custom SE for Android policies and utilize Android’s advanced security controls. The SE for Android security policies are compliant with the Mobile Access Capability Package (MACP) and are deployed as part of the Department of Defense (DoD) pilot program spearheading the effort for deploying mobile devices capable of accessing classified data.
Building on that experience, Quark Security can help you deploy secure mobile solutions built on commercial, off-the-shelf hardware. Our offerings can be combined with our products leading to a mobile security solution that provides manageable security without the hassle of custom hardware. We will develop security policies tailored to meet your unique requirements mobilizing your workforce.
Our work with SE for Android provides an intimate understanding of the Android environment, from applications to the Linux kernel. We bring this knowledge to bear on other problems in the mobile space including reverse engineering of apps and developing core platform functionality.
While mobile handsets and tablets are prevelant in the workforce, other devices built on the same technology are also in widespread use. For example, mobile hotspots are a common piece of hardware enabling mobile users to securely connect to the enterprise network. The Internet of Things is rapidly advancing with everything from refrigerators to cars and trucks running Android. Quark Security can help secure these devices providing enhanced security keeping your workforce and networks secure.
The use cases of some solutions drive higher levels of security requirements. Perhaps you're developing a network perimeter appliance or a laptop that will process sensitive data, we can help you develop and deploy solutions that meet your higher than usual security requirements.
We are experienced in all aspects of defensive cybersecurity and security solution development, from inception, to requirements, design, implementation, testing, certification (if needed), and ultimately deployment and long term support. We base our solutions on Linux and leverage best-of-breed technologies to develop solutions that stand up to the rigors of real world use in threat filled environments.
We understand that security should be requirements-driven based on risk and threat assessment; a system on a closed network in a data center will have drastically different threats and risks then a laptop used by the warfighter in the field. There is not necessarily protective or financial value in treating them the same. We will work with your team to figure out what is really necessary, what is a "nice to have", and what is not worthwhile. This will save you time, effort, and money.
Controlling the flow of information between networks at different security levels requires more than just firewalls. Ensuring sensitive data does not end up in the hands of a person or entity that should not have access to the information requires much more advanced capabilities. The data might need to be filtered, converted to other formats, or dropped all together. Likewise, supporting the integrity of networks and systems connected to the networks requires similar controls on data flow.
For example, a user accessing data on a top-secret network may need to transfer a redacted document to a user on a secret network. Transferring this document between security domains necessitates a cross-domain solution that analyzes the document ensuring the document adheres to enterprise-defined security policies such as no white-on-white text and no document properties. If the document does not meet the requirements an alert may be sent and document will not be delivered to the user on the secret network.
In a nuclear power plant and other critical infrastructure environments, supervisory control and data acquisition (SCADA) systems monitor and manage many of the devices responsible for key operations in the facility such as taking emergency action when a system reaches a critical level. An adversary could compromise the integrity of the systems on the network and alter the behavior of the SCADA subsystems.
Quark Security's team supports the development of these Linux-based solutions by designing the security architecture, i.e. how information flows, (SELinux) policy the enforces information flows defined in the security architecture with mandatory access controls.
Quark Security also supports certification, testing, and evaluation activities by analyzing SELinux policy and producing documentation suitable for inclusion in accreditation evidence packages.