On December 17, 2020, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported that it is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020.
Archive360 has prepared this short security statement to advise customers how the SolarWinds event affects them and how they can better protect themselves going forward.
Archive360 and SolarWinds Usage
First and foremost, Archive360’s suite of software products has never and does not use, rely upon or leverage any SolarWinds products. We will continue to work closely with Microsoft and our other technology partners to monitor the situation.
Given the continuing investigation of other access vectors by the public and private sector, we expect that it will be necessary to update this Statement as to other affected systems as more information becomes available.
What We Know Now
CISA has made the following findings:
- One of the initial access vectors for this activity is a supply chain compromise of the proprietary SolarWinds Orion products.
- By way of summary, SolarWinds Orion is an enterprise network management software suite that includes performance and application monitoring and network configuration management along with several different types of analyzing tools. SolarWinds Orion is used to monitor and manage on-premises and hosted infrastructures. To provide SolarWinds Orion with the necessary visibility into this diverse set of technologies, it is common for network administrators to configure SolarWinds Orion with pervasive privileges, making it a valuable target for adversary activity.
- CISA has evidence that there are initial access vectors other than the SolarWinds Orion platform and is investigating incidents in which activity would indicate abuse of SAML tokens.
Prioritizing Security in 2021
Understandably, organizations are concerned about protecting their data stored in the cloud from external -and internal – threats. Discussions with our customers have centered around how we can help them leverage opportunities afforded by the cloud while minimizing the impact of a potential data breach.
Protect your Enterprise Data with Archive360’s Security GatewayTM
The Archive360 Security Gateway is an integrated feature of the Archive360 platform which allows customers to implement multi-level security and encryption options. The Security Gateway provides homomorphic encryption and is implemented on-premises before data is migrated within the customer’s private cloud, providing secure, flexible file and field-level (metadata) encryption of PII and sensitive data, with role-based entitlements to control both access and decryption. Security Gateway also provides 100% Customer management/ownership of encryption keys. Archive360’s Security Gateway enables our Customers to develop and execute policy-based information security protocols that support Customer’s expanding information governance, records management and cloud security needs.
Thank you for your consideration of this Statement. If you have questions or concerns, please contact your Archive360 representative or ceo@archive360.com.
James M. McCarthy | Chief Compliance Officer & General Counsel