Jason Buffington .com

Here’s a Cyber Resilience isolation mechanism that you may not have heard about yet but really ought to consider as part of your Business vContinuity strategy.

HINT: Run Windows on the good days, run IGEL on the bad days

video transcript

To all my BC/DR colleagues: What is your endpoint strategy during a cyber event?

Most teams don’t have a great answer to that very important question.

When a breach is first discovered, many environments will raise the drawbridge, activate the force fields, and in every other way, invoke isolation as they start the triage and remediation activities. The irony is that while the threat actors may have brought down some of your IT systems, you may now be self-inflicting further losses of productivity by isolating your users from the applications that drive your business. Admittedly, that is often the responsible thing to do because you can’t trust where the breach might have come from and you should assume that the threat actors are likely continuing to connect into your environments.

What if there was a better way?

IGEL has been producing a secure OS for various thin client and purpose-built endpoint scenarios for years. But what they’ve come up with more recently, with updates announced last week, is something that should excite and potentially inspire your cyber resilience and IT disaster recovery teams.

Last year, IGEL shipped a dual-boot capability whereby endpoints could run whatever their normal Windows or Linux OS and all of their typical applications completely unfettered, but with a boot loader option to dual boot into a secure OS from a hidden local partition that is underpinned by VDI technologies, centrally managed, and wholly hardened.

Last week, at its Now & Next conference, IGEL announced one of the coolest new tactics in IT DR and cyber resilience, which they refer to as Emergency Mode.

When ransomware strikes, IT can remotely invoke dual boot so that your myriad remote devices regardless of their primary OS and/or even if they have been compromised are all forced to reboot into the IGEL secure OS. The result being that those users can immediately be authenticated and trusted to resume connectivity back to the corporate network and utilize whatever production services have not been compromised, as well as be assured to have a malware free user experience to whatever SaaS applications that the business also utilizes

You’ll see more coverage about how IGEL’s BC/DR capabilities might align with overall IT resilience initiatives and where IGEL’s pocket offering might be a massive differentiator for Disaster Recovery as-a-Service (DRaaS) providers over the next few weeks, so go check them out.