Without it, you risk unintentional data leakage, regulatory non-compliance, and blind spots in your security posture.
Only approved data types and flows are allowed, every time.
Hardware-backed enforcement ensures that no hidden channels or covert leaks exist.
Every file and message is parsed, validated, and sanitised before crossing domains.
Full logging and reporting satisfy government and industry mandates.
Maintain strict separation without slowing down your mission-critical workflows.
We can help solve your cross-domain challenges using existing technology and patterns or, when required, work with you to design new solutions to problems that have not yet been solved. Drawing on our real-world experience, we’ll always highlight when a proposed approach carries a risk profile that could be too high for your organisation in specific scenarios.
We have extensive experience designing systems to use Cross Domain Gateway (CDG) technology. We understand how to mitigate the risk of vulnerabilities on the “high side” through careful data description and management, coupled with a hardware-backed CDG.
We also provide assurance for third-party implementations by reviewing their architecture, particularly data designs.
TESTING – we have built an ephemeral AMS Reference deployment allowing third parties to test and build their own services in a representative environment. We can host it, or a third party can do it offline.
We design, deploy and support AMS-based systems that can be tailored to specific User requirements, taking operational requirements and risk appetite into account.
This includes creating “AMS middleware” between the client and server to facilitate data translation and security.
The above offerings can be tailored to fit your requirements if needed, and we can liaise with NCSC Security Architects to obtain advice, design review, or general opinion based on their privileged knowledge if necessary.
Our goal is to provide just the support needed, whether teaching clients to manage their own solutions or working independently, allowing clients to focus on their core business If you need technical security support, we are here to help.
We shaped the formal guidance on mobility in high-threat environments.
Unbiased advice from UKCSC-Chartered and ACSC-certified Security Architects.