From the Trenches: Secure Communications with TrustCall at Black Hat 2016
Attending an industry conference in Las Vegas during holiday season would ordinarily give me pause – all the more so given the specific nature of Black Hat’s clientele, lecture topic’s content and the conference’s penchant for “live” training. And with Defcon following after it (as one friend put it: “Black Hat on steroids”) and many attendees in town for both conferences, it was safe to assume that IT equipment and mobile devices, as well as hotel networks, Wi-Fi and probably even what appeared to be GSM-cell towers, could be considered a compromised means of maintaining contact with life outside of Sin City — with no hope of reliable, secure communications.
As the new boy at KoolSpan – landing at McCarran airport constituted Day 2 of my job — my sense of vulnerability attending Black Hat was potent. Most of my equipment was freshly unboxed and untested. I was just getting to grips with my new role and trying hard to come up to speed.
That familiar feeling of wanting to be on the front foot, not wanting to be out of the loop and not wanting to miss anything was palpable…I needed to reach out to colleagues and source information to educate myself, be informed and start to understand our business. Connecting with colleagues, meeting up with prospects and partners, getting to know the people I’m working with, what we do and, most importantly, what we do together and for our customers and clients was challenging – particularly while trying not to leave an exploitable footprint or wind up on a live-screen as another newbie who got “pwned.”
How I Connected and Communicated Securely at Black Hat 2016
Using TrustCall (specifically TrustCall On-Prem deployed by KoolSpan with TrustGroups defined for employees, partners, Advisory Board, Executive team, etc.), I connected with my colleagues securely, without exposing their contact details, metadata or other identifying information, and – because we use TrustCall On-Prem, my employers and only my employers if they’d wanted – could see with whom I was speaking and collaborating, just to be confident that I was behaving myself.
Using TrustBridge, the mobile-to-office-phone functionality, I re-connected with colleagues in Bethesda and kept up with my new employee onboarding tasks via helpful, secure conference calls set up for new members of the team dialing in for training and briefings.
With segregated, well defined TrustGroups, I sat in on calls with partners and customers around the world, listening (securely) as the day-to-day business of trials, stand-ups and operations continued, oblivious to our collective whereabouts, what networks we were connected to and what IMSI-grabbers and collection tools might be arrayed against us between the pyramids, fountains, and slots.
Why I needed TrustCall to Communicate Securely at Black Hat
As I surveyed the landscape in Vegas, noting the emphasis on taking a chance, how people are channeled and can be controlled there, I recalled operational security briefings from a previous job and found myself wary and alert. I realized that I was constantly weighing the value of connection versus isolation, of reward versus risk, of being externally-aware versus staying in the moment. When you know that you’re surrounded by potentially hostile actors and that the very ground and infrastructure that you stand on seeks only to take your money, time and attention for its own nefarious gains (stay with me– that’s it for the overly-conservative Vegas analogies from this particular Brit!), you consider your relationship with trusty cell-phones, laptops and networks with a renewed and healthy cynicism.
Rather than succumb to the temptations of remaining totally offline in the interests of company security however, I found that I was able to be productive and continue that human process of creating, establishing and building trusted relationships while at Black Hat, thanks in part to some new tools of my trade.
Even in the desert oasis of Las Vegas, surrounded by hackers being trained in exploits and attacks, there are a few things that you can do to communicate securely with the people you trust without exposing yourself – or them – if you have the right solutions in place.
Let us know how we can help you implement TrustCall across your organization so that you can connect and communicate securely regardless of your whereabouts.