SCOTTSDALE – cleverDome, Inc.™, (cleverDome) a cybersecurity solution for the wealth management and legal industries that protects confidential consumer information by taking that information “Under the Dome”™ (i.e. secure and off the open Internet), and United Planners Financial Services (United Planners), a national wealth management firm that provides financial planning, investment management and insurance services, today announced a material cybersecurity offering focused on shielding the financial advisors of the firm – and, in tandem, the financial advisory firms’ clients. The announcement was made at United Planner’s annual conference, which was held May 24 and 25, 2022 in Scottsdale, Arizona.
“Can your most confidential information be taken off the open internet and secured? Yes, and we have proven it at United Planners via our DefendUP Cybersecurity Offering,” said Sheila Cuffari-Agasi, EVP, Chief Revenue Officer of United Planners. “Thanks to cleverDome and their ingenious solution, our platform has been taken off the open internet and even includes tier 1 vendors like Orion and Redtail. Transmission of data between best-in-class technology vendors, advisors, their staff, and the back office is fast, smooth, stable, secure, and reliable. Advisors can rest assured knowing their client data is safe, protected, and off the open internet when doing business with United Planners.”
BETTER THAN A TRADITIONAL VPN SERVICE
Mike Hallett, CEO of cleverDome said, “cleverDome has partnered with United Planner’s DefendUP Platform to secure high-performance and affordable no-trust cybersecurity solutions, enabling wealth management and legal firms to finally leverage the internet in a safe fashion. cleverDome’s solution is an always-on, securely-connected, blazingly-fast solution that materially trumps the benefit of VPN. We encourage other vendors to join the private network to provide this vital and maximum-security solution to their clients and advisors.”
Brian Kobel, Product Manager of United Planner’s DefendUP Platform, said United Planners has partnered with cleverDome and others to take its critical infrastructure off the open internet. “The future is here at United Planners. Our home office infrastructure and all communications with essential cloud providers have been taken off the open internet. Devices, users, and our leading cloud partner platforms, along with all transmissions of data between them are, in essence, hidden from the open internet. This enables essential cybersecurity controls and principles to be enforced, such as minimum endpoint device standards, protected cloud services, and no-trust access and communications. On- and off-boarding of users is also immensely simplified. Additionally, we can say goodbye to the security and performance issues associated with traditional VPN services,” Kobel said.
“The United Planner’s DefendUP program exists to further cybersecurity principles of confidentiality, integrity, and secure authentication. It is a holistic cybersecurity program offered to all United Planner’s financial professionals,” Kobel explained. “Offerings include services such as end-point protection and monitoring, security awareness and training, incident response, vendor cybersecurity due diligence, cybersecurity insurance, and secure networking. DefendUP’s mission is to create confidence in a cloud-based industry for the financial professional and their clients by providing a secure and efficient work environment through safeguards within the UP network via technology and knowledge. The intent is to further allow financial professionals to focus more time and attention on their businesses and clients, rather than managing the complex and ever evolving details of cybersecurity.”
OFF THE OPEN INTERNET AND SECURE
United Planners and cleverDome have partnered with Orion, Redtail, and others to include their infrastructure in this private network. This step addresses the CISA (Cybersecurity and Infrastructure Security Agency) guidance as published on May 17, 2022. CISA published Alert (AA22-137A) Weak Security Controls and Practices Routinely Exploited for Initial Access | CISA.
The alert encourages companies to adopt a zero-trust security model that eliminates implicit trust in any one element, node, or service, and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses. Zero-trust architecture enables granular privilege access management and can allow users to be assigned only the rights required to perform their assigned tasks.
The CISA alert also made note of security issues associated with traditional VPN solutions:
Specifically, remote services, such as a virtual private network (VPN), lack sufficient controls to prevent unauthorized access. During recent years, malicious threat actors have been observed targeting remote services. Network defenders can reduce the risk of remote service compromise by adding access control mechanisms, such as enforcing MFA (multi-factor authentication), implementing a boundary firewall in front of a VPN, and leveraging intrusion detection system/intrusion prevention system sensors to detect anomalous network activity.
cleverDome, when properly implemented, takes this a step further by eliminating the need for a VPN and replacing it with a more secure, faster, always-on, encrypted-connection between authenticated partners.
DEFENDUP BY UNITED PLANNERS SECURES CONFIDENTIAL DATA
Eric Clarke, CEO of Orion Advisor Solutions, stated, “I’m proud to partner with others in the industry such as cleverDome and United Planners and their DefendUP team looking for innovative ways to further secure confidential data on behalf of our collective customers.”
United Planner’s no-trust model provides an actionable technical framework for the protection of its critical infrastructure. Secure communications require authentication of any device or user that wants to communicate on the network. Once authenticated, devices or users are permissioned only to those services for which they are entitled. Data is encrypted, fractionalized, and disbursed as it moves along the private network. Cloud vendors joining the private network work to securely set up gateways and go through cybersecurity due diligence to evaluate the degree to which all members cybersecurity programs adhere to standards that enforce the confidentiality and integrity of client data. The solution, when properly implemented, results in a multi-network architecture that is dedicated to enforcing zero-trust principles while mitigating daily attacks and zero-day exploits.