Everyone has seen the famous The New Yorker cartoon (July 5, 1993) where a dog behind a computer informs a canine friend sitting nearby that “On the Internet, nobody knows you’re a dog.” There’s only one problem with this memorable phrase. It’s not true anymore. Everyone who goes online creates a digital footprint. This includes so-called passive data such as their IP address, user identity, location, device, OS, browser and more. Digital footprints are problematic for two reasons.
Firstly, many employees need to use the internet every day as part of their work, and their footprint can lead ransomware gangs and other cyber criminals directly back to your network. Even the most harmless surfing creates a potential path for attack.
The second problem relates to employees who require online anonymity to do their jobs successfully. Companies in highly competitive or research-intensive business sectors such as biotech routinely block visitors or alter the content they present to visitors based on their identity, which can be derived from their digital footprint. Potential customers and students, for example, may access documents related to new offerings, while researchers from competing companies will be shut out or only permitted limited access.
Foreign companies or governments may present individuals who have a US-based IP address with different information than what’s available to in-country visitors. Criminal gangs involved in drugs, illicit weapons sales and the like use the internet just like other businesses (often on the dark web) and they also take measures to block access to their sites, notably from law enforcement.
A number of IP address-blocking or IP address-substitution techniques based on proxy servers have been developed to help researchers get around these problems. Unfortunately, proxy servers are now well-known to organizations that want to limit or deny access to their sites, and they are subject to blocking just like other unwelcome visitors.
A New Approach to Anonymity
Rather than substitute one easily-discoverable footprint for another, Conceal has taken a whole new approach with ConcealSearch. Upon sign-on, the system offers users a variety of personas, and also lets them choose ingress and egress points. A one-time-only virtual environment is created for each session. Any communication travels via a complex, independent network with multiple hops through commercial clouds that are frequently churned.
This service entirely conceals the identity of individuals who need to conduct discrete market research and business intelligence collection. They can look at any material that a company chooses to present to the world and, importantly, that company will never know they’re looking.
There’s a second benefit. The path that hides the researcher’s identity is so complicated that, for all practical purposes, it’s not possible to trace them back to their organization’s network. Furthermore, when a session is over the virtual environment is totally spun down. It ceases to exist. The result is that organizations are protected from bad actors who could otherwise use the information in a researcher’s digital footprint to mount an attack. For users, it’s safe to click anywhere, even on dark web sites.
ConcealSearch is designed for individuals within an organization who need its special capabilities. Access is normally controlled at a highly granular level, i.e. individuals or small, role-based groups. Beyond the sign-on requirement, the system interface is identical to whatever browser the user normally chooses for the internet (Chrome, Safari, Firefox, etc.).