Put security in the background to put security first

Featured eBooks
Whole-of-State Cybersecurity
The State of Trust in Government
Cybersecurity in State and Local Government
By Jim Hansen
 

Connecting state and local government leaders

By Jim Hansen

|

Automated and continuous monitoring can secure networks services and still provide uninterrupted and seamless access to those who really need it.

The escalating threat landscape and the increasing complexities of federal IT networks are inevitably intertwined. Government IT professionals are tasked with providing access to network services for thousands of employees, using hundreds of thousands of devices, across the country and around the globe. Hackers see this as an opportunity -- all of those access points and devices represent potential vulnerabilities they can exploit.

Evolving government networks will continue to be an appealing target for both foreign and domestic adversaries. Network administrators must find ways to keep the wolves at bay while still providing uninterrupted and seamless access to those who really need it. Here are three things they can do to help maintain this delicate balance.

1. Gain visibility and establish a baseline

Agency network admins must realistically assess how many devices (and what types) are connected to their networks and who’s using those devices. This information can help establish visibility into the scope of activity that’s taking place, allow teams to expose shadow IT resources and root out unauthorized devices and users. Administrators may also wish to consider whether or not to allow a number of those devices to continue to operate. While maintaining a flexible number of devices can be beneficial for worker productivity, it can also limit the level of security that can be introduced.

Once that’s done, teams can gain a baseline understanding of what’s considered normal and monitor from there. They can set up alerts to help notify them of unauthorized devices or suspicious network activity that’s outside the realm of normal behavior.

All of this monitoring can be done in the background, without interrupting user workflows. The only time users might get notified is if their device or activity is raising a red flag. Everyone else can continue working without interruption.

2. Automate security processes

Many network vulnerabilities are caused by human error or malicious insiders. This is especially true in Department of Defense Department networks. These vast and highly distributed networks comprise many different users, devices and locations, and it can be difficult for administrators to detect when something as simple as a network configuration error occurs, particularly if they’re relying on manual network monitoring processes.

Administrators should create policies that outline approval levels and change-management processes so that configuration changes should not be made without approval and supporting documentation.

They can also employ an automated system running in the background that supports these policies and tracks unauthorized or erroneous configuration changes. The system can scan for unauthorized or inconsistent configuration changes that fall outside of the norm. It can also look for non-compliant devices, failed backups and even policy violations.

When a problem arises, the system can automatically correct the issue while the IT administrator surgically targets the problem. There’s no need to perform a large-scale network shutdown, thereby depriving the majority of the staff with critical access to connectivity and information. The network -- and those who rely on it -- can continue to operate as usual while security policies are enforced.

Automated and continuous monitoring for government IT can go well beyond configuration management, of course. Agencies can use automated systems to monitor user logs and events for compliance with agency security policies. They can also track user devices and automatically enforce device policies to help ensure that no rogue devices are using the network.

In the event of a vulnerability or attack, administrators can use forensic data captured by the automated system to trace the incident back to the source and directly address the problem. Similar to the joke about Schrödinger’s backup (the condition of a backup is unknown until a restore is attempted), security teams should ensure that they capture the correct data and forensic evidence should a legal investigation become necessary. Through artificial intelligence and machine learning, the system can then use that data to learn about what happened and apply that knowledge to better mitigate future incidents. Simultaneously, agency IT teams can use that information to develop new or augment current security policies as necessary.

3. Lock down security without compromising productivity

The systems and strategies outlined above can maintain network security without interfering with workers’ productivity. The systems are not focusing on individual users. Instead, they are looking for overall patterns and anomalies that deviate from an established baseline of activity. Only when and if something comes up is a user affected, and even then the response will likely be as unobtrusive as simply denying network access to that particular person.

In the past, that kind of environment has come with a cost. IT professionals have had to make a binary choice between providing users with unfettered access to the tools and information they need to work or tightening security to the point of restriction. The former can expose agencies to risks, while the latter can hinder productivity.

Fortunately, that approach is no longer necessary. Today, federal IT administrators can put security at the forefront by making it work for them in the background. They can let the workers work -- and keep the hackers at bay.

NEXT STORY: High demand for IoT regulation, survey finds

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.