As agencies across the federal government modernize their networks to include and accommodate the newest technologies such as cloud and the Internet of Things (IoT), federal IT professionals are faced with modernizing security tactics to keep up.
There’s no proverbial silver bullet, no single thing capable of protecting an agency’s network. The best defense is implementing a range of tactics working in concert to provide the most powerful security solution.
Let’s take a closer look.
Something nearly all of us take for granted is access. The federal IT pro can help dramatically improve the agency’s security posture by reining in access.
There can be any number of reasons for federal IT pros to set overly lenient permissions—from a lack of configuration skills to a limited amount of time. The latter is often the more likely culprit as access control applies to many aspects of the environment. From devices to file folders and databases, it’s difficult and time-consuming to manage setting access rights.
Luckily, an increasing number of tools are available to help automate the process. Some of these tools can go so far as to automatically define permission parameters, create groups and ranges based on these parameters, and automatically apply the correct permissions to any number of devices, files, or applications.
Once permissions have been set successfully, be sure to implement multifactor authentication to ensure access controls are as effective as possible.
The best protection against a complex network is multi-faceted security. Specifically, to ensure the strongest defense, invest in both cloud-based and on-premises security.
For top-notch cloud-based security, consider the security offerings of the cloud provider with as much importance as other benefits. Too many decisionmakers overlook security in favor of more bells and whistles.
Along similar lines of implementing diverse, multi-faceted security, consider network segmentation. If an attack happens, the federal IT pro should be able to shut down a portion of the network to contain the attack while the rest of the network remains unaffected.
Once the federal IT pro has put everything in place, the final phase—testing—will quickly become the most important aspect of security.
Testing should include technology testing (penetration testing, for example), process testing (is multi-factor authentication working?), and people testing (testing the weakest link).
People testing may well be the most important part of this phase. Increasingly, security threats caused by human error are becoming one of the federal government’s greatest threats. In fact, according to a recent Cybersecurity Survey
, careless and malicious insiders topped the list of security threats for federal agencies.
There are tactics federal IT pros can employ to provide a more secure environment, from enhancing access control to implementing a broader array of security defenses to instituting a testing policy.
While each of these is important individually, putting them together goes a long way toward strengthening any agency’s security infrastructure.
Find the full article on Government Technology Insider.