recommended reading

7 Tips to Best Secure Your Agency’s Digital Transformation Efforts

Maksim Kabakou/Shutterstock.com

ARCHIVES

By Chris Borneman October 21, 2016

recent posts

Chris Borneman is vice president of Software AG Government Solutions. With over 20 years in technology and having held CTO, CIO and COO roles for multiple organizations, Chris has focused his career on delivering value to business through technology and building strong relationships.

As citizens and businesses increasingly prefer to interact with the government online, the need for digital change at federal agencies is imminent. With that said, any digital transformation effort needs to ensure the security and integrity of the underlying systems and their integration interfaces must be solidly intact and scalable.  

One needs look no further than the 2015 Office of Personnel Management data breach for an example of how poor data integration led to massive security vulnerabilities. In addition to the risk of data escaping, new unauthorized data coming in must be protected as well. Even with so many advances, for many agencies, data manipulation through network intrusion is a top concern.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

The availability of our systems should be treated with the same level of care as we invest in our security. As we transition to mobile digital approaches, our capacity requirements will shift. This means as the ability to access and process information from anywhere and anytime expands, design patterns of legacy architectures must also evolve.

On Aug. 24, 2014, a single rogue Android app took down the National Oceanic and Atmospheric Agency’s national digital forecast system, through which tens of millions receive their weather forecasts each day. The problem was caused when the app developer introduced a defect that changed the polling refresh rate for new weather data, inadvertently causing a distributed denial of service attack. The outage initially went undetected, and once identified, required several additional hours before a successful block could be put in place.

To support the benefits for digital transformation while addressing existing and emerging security concerns brought on through Advanced Persistent Threat, agencies should consider adopting the following seven techniques:

  1. Ensure all integrations between systems leverage secure, authenticated connections that provide non-repudiation and avoid interim data at rest scenarios. Avoid Extract, Translate and Load approaches. Many legacy interfaces to newer information systems have relied on ETL, but this results in interim files that can be stolen or tampered with.
  2. Avoid point-to-point integration approaches between systems by leveraging an ESB. Point-to-point integrations increase costs, lowers monitoring and integrity checking, and makes security updates difficult to coordinate and deploy. By implementing an Enterprise Service Bus, agencies can alleviate this complexity and accelerate modernization efforts.
  3. Develop and manage a system to review all key sources of authoritative information. By doing so, agencies can ensure they remain protected, accurate and secure and prioritize modernizing interfaces to these systems.
  4. Use service virtualization where possible. Service virtualization provides an extra layer of protection and change management capabilities through interface versioning.
  5. Implement an enterprise in-memory caching system. Enterprise in-memory computing will relieve the load from database and mainframe connections while improving performance and response time.
  6. Deploy a reverse invoke gateway for all communications. This will close off all direct communications to internal systems while securely brokering the information between the requestor and the backend systems.
  7. Require unique registration for every consumer of interfaces. Through this onboarding registration, identification at run-time can isolate bad actors and allow service levels per actor to be introduced. This will ensure that critical systems continue to function and receive higher priority during peak usage times.

Modernization brings an excellent opportunity to improve how we deliver our services and enhance the capabilities within our programs. Using the above techniques can ensure your agency will benefit from secure and successful implementations leveraging approaches and technologies proven in business and government architectures to securely deliver billions of transactions every year.

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.