Amid a sudden shift to remote work, agencies are taking steps to improve their security strategy. Here’s how.
For government agencies, the shift to remote work has made a lot of things easier. Once burdensome activities, like long commutes, have all but disappeared, and a long-term move to work from home could cut real estate and transportation costs.
But the transition to telework has also presented several challenges, especially for IT departments. Working from home, of course, has required many agencies to adopt an entirely new IT infrastructure that takes into account multiple endpoints in various locations. As a result, enterprise security has become a high priority for agency leaders.
The need to enable secure remote access comes as the FBI’s Internet Complaint Center reported striking new evidence that cybercrime increased by 400% since the onset of the COVID-19 pandemic. Public sector IT departments are now taking proactive measures to immunize their agencies from common security threats.
Protecting Classified Information
Government agencies know all too well that managing classified data requires extra tight security measures. But as risks increase, how can agencies ensure the right employees gain access to this information so that they can do their jobs effectively — while taking proper measures to secure it?
“Providing a virtual desktop infrastructure is the first step toward achieving a secure infrastructure, but organizations need to go beyond that,” said Rob Chee, technical director of Iron Bow Technologies’ security practice. “It’s important for agencies to ask themselves, ‘what is going to be the most secure way to provide this VDI access, assuming the user is not in a secure location?’”
The U.S. government has taken a number of steps to develop solutions that solve these very challenges. The National Security Agency and Central Security Service, for example, established the Commercial Solutions for Classified Program, an opportunity for users to better secure their classified data by leveraging proven commercial technologies.
“We're talking about a purpose-built laptop that has two layers of encryption,” Chee said. “It uses cryptographic algorithms that have been approved by the NSA and done in a way that dramatically reduces the attack surface."
CSfC also provides the “Data at Rest” capability package to protect classified data stored on an end user’s device — and allows that data to be considered unclassified when the device is turned off.
But what happens to this sensitive data in the event that one of these devices makes it into the wrong hands? Today, agencies have an opportunity to wipe that data remotely. In other words, if a user loses their device, agency IT leaders can remove specific applications or any other potentially compromisable data.
Troy Massey, director of enterprise engagements at Iron Bow Technologies, has experienced this challenge firsthand. As part of a partnership with a federal healthcare agency, Iron Bow provides laptops to patients’ homes to support the organization’s telehealth initiatives.
But these patients “don’t always keep the laptop or tablet — sometimes they sell it,” Massey explains. “So, we need to be able to easily wipe those devices of sensitive data.”
The Path Toward Secure Cloud Operations
While enacting policies that protect classified information on users’ devices is a critical step in the journey toward secure remote operations, agencies must also consider the bigger picture. That begins by understanding how — and where — they store their data.
With the shift to remote work, more agencies have moved to multi-cloud environments aimed to offer enterprises increased flexibility and scalability as they adapt to telework. In many ways, this type of configuration can give organizations a leg up on security.
“This multi-cloud approach can offer enterprises a unique ability to move to a cloud that has more advanced features, giving them the flexibility to move to a more secure vendor,” Iron Bow Technical Director of Data Analytics Brandon Lockhart said.
However, it also puts the onus on the agency to exercise more control over its security infrastructure.
“With multiple cloud environments, you have various security models in place as opposed to just one model to conform to,” Lockhart continued. “It’s up to the customer to protect, secure and improve their data, no matter where it sits.”
To make that happen, organizations must implement tools that offer insight into each cloud environment.
“One of the best things agencies can do is leverage tools that provide threat visibility to identify potentially malicious behavior that could indicate an attack occurring,” said Chee. “Security analysts can then use the information provided to understand how the attack entered, define what devices are affected and reduce the time to remediation and root cause analysis."
Ultimately, he added, analysts can begin to understand exactly how many endpoints have been affected by an attack and a possible root cause.
Furthermore, Chee says organizations and IT departments can mitigate security breaches by starting the journey toward implementing a Zero Trust architecture. That means identifying an organization's users, devices and applications and using appropriate security appliances to implement stricter rules that require every user to prove that they are authorized to access an application using a particular device.
“The concept of Zero Trust has been around for a long time, but it's just in recent years that companies have really started to focus on making it end user-friendly,” Chee said. “Thumbprint and multifactor authentication solutions, for example, are going to allow Zero Trust to provide much higher levels of security for organizations with users operating remotely.”
And while the many steps organizations must take to secure their remote workforce can seem daunting, others view it as a sign of progress.
“The fact that we can access classified data at any terminal outside of a secure facility is just mind-blowing,” said Massey, who spent 21 years managing data centers for the Air Force before he joined Iron Bow. “And now we have the technology to provide classified network access to someone’s home. It’s really incredible to be able to say that.”
Find out how Iron Bow can help you take your enterprise security strategy to the next level at ironbow.com/irontarget/.
This content is made possible by our sponsor. The editorial staff was not involved in its preparation.