So much has changed in the past two years relative to securing our environments. In this article, Brandon Shopp (bshopp), group vice president of product strategy, offers some ideas on how state and local governments can reduce security risks while maintaining a positive customer experience.
Cyberattacks against the nation’s counties are on the rise. Since 2017, attacks have risen an average of almost 50%. With last year’s shift to work from home and virtual learning, counties are finding themselves more exposed.
Used to managing security within the physical perimeter of the office or school environment, IT and security leaders have had to change their focus to managing risk across an extended digital ecosystem.
Let’s look at some strategies county governments can employ to balance the need for improved security for remote workers and students while ensuring a frictionless experience.
- Manage Access at the Endpoint
Endpoint protection is a core security practice, but only 53% of state and local governments rank high on the maturity scale for endpoint protection.
If a department or school doesn’t have the means to supply each of their users with a protected device, they should implement remote monitoring and management capabilities allowing them to monitor and protect their network from afar and receive alerts of any threats.
A virtual private network (VPN) can also protect government and user data remotely. With a VPN in place, agencies can give staff access to secure networks and systems—from remote or personal devices—without putting information at risk.
- Implement Network Segmentation
Network segmentation is an important strategy for mitigating the risk of a bad actor breaching the device of agency staff or students and moving laterally across government and school networks to access sensitive data.
Technologies like software-defined networking (SDN) make it easier to establish and manage permission-based security and quickly enforce segmentation at scale. For example, network administrators can isolate a school system’s student network from their staff network.
- Understand and Act on High-Risk Network Access
Over time, users gain access to more and more digital resources—yet these access rights are rarely audited or revoked.
A single, centralized access rights management solution can simplify the process by providing visibility and control over all access privileges within an organization and continuously monitoring the environment for changes.
- Monitor for Unusual Network Activity
Detecting nefarious activity on the network has traditionally been achieved through log management practices. But monitoring logs at scale—across distributed networks and in the cloud—can be difficult.
Security information and event management (SIEM) systems can help counties address this challenge without unnecessary complexity or cost. A SIEM solution monitors networks for suspicious activity in real time and automates the process of forensic analysis.
- Ensure Everyone Is “Cyber Aware”
Agencies should also remember they’re dealing with humans. Reminding them of basic security hygiene practices can go a long way toward preventing cyber incidents. Best practices include not sharing passwords, changing passwords regularly, and waiting to get on a secure network before accessing a cloud application or sending emails with sensitive content.
Read the full American City & County article here.