cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

How Tech Trends Impact Military Networks

Level 12

By Joe Kim, SolarWinds EVP, Engineering and Global CTO

Bring your own application (BYOA), virtual desktop infrastructure (VDI) and software-defined networking (SDN) may promise great things, but they also expose network vulnerabilities.

For military IT professionals, the network is the first line of defense against these threats, but how do you ensure that it sufficiently addresses both current and future security issues?

The answer is surprisingly old-fashioned: go back to the basics. A combination of best practices—including automation, network monitoring and more—as well as network simplicity, is key to ensuring a happy, healthy government IT environment.

Let’s take a look at these best practices to see just how your IT environment can navigate the minefield of acronyms and escape with your security and wits intact.

Network monitoring

By offering a single-pane-of-glass view of users, devices, network devices, and traffic, and using log data to provide real-time event correlation, continuous network monitoring can help government IT professionals improve security and offer peace of mind.

Network monitoring can help achieve network stabilization as the environment grows in complexity. Take the growing number of defense agencies that are making the move to a hybrid IT model, for example. While the benefits of hybrid IT are often discussed, it does represent increased complexity.

Monitoring tools can help address this complexity, providing vital information about which parts of an environment would benefit from moving off-premises, from both a cost and workflow standpoint. Once these applications are migrated, network monitoring can also monitor and verify their performance, and thus can both simplify the move to hybrid IT and help IT professionals make the most of its benefits.

Configuration management

A configuration management solution can be instrumental in the battle against increased complexity. By backing up configurations, IT professionals can roll back changes for fast recovery, monitor configurations, and automatically remediate noncompliance issues.

Automate

Automating compliance with patching and configuration tools means IT professionals can locate and help protect against vulnerabilities as efficiently as possible.

Do you BYO?

Defense agencies have struggled with adopting Bring Your Own Device (BYOD) for some time now, and are all too aware of the security risks these approaches represent. However, it is tricky: off-duty defense professionals need to be able to use internet-enabled devices with fewer restrictions, even if bandwidth isn’t cheap and availability is, at best, patchy.

As a result, military organizations need to have a real, considered discussion on how BYO plans can be adopted, bringing in guidelines and tools to help with adoption and enforce restrictions. User device tracking can help to locate and eliminate rogue devices on the network, and guidelines enforced by IT will help users see that a line in the sand has been drawn regarding usage.

Forward thinking

There is still work to do to make sure defense agencies aren’t severely impacted by these emerging tech trends. The key to realizing this is preparation.

By remaining educated and understanding upcoming trends, tools, and strategies, government IT professionals can ensure they are well-equipped to adapt and thrive in an environment where the next complication is always just around the corner.

Find the full article on Defence Contracts Online.

13 Comments

I'll gently offer discussion against one of your premises:  "off-duty defense professionals need to be able to use internet-enabled devices with fewer restrictions".

I understand that off-duty professionals may want to use internet-enabled devices.  Maybe even use their OWN devices.  It certainly could be convenient for them to use their own devices.

But this is the military.  Thoughtful, touchy-feely, considerate--those aren't words I associate with the military.  Absolute, controlled, with the highest possible degree of security.  These are ideas that better match the military's security needs.

So I'll offer what my corporation does:  for someone who MUST access a secure network from home, provide military-secured/purchased/managed devices, and require the highest degrees of security to be implemented for that access.  It'll be more expensive, though.  And we know how taxpayers and politicians love to focus on that.

I suspect everyone should come back onto the base and work securely from there.  Yes, it's inconvenient.  But military security is not about convenience.  It's about security.  And there's no securing home users' IoT devices or environment as well as systems on a military base.

The best solution is one with the best security.  BYO solutions are not inherently as secure as those provided by, and managed by, your organization.

Even if some I.T. gurus may have the skills to make some BYOD's secure, maybe even make them as secure as military needs,  "some" isn't really sufficient, is it?

MVP
MVP

I agree with rschroeder​, using military assets including network must be under security. 

There is no margin for error or introduction of malware/virus from a byod device or military device.

It's the military.  They're staffed 7x24x365.  It's not like someone goes home and the base closes down all their mission-critical services.  Someone is always present to support those services and applications.  Those people doing this work have backup people, and supervisors, and fail safes . . .

I admit I'm ignorant about BYOD and the military.  Under what circumstances would home users "need" to remotely access military resources via a network via their personal devices from home?

Under what circumstances would BYOD be "required" on base?  It's not like budget cuts are so onerous that people "need" to provide their own network devices, their own cell phones.  They don't have to provide their own bazookas, too, do they?  Now THAT would be some pretty bad budget cutting!

The single pane of glass approach is the wave of the future. Many IT processes can be condensed and streamlined following this approach. I am championing it at my company with SolarWinds as the pane of choice. But there are still umpteen windows to condense into it..

Level 20

BYOD is something we'd like to do in the defense industry but it's a big risk.  Currently the focus is on virtualized containers inside the phone which would protect the defense information from the rest of the phone and users apps.  Although this has some promise many aren't ready to stake their reputation on it yet.

MVP
MVP

Nice write up

Level 14

BYOD is a nightmare anywhere.  I'm working at a University where 50,000 students and 5,000 staff all have their own devices and want to connect to everything. 

MVP
MVP

BYOD...Bring Your Own Disaster

If we thought about what's assumed-OK-but-is-actually-wrong with the statements above, we might come up with a stirring list of negatives.

  • "Automating compliance with patching and configuration tools means IT professionals can locate and help protect against vulnerabilities as efficiently as possible."

What wrong with the above?  If you've bought into supporting BYOD, you've bitten off more than you can chew.  You'll probably never keep up with the vulnerabilities of every version and flavor of iPad, iPhone, iPod, Android, Windows, Linux, etc. Operating System, much less the seemingly endless versions of hardware.  If you want a never-ending list of things to get done and then do over and then do over again, you COULD open up BYOD.  But who has those kinds of staff resources & time?  You MIGHT get by if you were strict and said "we will only allow one brand/model/OS/version of BYOD on the corporate BYOD network.  You can buy that, bring it into us, let us secure it and manage it and patch it and update it frequently, or you cannot use the corporate BYOD network."  And you'll still be behind the 8 ball.  We can face up to the reality that Solarwinds and other product don't have the ability to automate proper security enforcement and patching management on every possible variety of home-users' hardware and operating system.  It's not an embarrassment--it's just reality.  The only hope may be to limit the demand and need such that you only have to support one flavor, one style, one hardware.  MAYBE that can be automated.  But keeping up with the daily or hourly changes and exploits?  I don't think so.

  • "Off-duty defense professionals need to be able to use internet-enabled devices with fewer restrictions"

No, they don't.  They may LIKE to do this.  You may WANT them to do this.  But "NEED?"  Nope.  There'll always be a security hole waiting to be found or created and exploited with every encryption and security--that's if history is any teacher.  Why not learn from the past and require anything that needs security to stay behind your corporate or military firewall?  It may be inconvenient to work within that limitation, but how inconvenient is it when a foreign government or agent exploits a security hole in your military's I.T. infrastructure?  "Inconvenient" won't begin to describe it once its exploited and becomes public.

Level 21

I can't help but think our nations security is critical enough that maybe BYOD just shouldn't be a thing for any of our military or defense networks.

MVP
MVP

just wait until IoT hits the military networks....

Level 21

LOL, when I read this I couldn't help but picture an ammo crate that would automatically order more ammo when it gets low... probably from Amazon. 

MVP
MVP

yeppers !

Not to mention the tablet display on the outside showing what is inside..

About the Author
Joseph is a software executive with a track record of successfully running strategic and execution-focused organizations with multi-million dollar budgets and globally distributed teams. He has demonstrated the ability to bring together disparate organizations through his leadership, vision and technical expertise to deliver on common business objectives. As an expert in process and technology standards and various industry verticals, Joseph brings a unique 360-degree perspective to help the business create successful strategies and connect the “Big Picture” to execution. Currently, Joseph services as the EVP, Engineering and Global CTO for SolarWinds and is responsible for the technology strategy, direction and execution for SolarWinds products and systems. Working directly for the CEO and partnering across the executive staff in product strategy, marketing and sales, he and his team is tasked to provide overall technology strategy, product architecture, platform advancement and engineering execution for Core IT, Cloud and MSP business units. Joseph is also responsible for leading the internal business application and information technology activities to ensure that all SolarWinds functions, such as HR, Marketing, Finance, Sales, Product, Support, Renewals, etc. are aligned from a systems perspective; and that we use the company's products to continuously improve their functionality and performance, which ensures success and expansion for both SolarWinds and customers.