Why government security belongs in the cloud
- By Shawn Rodriguez
- Jun 28, 2016
Cloud-first strategies have become a focal point for state and local governments over the past few years. With today’s tightening IT budgets and a growing number of legacy application modernization projects, state and local government CIOs are being pressed now more than ever to accelerate adoption. Quick wins have included email, web portals and collaboration tools, but most government agencies have resisted migrating more mission-critical applications and services.
Recent trends in state and local government, however, show that may be changing. Cybersecurity, perhaps the most mission-critical application of all, is quickly embracing the cloud, and the benefits are almost immediate.
Shifting SIEM (security information and event management) and data analytics capabilities to the cloud gives government security leaders greater agility with these tools, which is critical to proactively monitoring, identifying and responding to threats. Every government agency today needs the ability to analyze data in real time, in order to detect anomalies within applications, network activity and log data as well as identify abnormal user behavior. For state and local agencies that are ready, moving these capabilities to cloud or hybrid environments will offer more immediate value to the organization. The reality is state and local government agencies are already seeing enhanced agility and scalability in cloud environments.
The transportation sector, for example, has begun to face real security challenges as driverless vehicles and drone technologies move into the consumer market. Security vulnerabilities in vehicles, drones and transportation systems will multiply with this evolution; indeed, it is already happening. Most transportation agencies use manual processes for system log reviews, which can be tedious, unreliable and often too slow to address issues that require real-time response capabilities. Add to that thousands of new sensor data sources and you have a real-world technology tsunami. To address such an issue, some agencies across the country have deployed applications in the cloud that enable them to immediately gain operational visibility into security and IT operational issues.
Law enforcement agencies have also joined the trend of housing their data and applications in cloud or hybrid models. Besides storing body camera video in the cloud, these organizations have access to a great deal of citizens’ personally identifiable information that must be secured. Many departments have started using cloud-based security to improve monitoring and protection of information that is being stored and shared on the network, as well as to enhance the management of increasingly virtualized environments. Cloud and hybrid models can help law enforcement use resources more effectively, and operational intelligence solutions can provide valuable visibility into all law enforcement activities, supporting not just security, but also 24x7x365 performance of service-level agreements and compliance requirements.
Simplification is one of the major benefits agencies see once they’ve begun to migrate applications. Comprehensive security services can help organizations improve threat identification and risk mitigation, reduce remediation cycle times and demonstrate regulatory compliance. Providing this type of platform through the cloud eliminates the difficulty of building and maintaining complex hardware. It also can help ease staffing and shrink the knowledge gap that exists with the dynamic nature of security threats and preventative tools. As a result, moving security solutions to the cloud helps agencies better allocate their resources and save money, which is especially important for smaller agencies that are expected to deliver solutions that they have not been properly funded to build and operate.
When agencies use a major and reputable cloud provider who often has advanced cyber technologies and security staff, they find that their data is more accessible and secure. A recent cross-industry Cloud Security Alliance survey found that nearly 65 percent of IT and security leaders think cloud and hybrid cloud models are as or more secure than on-premises software. This growing trust is what’s opening agencies up to putting more applications in cloud and hybrid environments. With an increasing number of state and local organizations relying on cloud and hybrid services, 2016 will see the industry continue to develop stronger security standards for the cloud. Establishing these standards will enable even greater migration and compel agencies to integrate cloud-based services into their IT delivery models sooner rather than later.
Even with all of the emerging benefits, some CIOs and chief information security officers hesitate to put their security tools in the cloud. Fortunately, decision makers can use resources such as the Federal Risk and Authorization Management Program for guidance. Though mandated for federal agencies, state and local government organizations can use FedRAMP to evaluate the reliability of the cloud and hybrid security applications that are available.
With security intelligence and analytics solutions in place, government organizations can automate the laborious processes of sifting through logs and other machine-generated data, saving time and trouble when attempting to identify the source of a problem or a threat. Deploying these capabilities through the cloud accelerates time to value, providing nearly all sectors of state and local government with both holistic and granular views of their IT environment in real-time, enabling them to analyze and visualize their data and mitigate potential risks.
By now everyone understands the increasingly dangerous and sophisticated cybersecurity threats that government faces at every level. Flexibility, speed, agility and efficiency are all characteristics critical to government security solutions. The right security platform can provide all of these characteristics regardless of how it’s deployed, but cloud and hybrid environments can provide organizations with a faster, more direct path to success. As the cyber landscape grows and pressure on government increases to secure information, don’t be surprised if state and local agencies lead the trend of deploying security solutions in the cloud.
Shawn Rodriguez is area vice president, State and Local Government and Education, Splunk.