How agencies can ensure continuity of operations

Featured eBooks
Whole-of-State Cybersecurity
The State of Trust in Government
Cybersecurity in State and Local Government
By Eric Trexler
 

Connecting state and local government leaders

By Eric Trexler

|

Cloud-based security tools enable detailed monitoring of user behavior, allowing agencies to understand what’s normal, detect when data is being accessed that shouldn’t and block the highest risks.

Since 9/11, the federal government has been fixated on continuity of operations from a physical perspective. Work needed to continue even if, hypothetically speaking, the Pentagon was bombed or the data center disappeared. As such, a tremendous amount of money was spent on hard backup sites for both people, processing and data redundancy. Often we heard this referred to as continuity of operations or disaster recovery. Then the coronavirus pandemic presented a continuity curveball.

No continuity plans ever factored in a long-term, wholesale shift to telework and remote operations due to a virus that prevented personnel from working together in continuity facilities. For all their preparations, government agencies were caught mostly unprepared. The early response by many agencies had their employees working from home on emergency operations, funneling most traffic back to the data center. Other agencies moved to one week on, one week off, which inherently slowed the pace of productivity.

While today’s new normal of mass remote work is likely here to stay, government organizations are exploring new ways to adapt. The Senate, for instance, recently introduced a bill to extend full-time federal remote work, while the National Security Agency is now allowing telework for unclassified activities. The future will not be like the past. COVID-19 forced a rapid and lasting change not only in the way we work, but how we expect to work and what organizations will accept in how that work is performed. Users want flexibility and will demand it going forward.

The continuity of operations the government sought must now be reassessed via IT investments that mirror commercial sector cloud and software-as-a-service (SaaS) technologies. To ensure this massive cloud migration shift won’t result in compromised users or data, though, it must be accompanied by sufficient user monitoring. User monitoring allows agencies to employ more granular security policies and monitor data wherever it resides or moves and protect remote users, without hindering their ability to effectively perform their job duties. Let’s dig into a few specific technologies that can make continuity of operations a reality for government agencies today.

Monitor users with a CASB

In the past, remote work was executed primarily through VPNs, which permits the perimeter to be extended to the remote work location.  The rapid onset of work from home due to COVID-19 caused problems when massive numbers of employees began relying on them; the sheer volume of additional remote users prevented reliable access to necessary services.

The good news is that the increased adoption of SaaS technologies reduces the need for VPNs. Users can access their SaaS providers directly through zero-trust network access technologies, bypassing the data center and leveraging a cloud access security broker (CASB). This gives agencies visibility into shadow IT, in addition to monitoring what passes through. For example, if a user accesses a SaaS provider and begins screenshotting sensitive information or transferring data to a memory stick, that activity will then be detected and blocked. Anomalous behavior can be detected, similar to the way credit card companies rapidly flag unusual consumer spending, preventing unauthorized access. By monitoring and analyzing user data the same way they would in the office, agencies can secure an exploding number of endpoint devices.

Isolate users with remote browser isolation

Another way agencies can ensure continuity of operations is by rerouting users through remote browsers leveraging virtualization or containerization technology as a cloud-hosted service when they try to access the web. This is far more effective than simply cutting off connectivity, as that tends to lead to even riskier workarounds, especially in remote, work-from-home users. With remote browser isolation, risk is minimized because any compromise will happen on the remote system and not the local one, significantly reducing the attack surface. If users engage in risky activity or start acting in ways inconsistent with past behavior, then it’s time to mitigate the risk in real-time through tools like RBI by physically isolating users’ browsing activity from their local systems and networks. 

Improve user verification

Recently, social engineering attacks have been targeting remote workers, trying to trick them into surrendering their passwords so hackers can log in to the agency network. As already mentioned, user monitoring can detect changes in user behavior that might signal either inadvertent risk or an actual breach. The level of control should be based on the specific user’s risk and the sensitivity or value of the data. While the baseline changes with work from home, the user activities will tend to remain relatively constant over time in the performance of an individual’s work duties. Tied in with zero-trust concepts such as identity, credential and access management, behavioral analysis can be powerful in understanding user behavior and intent while also restricting or controlling access when a user is acting abnormally.

The bottom line

As government agencies work to adapt to telework, users can be both their biggest defense and their biggest risk. Mitigating that risk today can’t mean simply cutting off connectivity. Such an approach doesn’t just decrease productivity and hinder users’ ability to do their jobs -- it can actually lead to even riskier workarounds or worker resentment. Similarly, one-time temporary solutions like having employees only work half-time are unsustainable long-term.

The good news is that IT was already beginning to change in ways that make remote work far more seamless than it was a decade ago. The key is to supplement new SaaS and cloud-based offerings with security tools that enable the detailed monitoring of user behavior: understanding what’s normal, detecting when data is being accessed that shouldn’t and blocking the highest risks. Once again, this represents far more granular and effective security than harsh, overly restrictive all-or-nothing approaches that disrupt anything resembling continuity.

NEXT STORY: Iowa gets pushback on CARES-funded IT projects

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.