Three post-COVID investments for stronger public sector network security
The $350 billion in aid to state and local governments in the American Rescue Plan Act (ARPA) was a desperately needed measure to bolster public finances that had been decimated by the COVID-19 pandemic and the economic crisis that followed. Coming on the heels of two previous tranches of multi-billion-dollar federal aid, government agencies are looking to use this newest funding to invest in long-term projects that will enhance their ability to meet the needs of their constituents and address future crises.
In light of a general lack of understanding of what state and local governments can—or should—use the funding for, IT decision makers in these organizations should think creatively about what they can do with this money while still adhering to Federal guidance about how it can be spent.
Perhaps no area offers greater potential return on investment than upgrading the foundations of IT systems. Cloud-based technologies in particular offer a host of benefits to government organizations, from lower costs to higher scalability and simpler deployment that can help strengthen critical public infrastructure and offset some of the negative economic impacts of the crisis, yet they remain underused in the public sector.
To fully take advantage of these benefits and ensure that employees can use them safely and reliably, state and local government organizations should consider investments with the following three principles in mind.
One of the primary challenges that organizations face as they transition to the cloud is understanding where all their assets are. As data, workloads and services move to the cloud, and as the shift to remote work accelerates, understanding what is happening in the network environment is critical. Network administrators can’t secure what they can’t see, and so the priority of any cybersecurity strategy should be investing in solutions that give teams visibility over the network.
In the traditional network environment—in which devices and workers connected to a centralized data server—visibility was (relatively) simple, since network connections were all made and managed centrally. But in today’s cloud-first environment, people, data and devices are mostly located outside the four walls of the office or some hybrid of inside and outside. This has increased the complexity of managing and securing today’s network—which opens avenues of vulnerabilities for bad actors to exploit.
Fortunately, solutions exist that leverage networking infrastructure organizations already use—DDI (DNS, DHCP, and IP Address Management)—to give administrators a full picture of what devices are connected to the network and who they are communicating with. These services can be a powerful tool in providing a foundational layer of visibility and security for government networks.
Another challenge that government agencies may face when making the transition to the cloud is the difficulties of securing an expanded attack surface. More devices connecting from outside the network, and more data located in the cloud means that there are more locations that need to be secured, more potential vectors for bad actors to exploit, and a larger attack surface to defend.
Traditional security solutions and their one-size-fits-all approach simply can’t keep up with the diversity of connection types, locations and devices of the cloud-first world. State and local governments looking to take advantage of the opportunities of the cloud can head off these challenges by leveraging security solutions that provide foundational security across the whole network—wherever their users or data are located.
DNS is one such solution, providing a powerful, foundational layer of security for networks, and securing users and data whether they are located on-premises or in the cloud. The protocol, which is one of the first things a device uses when it connects to a network, can be used to monitor network traffic and proactively identify threats based on where that traffic is going. Its power lies in its simplicity and ubiquity—some 90 percent of malware uses DNS to enter or exit a network—making it one of the most cost-effective methods for securing a network.
A final challenge that agencies may face as they transition to the cloud involves the difficulties of securing and managing different cloud-based systems, each of which may be in a different environment. An application running on a public cloud may be using data in an on-prem server, which is accessed by a user from his or her home network.
With workloads moving around so much, network management and security become infinitely more complex. Automation and orchestration solutions can help ease some of the burden on security teams, freeing them up for more important tasks.
For example, the information provided by DDI gives administrators a comprehensive view of their network—both in terms of the devices that are connected to it and where traffic is being sent. Automation and orchestration solutions can then leverage this information to identify and isolate security threats, whether an unauthorized device seeking to connect to the network, or one that is seeking to access known malicious sites.
DDI can also help integrate all these different systems to facilitate monitoring and management. The information it provides can help network managers monitor all of their cloud and on-prem assets from a single location—wherever that is—and ensure continuous, secure and reliable access for users—wherever they are located.
As the saying goes, in crisis, there is opportunity. The COVID-19 pandemic was undoubtedly one of the biggest crises state and local governments across the country have ever faced. But the support from the federal government gives these same organizations the chance to build a sturdy and stable technological foundation for the future, one that is based on the simplicity and flexibility of cloud-based technologies.
As they consider the investments they will make with this new funding, public sector organizations everywhere should consider solutions that can provide visibility, security, and integrations to make the transition to cloud smoother and more secure.
As president of Infoblox Federal, a wholly owned subsidiary of Infoblox Inc., Ralph Havens oversees the organization’s sales, operations and growth initiatives in the federal market. He is charged with establishing the company as the leader in DDI, DNS security and network automation solutions for the U.S. government. Havens has more than 25 years of leadership experience in the federal technology space and has a deep understanding of the challenges federal agencies face implementing IT solutions.