https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
  • Resources & Events
    • Back
    • Resources
    • Webinars
    • White Papers
    • IWCE 2022
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
    • Latest videos
  • Resources/Events
    • Back
    • Webinars
    • White Papers/eBooks
    • IWCE 2022
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
  • Magazine
acc.com

Commentaries


Pete Linforth from Pixabay

Article

5 ways counties can mitigate remote access security risks

5 ways counties can mitigate remote access security risks

  • Written by Brandon Shopp
  • 13th September 2021

Cyberattacks against the nation’s counties are on the rise. Since 2017, attacks rose an average of almost 50 percent—although this metric is likely to be a fraction of the true number, as these attacks often go unreported. With last year’s shift to more work from home and virtual learning, counties are finding themselves more exposed.

Used to managing security within the physical perimeter of the office or school environment, IT and security leaders have had to change their focus to managing risk across an extended digital ecosystem. As a greater population of users connect to the network from unsecure Wi-Fi networks and personal devices, IT security teams must find new ways to secure each endpoint, manage access rights at scale and monitor user behavior. Key to this is greater visibility and control.

Let’s look at some security and network monitoring strategies county governments can employ to balance the need for improved security for remote workers and students while ensuring a frictionless experience.

  1. Manage access at the endpoint

Endpoint protection (the process of securing the entry points on a network such as laptops and tablets) is a core security practice. Yet due to budget constraints, county governments have struggled in this area. Only 53 percent of state and local governments rank high on the maturity scale for endpoint protection. Counties must find ways to close the maturity gap and protect vulnerable environments.

If a department or school doesn’t have the means to supply each of their users with a protected device, they should implement remote monitoring and management capabilities allowing them to monitor and protect their network from afar and receive alerts of any threats.

A virtual private network (VPN) can also protect government and user data remotely. With a VPN in place, agencies can give staff access to secure networks and systems—from remote or personal devices—without putting information at risk.

 

  1. Implement network segmentation

Network segmentation is an important strategy for mitigating the risk of a bad actor breaching the device of agency staff or students and moving laterally across government and school networks to access sensitive data.

When an unrecognized IP address tries to log in to the VPN or agency system, network segmentation will seamlessly segment it to a restricted access area and keep sensitive data out of the wrong hands.

Technologies like software-defined networking (SDN) make it easier to establish and manage permission-based security and quickly enforce segmentation at scale. For example, network administrators can isolate a school system’s student network from their staff network.

With SDN, it also becomes easier for security managers to gather data from the network to detect traffic anomalies indicating malicious activity.

 

  1. Understand and act on high-risk network access

Over time, users gain access to more and more digital resources—yet those access rights are rarely audited or revoked. If a user is compromised, every system they have access to is at risk of being exploited by a bad actor.

A single, centralized access rights management solution can simplify the process by providing visibility and control over all access privileges within an organization and continuously monitor the environment for changes. For example, when a staff member leaves their position or a student graduates, their access rights can be quickly revoked to minimize the risk of their identity credentials falling into the wrong hands.

 

  1. Monitor for unusual network activity

Detecting nefarious activity on the network has traditionally been achieved through log management practices. But monitoring logs at scale—across distributed networks and in the cloud—can be difficult.

Security information and event management (SIEM) systems can help counties address this challenge without unnecessary complexity or cost. A SIEM monitors networks for suspicious activity in real time and automates the process of forensic analysis—saving IT teams from gathering and parsing through a sea of logs and speeding threat detection.

 

  1. Ensure everyone is “cyber aware”

Agencies should also remember they’re dealing with humans. Reminding them of basic security hygiene practices can go a long way to preventing cyber incidents. Best practices include not sharing passwords, changing passwords regularly, and waiting to get on a secure network before accessing a cloud application or sending emails with sensitive content.

 

Lessons learned bring opportunity for growth

As disruptive as it has been, the COVID-19 pandemic has also been an opportunity for growth. It has accelerated digital transformation and forced government agencies to bring in new IT capabilities. But it has also compelled security leaders to face the inevitable—the melting away of traditional perimeter-based security. It’s a complex and dynamic challenge. Solid security processes provide security teams with the visibility and control they need to mature their cybersecurity programs and manage risk across this expanding attack surface—without diminishing the user experience.

 

Brandon Shopp is the group vice president of product at SolarWinds. Shopp has spent more than 10 years with SolarWinds and has a proven success record in product delivery and revenue growth, with a wide variety of software product, business model, M&A and go-to-market strategies experience. 

 

 

Tags: homepage-featured-3 homepage-featured-4 Public Safety Public Works & Utilities Smart Cities & Technology Commentaries Commentaries Public Safety Public Works & Utilities Smart Cities & Technology Article

Most Recent


  • Reno, NV
    In Nevada county, data underpins efforts to address climate change
    Across the United States, cities and counties are doing their best to confront climate change in myriad ways—from bolstering seawalls to updating electrical grids and everything in between. But in order for communities to best direct their efforts and responsibly spend hard-earned taxpayer dollars, administrators need data. In Washoe County and Reno, Nev., for example, […]
  • $52B semiconductor investment intended to rejuvenate American manufacturing
    Three decades ago, American manufacturing dominated the semiconductor industry, producing about 40 percent of the global supply annually. But over time, companies shipped business overseas looking to cut costs, and today, the nation produces only 10 percent of all semiconductors. It’s something the Biden Administration is trying to change through CHIPS and Science Act. “There […]
  • How capital improvement project prioritization helps secure infrastructure funding
    Trillions of dollars in federal infrastructure funding have been made available to state and local governments across the U.S. since early 2020. This money has been allocated to address the nation’s aging infrastructure, much of which is at or near the end of its useful life, and to bolster the U.S. economy in the wake […]
  • Climate bill lauded; predicted to reduce nation's carbon footprint by 40% within decade
    Amid yet another punishing heat wave, the sweeping Inflation Reduction Act, which was approved along party lines Sunday by the Senate, represents a historic step in the nation’s fight against climate change by drastically reducing its climate footprint—while injecting billions of dollars into cities and counties. Along with provisions that cap prescription drug costs for […]

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Draft plan of federally mandated cybersecurity measures released for public comment
  • Leading up to the holiday weekend, federal agencies warn of cyberattacks
  • 6 Data Security Solutions to Prevent Cyber-Attacks
  • Tech giants pledge billions, commit to bolstering public cyber defenses

Twitter


AmerCityCounty

In Nevada county, data underpins efforts to address climate change dlvr.it/SWTGHy

11th August 2022
AmerCityCounty

$52B semiconductor investment intended to rejuvenate American manufacturing dlvr.it/SWPqHQ

10th August 2022
AmerCityCounty

How capital improvement project prioritization helps secure infrastructure funding dlvr.it/SWLQB7

9th August 2022
AmerCityCounty

Climate bill lauded; predicted to reduce nation’s carbon foot print by 40% within decade dlvr.it/SWHGQL

8th August 2022
AmerCityCounty

Partnership launches no-cost wastewater monitoring service for local governments dlvr.it/SW7N74

5th August 2022
AmerCityCounty

Investing in America’s onsite wastewater treatment systems for equity and sustainability dlvr.it/SW4Mb9

4th August 2022
AmerCityCounty

With passage of PACT Act, veterans service officers are preparing for an influx in applicants dlvr.it/SW4KTg

4th August 2022
AmerCityCounty

The 5 Procurement Superpowers Shaping the Future of Public Procurement dlvr.it/SW4DqT

4th August 2022

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X