Federal Data is Exploding at the Edge. Is It Secure?

It’s no secret that the consequences of data breaches can be devastating for the public sector, including mission failure, loss of public trust and national security implications—not to mention steep fiscal costs. According to the Ponemon Institute, the total average cost of a data breach in 2018 for public-sector organizations was $2.3 million with an average of $75 per record.

The renewed focus on cloud-first policy with the Defense Department’s cloud strategy and the Office of Management and Budget’s Federal Cloud Smart Strategy means more agencies are moving their data beyond data centers and on-premise systems. As a result, public-sector data requires meeting strict security compliance standards that safeguard sensitive information while providing workforces with as much autonomy and seamless access as possible.

The challenge is traditional government security resources focus solely on protecting data within a data center. But with the proliferation of the internet of things and mobile environments, battlefield applications and remote branch office networks, government data is constantly in transit. In addition to more data on the move are a host of new endpoints to protect, which means the public sector must go on the offense to secure data at the edge of their networks.

Dynamic edge data security can help agencies improve their cyber posture through tools that are reliable, fast, and highly secure, all while keeping teams connected to each other and the data they need to do their jobs.

Elements of Securing Data at the Edge

Leveraging policies like the NIST Cybersecurity Framework can help agencies proactively secure their data through authentication and identity management, cybersecurity self-assessment and managing cybersecurity within the supply chain.

Additionally, the Federal Identity, Credential and Access Management (FICAM) Roadmap—managed by the General Services Administration—provides essential guidance on credentialing and identity management to help agencies ensure users are who they say they are.

As more public-sector organizations navigate their cloud and IT modernization efforts, they will need to incorporate these critical elements to secure data at the edge in a more dynamic manner:

Securing data at the edge means full availability and no downtime.

In the event of an attack, agencies must minimize downtime and ensure availability so that employees can continue to accomplish the mission at hand and citizens can access the services they need.

Consider command and control leaders who need access to data for critical decision-making. To better inform and communicate with warfighters on the battlefield, these leaders need their troops to have safe and controlled access to data from any device in any location. Any downtime or loss of access could deter the mission or even result in loss of life.

Securing data at the edge means disaster recovery and backup.

Two large American cities like Atlanta and Baltimore had their information systems hacked and were victims of ransomware—where city services were offline for nearly a week and residents couldn’t pay their water bills. Baltimore’s 311 and 911 systems were taken offline for more than 17 hours.

It’s no longer safe to say if an attack occurs; agencies across federal, state, and local government needs to be prepared with ultrafast recovery solutions when an attack occurs. Having the proper cyber tools in place allows agencies to detect attacks like ransomware and immediately take snapshots of their environments and data. This gets them back up and running within minutes, and makes requests for any ransom powerless and fruitless.

With dynamic data recovery and backup, organizations can safely secure data in multiple destinations, whether on-premise or in the cloud while being able to restore anything from a single file to an entire server—even when disaster strikes.

Securing data at the edge means constant, secure access across the enterprise.

Collaborative, digital workspaces can empower the government workforce and improve productivity—with tools like secure file access, and the ability to sync, share and edit from any mobile device. Additionally, agencies need to ensure data security, visibility and compliance to support teleworking and satellite office support.

With such capabilities, data analysts can collect information and share notes with HQ from their devices in real time, or employees in a legislative setting can attain important signatures for a document electronically through safe, secure and rapid file sharing.

To successfully leverage all that cloud and IT modernization have to offer, the public sector will need to enable freedom of movement for their workforces while dynamically securing data at the edge. Ultimately, edge data security for the government translates to self-protecting data and the ability to lock down information, retrieve it back and encrypt it.

John Zanni is chief executive officer of Acronis SCS.