This blog post is an excerpt from GovLoop's recent report, "Securing Digital Content Beyond Your Network." Download the full report here.
Data breaches can happen anywhere, at any time. Organizations need solutions that deliver more comprehensive protection — beyond network and device-level measures. Content-centric security protects data at the document level, so it stays with your sensitive information no matter where that information goes.
Steven Gottwals, Technical Director for Security Solutions at Adobe Federal, highlighted five in-house steps government agencies can take to help create a stronger line of defense from unknown cyberthreats:
1. Know what data to protect. We all create or interact with documents that need to be consumed, collaborated on, and shared. But which documents are sensitive, who should have access to them, and what security measures can be implemented to protect them? Depending on your business, this decision could include documents that contain personally identifiable information, intellectual property or national security information. To get started, agencies should begin with a small project, and address the questions above before expanding to more complex projects.
2. Install a multilayered protective measure. A digital rights management (DRM) system is one example. DRM is a content-based security measure that allows you to dynamically grant access to a document to only those who need it. Users must go through an authentication process before accessing any file. This works by encrypting files at the document level. With DRM, you can audit document interactions in one panel to see when a user has accessed, printed, closed or modified the document. You can prohibit the ability to print or modify documents, or set expiration dates for opening documents. Because the protection is dynamic, you can remotely change access policies throughout your workflow.
3. Invest in attribute-based access control (ABAC). This helps insulate your network from hackers by placing protections on a group of files in a repository. You do this by tagging your sensitive data with certain security attributes. For example, paragraphs, images, videos, titles, and even bullets points can be assigned multiple security attributes — like classification level, International Traffic in Arms Regulations (ITAR) requirements, and environmental variables. When users log on to view the file, certain portions can be redacted dynamically, allowing them to see only the portions they are authorized to see.
4. Continuously monitor breach activity with analytics. In most cases, it takes attackers just minutes to compromise systems. It can take much longer, however, for an organization to discover that a breach has occurred. It’s important for your government organization to have a real-time analytics platform in place that can continuously detect potential breaches inside and outside your firewall. This includes continuous monitoring of content that your teams create, collect and disseminate.
5. Stay vigilant. Prevention is always the first line of defense, and it starts with equipping employees with the right resources and training to help protect the agency. As cyberattacks become more common, it is important to remain vigilant and ensure all stakeholders are actively protecting the public’s most sensitive information. “Every public-sector employee has a duty to protect their organization’s proprietary information,” Gottwals said. “Instead of mass emailing a list of rules to employees, it is more effective to teach them face to face and share real case studies of how one innocent, wrong action — or inaction — of an employee could lead to millions of wasted tax dollars.” Training on what a suspicious email or SMS phishing scam looks like and how to properly back up and protect both digital and paper files are just a few ideas to get you started. In the next section, you’ll learn how the IMF and DHS are implementing these security measures to protect their digital data on premises and in the cloud.