This article is an excerpt from GovLoop’s recent report, “Identity Access: The Key to Data Governance.” Download the full report here.
Federal agencies need a strong data governance strategy for protecting their sensitive citizen and national security information from cybersecurity threats. This strategy must address how organizations govern the identities of their contractors, employees and partners. It must also determine how these users access agencies’ data and networks while meeting federal cybersecurity standards.
Identity governance is the foundation of any successful data governance strategy. It provides organizations with more clarity about how their information is being used, and insights on who’s accessing their data, how they’re using it, when and why.
Do you want to improve your agency’s data management? Here are some best practices for avoiding security breaches using identity governance:
1. Classify your data
All federal data isn’t equal – some information is publicly available, while other information has national security implications and must remain hidden. Finding where your data exists and properly classifying it ensures your information is stored with the right safeguards.
2. Set up your security controls
Once agencies have classified their data, they can determine who can access it, how, when and why. These decisions are essential for avoiding breaches that expose sensitive information and hurt organizational credibility.
3. Add automation to the mix
Automation saves energy, money and time during data and identity governance. It allows the same control over user access and identities without sacrificing speed.
Additionally, automation ensures that agencies don’t stumble over shifts in their employees’ entitlements and statuses. Automating access privileges after major changes like firings and promotions shields many of the data vulnerabilities that organizations have.
4. Take advantage of federal cybersecurity tools
The federal government’s Continuous Diagnostics and Mitigation (CDM) program helps agencies strengthen their cybersecurity through identity governance and other tactics.
Launched in 2013, CDM uses agency-installed sensors to perform automated, ongoing searches for known cyber flaws and evidence of real-time or past attacks. This helps federal network managers prioritize their most pressing cyber risks and act accordingly.
The Homeland Security Department (DHS) announced in November 2018 that CDM is emphasizing capabilities over its four previously used phases. Still, CDM’s Phase 2 remains relevant to identity governance, as it concerns who’s on the network.
Phase 2 assists with identity governance through four interdependent functions that are useful for agencies. They are: management and control of account; access and managed privileges; trust determination for people who are granted access; credentials and authentication; and security-related behavioral training. This collection helps organizations improve their identity governance while meeting federal cybersecurity standards.
5. Work with the right vendor
Private sector partners can help agencies solve identity governance challenges. The best vendors offer solutions for carefully governing user access and identities involved with public sector data and networks. These tools must comply with federal cybersecurity standards while protecting all data regardless of its sensitivity.
Overall, federal agencies are responsible for navigating an increasingly treacherous cybersecurity landscape crowded with threats. Data governance helps them classify, protect and structure their sensitive information while driving toward mission success.
Data governance is most useful, however, with identity governance powering it. Identity governance reveals who’s accessing federal data, how, when and why. This knowledge is crucial for detecting, preventing and stopping the multiple cyberthreats menacing organizations.
Download the full report now and find out how your agency can implement a powerful data governance strategy based on identity governance.
Leave a Reply
You must be logged in to post a comment.