This article is an excerpt from GovLoop’s recent guide, “Understanding the Dangers to Your Cybersecurity.” Download the full guide here.
Government networks extend farther than ever, and the number of devices that can connect to these networks is growing. Although this gives employees greater connectivity, more devices also mean more challenges for agencies and the citizen data that their workforces handle.
Thankfully, automation can keep federal, state and local organizations from exposing themselves to unforeseen cybersecurity risks. Automation speeds up service delivery while reducing human error, helping government employees protect sensitive information while completing their missions.
To understand how agencies can automate security at the network edge, GovLoop spoke with Chris Reynolds, Senior Cloud Architect at Red Hat, an open source software solutions provider.
According to Reynolds, cybersecurity is an agencywide effort that will increasingly need automation as agencies embrace the Internet of Things (IoT). IoT networks include sensors and devices that can collect, store and exchange data via the internet.
“Something as simple as automating the ability to change default usernames and passwords on IoT devices can improve the security posture of agencies that are using those devices,” he said.
Reynolds noted that IoT tools are often attractive to cyberthreats because of their data handling. IoT devices process data before sending the information to a cloud or data center. This data is vulnerable when agencies don’t change the default credentials on their IoT devices quickly enough.
Automation can also immediately patch gaps that emerge in agency operating systems, Reynolds continued. Patching becomes an automated, recurring activity that frees up system administrators to focus elsewhere within their agency’s infrastructure.
As their network infrastructure grows, more agencies are adopting hybrid cloud. Hybrid cloud combines public and private clouds, letting agencies choose the cloud environment that is most appropriate to host their data depending on its sensitivity level.
Reynolds added that automation is also useful for managing application programming interfaces (APIs). APIs are the building blocks for software and other computing tools. According to Reynolds, APIs are crucial for supporting hybrid clouds. Agencies with common APIs between their cloud and on-premise data centers can grow and scale quicker.
Reynolds argued that automation is vital for building hyperconverged infrastructures (HCIs) and cloudlets. HCIs are IT infrastructures where software virtualizes all the system’s hardware-defined components. Cloudlets, meanwhile, are mobile cloud datacenters. HCIs, cloudlets and the APIs supporting them are all major cybersecurity concerns due to the data they handle.
“HCIs consolidate compute, storage and networking into a manageable framework, allowing agencies to reduce their manpower and overhead,” he said. “Cloudlets bring the cloud closer to mobile devices, helping complete massive computational work in the field before sending the results back.”
Reynolds concluded that open source software and automation are a powerful cybersecurity pairing. “Agencies can scale, secure, react and respond to anything they encounter with open source software solutions such as Red Hat’s,” he stated.