Government is more distributed than ever, with more than a quarter of employees having the option to telework, work from the field or log in from a satellite office. With an increasing number of employees working remotely, agencies have to take into consideration how they’ll connect them to the applications and data they need.
Cloud computing is a key enabler for remote workforces, but agencies must first ensure they can securely manage their data while taking advantage of technologies like cloud. This includes addressing the networking and security needs of remote employees.
At GovLoop’s online training, “Securely Connecting the Remote Gov Workforce to Modern Resources” Sean McAnnany, Federal Sales Engineering Manager at Forcepoint, spoke about how to take advantage of the cloud while transforming networking and security within agencies.
As our world develops and as we introduce new capabilities, we transform what agencies have to do to accomplish their goals. McAnnany posed the question of how the agency and the people within it share and utilize assets to accomplish the mission they’re tasked with in the most comprehensive way. But with this increased opportunity for digital transformation comes risk.
“Taking advantage of the cloud starts with transforming your networking and security,” McAnnany stated.
Security and usability must go hand in hand to provide maximum capabilities for employees to do their jobs, while also simultaneously protecting agency data, McAnnany explained.
McAnnany pointed out that at Forcepoint, solutions entwine connectivity and security. Forcepoint provides connectivity that scales on demand, both direct-to-cloud and site-to-site, to allow employees to collaborate and increase productivity with reduced risk.
Traditionally, access to cloud-based applications has been limited by network infrastructure. Traditional networks can’t handle cloud loads and also result in poor performance, costly upgrades, single points of failure and manual administration.
Security is important but it can’t be overly complicated. There are three aspects of security that internet-connected websites should meet:
- Access control and intrusion prevention.
Security policies should be tested and implemented to keep intruders and advanced threats out. Testing also reduces the risk of any glitches when an update is rolled out.
- Web threats and content security.
You need a comprehensive technology that not only protects your data from people coming in but also your workforce, unintentionally or intentionally, opening the door to bad actors.
“Web security is best done in the cloud,” McAnnany said. “Being able to connect through the cloud and have security checks done is advantageous when people work from home.”
- Cloud app data protection.
On-premise security requirements are cumbersome and time-consuming, compared with those required of cloud environments.
The primary factor to consider is scale. Smaller agencies may be looking at five or 10 secure devices, but many agencies are looking at a lot more devices. How can you address managing hundreds of firewalls, and how can you address that matter when they’re distributed across the country? Centralized management at scale is key so that you can easily manage branches, data centers and cloud from one console.
McAnnany was asked what to consider when implementing a cloud platform. He said that prioritizing the mission of the agency and pinpointing exactly what functionality is required comes first.
“Before you start buying a bunch of technology or implementing a cloud technology, you have to address the nuances of your job,” McAnnany said. “Once you look at that, then you can look at the services you can bring into the equation.”