Throughout the COVID-19 crisis, government agencies have learned two basic lessons about remote work. First, the experience has diminished doubts about whether employees could work effectively and efficiently outside the office. Second, it’s made IT leaders aware they need a better strategy for managing this remote environment.
To learn more about how agencies can ensure the security and performance of the remote work environment, GovLoop spoke with Brandon Shopp, Vice President of Product Strategy at SolarWinds, which provides IT management and monitoring solutions. Shopp highlighted three key security and monitoring capabilities.
One reason the remote work environment has been so challenging from a security perspective is that it introduced a whole new range of threats. Employees are using their own internet service providers, and they’re sharing a network with family members or roommates whose devices likely aren’t secure. It’s a whole new attack surface area.
It’s critical to know what threats are present in this environment. During the crisis, for example, there was a surge in phishing attempts with a COVID-19 angle (e.g., “Click here for an update on COVID-19 in your area”), opening the door to a ransomware attack. Agencies have a better chance to block these threats if they know they’re coming. This is the value of a threat monitoring service.
Security Event Management (SEM)
SEM provides agencies with deep insight into activity across the network. Using network logs and other operational data, SEM identifies patterns of user and system behavior. This makes it possible to recognize anomalies indicating possible security threats, such as unusual file changes or shares.
SEM is particularly important in a remote work environment because it helps IT teams understand new patterns of behavior. “In this time with everyone working at home, you’re going to see new anomalies in terms of behaviors, and so you want a solution that can centralize and aggregate all that data and help you make sense of it,” Shopp said.
Network Configuration Management (NCM)
NCM is another capability taking on new importance in a remote work environment. NCM provides visibility into the state of your network infrastructure, monitoring how routers, switches, load balancers and other network devices are configured and managing any necessary changes in configuration. This insight makes it easier to manage the network as requirements change.
Remote work, of course, brings significant changes, especially with so many employees connecting to the network through virtual private networks (VPNs). Most agency networks were not designed to handle this much VPN traffic, requiring them to make quick changes and often resulting in configuration errors leading to down time. NCM makes it easier to visualize and troubleshoot problems and make the necessary changes.
More than anything, the experience of remote work has taught IT managers to think in new ways about the enterprise, Shopp said.
“Agencies can’t assume anymore that employees are going to be within the four walls of an office,” he said. “They’ve got to think broader than that. They’ve got to make sure they have the right infrastructure so that their employees can do their jobs and support the mission of the agency.”
This article is an excerpt from GovLoop’s recent report, “CIO Perspectives: A New Vision for the Government Workplace.” Download the full report here.