For employees in the public sector, the stress brought on by citizens’ expectations for a more digital government can be overwhelming. Even as agencies move to more digital platforms, there seems to be many issues plaguing their digital transformation. From budgetary restrictions, to the stringent government rules and regulations, there are many aspects that are making the digital transformation that much more difficult for agencies to undergo.
However, going digital isn’t a cure-all for handling the many issues that technology has thrown our way. Sensitive information continues to be threatened by a plethora of cyberthreats, and with more data accessible on the internet content security is at an even greater risk. But there are ways to ensure that your citizens have access to a digital platform and secure that information from attacks.
Steve Gottwal, Technical Director for Security Solutions at Adobe Systems Federal, and Henry Sienkiewicz, former Senior Executive Service at the Defense Information Systems Agency, sat down with GovLoop at our most recent online training, Protecting Your Digital Content, to discuss how organizations can overcome challenges to securing digital data and how digital transformation can be an asset to solving these problems.
With security hacks dating all the way back to 1971, it’s clear that network, device and data security aren’t new issues and the cat and mouse game of offense and defense has gone through a long process of evolution to get to where it is today, according to Gottwal. To be a successful, fully digitized agency, security must be a top concern. Below are the top three useful tools you can implement to achieve a secure, digital government.
Try something new: digital rights management (DRM). In the past, most encryption technologies have operated under a system of being encrypted, decrypted and re-encrypted multiple times over. For example, once a secure, encrypted document reaches its intended user it becomes un-secure and decrypted. Now, the document can be sent to unauthorized users on a multitude of devices and is therefore privy to attacks at numerous levels.
With DRM, users can encrypt at the actual document level of secure information. By encrypting content independent of storage and transport, data can be controlled dynamically, no matter what level or where it ends up. With this new, internal document cryptology, the encryption takes place inside of the native file format itself, ensuring that no matter where the document ends up it will stay protected and secure.
Not just for taxes: audit feedback and analytics. Another platform to increase security capabilities is using continuous monitoring with data analytics. This enables agencies to receive real-time detection of any anomalies on their network. For example, if an employee is sitting in front of you, but you receive word that he is accessing sensitive information in Florida, something is probably not right.
By gathering information on the lifecycle of a document, organizations can see who opened it, where they opened it, when they opened it and the IP address they used to open it. This allows the security team to be alerted that a potential threat is underway and allows ample time to try and prevent it and better prepare for future attacks.
Dig a little deeper: Use digital signatures. You’ve probably heard of electronic signatures, and although they are a secure option they lack the integrity and authenticity necessary to ensure complete protection of secure information. A digital signature is actually backed by a certificate that proves it’s own authenticity.
A digital signature is really putting consent on a document, which then increases productivity and imparts consent on a document without the labor of faxes or mail. Using a two-pronged check of authenticity, including confirming the identity of each person who signed the document and its integrity and ensuring that nothing in the document itself has been altered during transit, digital signatures prove to be an essential step in securing digital content.
While a digital government is in fact crucial to a more efficient array of services for citizens, securing the data that’s being shared is perhaps even more important for agencies to implement. For more information on securing your digital content, watch the full online training here.