How government agencies can beef-up cloud security – Canadian Government Executive

NEWS

SEARCH

CGE RadioGovernmentICTProcurementSecurity
October 4, 2017

How government agencies can beef-up cloud security

In the last few years, we’ve seen various federal governments warning up to the cloud. For instance, The United States and the United Kingdom have both instituted “cloud first” policies with regards to the adoption of cloud technologies. The Canadian federal government’s Information Technology Strategic Plan for 2016-2020 takes a more pragmatic approach by providing public sector chief information officers the option to utilize on-premises tech platforms and well as cloud services.

Despite advances in cybersecurity technologies concerns remain among government agencies about how secure the cloud is. However, there are numerous strategies that IT and cybersecurity leaders in the public sector can adopt in order to bolster their organization’s cloud security posture, according to Tony Lauro, senior enterprise security architect for cloud services provider, Akamai Technologies.

Lauro recently discussed the cyber threat landscape and cybersecurity strategies for government agencies with the Canadian Government Executive.

“A lot of agencies are spending a lot of money to move to the cloud,” he said. “…if an organization is using the Internet to run communications or business transactions, that organization can potentially be affected by cyber threats.”

In this podcast, Lauro talks about the pros and cons of employing a cloud provider and recommends several cybersecurity best practices for government agencies contemplating cloud moving their workloads to the cloud.

Here are three cloud security items government CIOs should keep in mind:

Web traffic – Akamai, which provides content delivery services for media and software delivery, as well as cloud security solutions, recommends that federal and local agencies should be vigilant in properly identifying Web traffic within their IT environment to protect their organization’s cyber asset from dangers distributed denial of services (DDoS) and ransomware attacks.

The growing numbers of the Internet of Things devices that are connecting to government Web sites make it increasingly harder for provincial and federal government agencies to monitor Web traffic.

IT departments need to have a method to identify what their agency’s baseline user activity looks like. With this data, they can create security controls good data and be able to keep out potentially harmful Web traffic.

Know the common threats – Agencies need to gather intelligence on common threats and hackers targeting the public sector, according to Lauro. Malicious search engines and botnet which aim to break into critical government infrastructures abound and it is difficult to keep track of all the new threat, he said. However, cloud vendors such as Akamai can provide government agencies with software that help them monitor malicious Internet Protocol addresses and the latest cyber attacks.

Threats from within – IT and cybersecurity administrators should also be wary of potential insider threats. Legitimate system users may be intentionally leaking documents or inadvertently be letting attackers in by opening seemingly innocuous emails and attachments that could contain malware.

Lauro said the most basic method of preventing this is through the use of recursive DNS solutions. These tools automatically inspect outbound Internet request from an agency. The solution will block suspicious activities such as those requesting for malicious software.

Akamai has a system that flags the activity before a browser can download the malware. The software will also notify the administrator of a potential cyber attack in progress, and automatically block the attack. This is then coupled with the intelligence that Akamai gathers about common web threats to efficiently root out cyber attacks before they even occur.

About this author

Nestor Arellano

Nestor is a Toronto-based journalist who specializes in writing about technology and business. He is the editor of Vanguard Magazine and the associate editor of IT in Canada and a regular contributor to CGE.

0 comments

There are no comments for this post yet.

Be the first to comment. Click here.

CGE Radio
 
In the last few years, we’ve seen various federal governments warning...
 
In this episode of CGE Radio, George Ross, Editor-in-Chief of CGE...
 
In this episode, Editor-in-Chief of CGE, George Ross talks with Sir...
 
In this episode of CGE Radio, J. Richard Jones is joined...
 
In this episode, J. Richard Jones talks about the appointment of...
 
The Canadian Advanced Technology Alliance (CATA Alliance) is Canada’s One Voice...
 
In this special episode of CGE Radio, your host John Jones...
 
In this episode J. Richard Jones examines the rise in international...
 
In this episode, J. Richard Jones talks about being candid about...
 
In this episode, hear from Carl Hammersburg, Manager, Government and Healthcare...
 
Video steaming is gaining in popularity, but as this continues to...
 
  A PM’s message, an event that delivers and negotiating so...
 
In this week’s episode, John covers some of the hot information...
 
In this episode of CGE Radio, Patrice Dutil talks about the...
 
In this episode, Publisher J. Richard Jones goes cross country to...
 
In this episode, we discuss the top stories from our latest...
 
In this episode, editor-in-chief, Patrice Dutil talks about the need for...
 
In this episode we will explore new opportunities that have surfaced...
 
In this episode of CGE Radio, Craig Szelestowski from Lean Agility...
 
In this episode Editor, Patrice Dutil highlights cover story by Johnathon...
 
    In this week’s episode, Editor of Canadian Government Executive...
 
In this episode, Richard talks with Alex Willner, Assistant Professor from...
 
Some title Some author
Some excerpt
In the last few years, we’ve seen various federal governments warning...

Member Login

Forgot Password?

Join Us

Password Reset
Please enter your e-mail address. You will receive a new password via e-mail.