Both government and industry are moving away from the physical perimeter approach to security that limits usability and access. As users become more mobile, it is imperative for government agencies to provide secure digital workspaces that grant employees access to the resources necessary to complete their work from anywhere, at any time, and on any device. This single consolidated container creates a software defined perimeter within which IT has both visibility and the ability to manage user activity.
With National Cyber Security Awareness Month happening throughout October, let’s dive deeper into two key concepts government agencies should remember as they begin to enter the era of the software defined perimeter.
- Every endpoint is assumed to be vulnerable.
When it comes to securing a workspace, provide access with the expectation that there is vulnerability. There is no telling how an organization may be hit. Hackers are keen at finding the one loophole that will grant them access to the information they want.
By assuming every endpoint to be vulnerable, additional security measurements are created to ensure both you and your device pass the appropriate tests based on parameters and security policies set by the agency.
This means, assessing the user on multiple levels before granting access: who they are, the device they’re working on, and even the network they’re going through to access the infrastructure. Assuming the user is authenticated, if the device fails any of these tests, they will incur limited access, such as read-only access removing the ability to edit, download and print. As the endpoint is scanned and assured, the access from that device can be increased.
- Monitor for user authentication, behavior and activity in every session.
The concept of analytics is a critical element to IT and security. Once a user has been authenticated and granted access to a government agency network, IT must still continuously monitor activity.
Analytics has the ability to identify routine behavior and conversely identify anomaly behavior. In the case of anomaly behavior, multiple steps can be taken to challenge the user from termination of access to request for revalidation and an alarm to IT to begin monitoring user behavior. Analytics can tie to multiple user aspects, such as calendars, to prevent someone with counterfeit credentials to gain access to the environment.
Analytics allow government agencies to protect not only against external threats but also creates a user-proof environment to prevent authenticated users from doing something inadvertently that would violate security or might be a security vulnerability based on policy.