Any organization could be targeted by cyber criminals, but government agencies are particularly attractive. Both citizen and operational data are valued in the open market, and critical infrastructure systems have become prime targets for ransomware threats because of their community-preserving status. In fact, cyberattacks against state and local authorities increased by 50% in 2020, with many disrupting health, transportation and utility services, all of which impacted taxpayers. Between 2017 and 2020, the average US community paid $ 125,697 per ransomware incident, a fraction of what government agencies spent on recovery. Therefore, it is important to be proactive and disciplined about cybersecurity, even if it requires a major upfront investment.
Regulate access and reduce risks
Information systems design may not be consistent from one unit to the next. And each jurisdiction can use different technologies to manage public works, public safety, and other citizen services. However, cybersecurity best practices can be applied in standardized ways to prevent connected devices from becoming easy entry points.
For example, a quarter of state and local government employees are authorized to use their smartphones and tablets to do official business. Still, due to their public exposure and traditionally more relaxed use, mobile devices are among the easiest ways for poor actors to get information and access systems – a notable concern as more public workers have switched to remote and hybrid work arrangements during the pandemic. For this reason, a government-owned enterprise-class mobile computer or tablet should be provided to every employee when access to government email, information, or operating systems is required outside of a secure office environment. When employees telework or spend a lot of time around civilians, the agency that retains full ownership and control of the devices can take additional measures to minimize the risk of device theft and data breach.
Be considered and consistent management
Once employees are equipped with agency-owned devices, there are several best practices that IT teams and staff can adopt to further reduce device vulnerabilities and proactively ward off attacks on connected networks:
- Control the user experience. Remove apps and disable technology services that are not necessary for conducting official business. Download communication apps that have been verified, configured, and secured for government use, such as: B. Zoom Gov or Microsoft 365 Government.
- Be stricter with password policies. Compromised credentials remain one of the most common culprits in hacking-related security breaches. Therefore, enable UI passwords for all government related technologies and encourage users to change them frequently. Require longer passwords with more complex character combinations.
- Track devices and activities. Enable activity logs and conduct frequent audits to identify bad behavior.
- Monitor for contactless devices. Develop a method of continuously monitoring devices that have been offline or out of sight for extended periods of time. If you suspect a device has been compromised, withdraw its credentials until you can confirm its location and the employee has physical control.
- Consider remote management. Use a secure remote management system to quickly update settings for all devices, especially when IT teams or employees are away. The longer devices, solutions, and systems use outdated settings, the easier it is to target them.
- Keep the circle small. Limit the number of employees who can be made aware of your security strategy and tactics to reduce the risk of information leaks.
New technology solution plan and retirement
Not every mobile computer or tablet has the same security features, even if they run the same operating system (i.e. Android) or fall into the same device class (i.e. rugged enterprise). For this reason, it is important to understand what it takes to protect new technology solutions – and the other devices and networks to which they will be connected – before issuing a formal solicitation or request. It becomes easier to choose solutions that support encrypted and authenticated connections as well as continuous updates.
Rugged enterprise-class mobile devices that have been tested and certified for government use are likely to be in service for several years, and both wireless connectivity and security requirements will evolve. Multiple network connections must be maintained. Frequent patches and operating system updates are required to ensure the protection of the devices against external threats. And permissions may need to be changed from time to time to prevent file tampering.
It’s also important to evaluate the CIA on a daily basis: confidentiality, integrity, and availability. Safety planning is not a one-time event. In fact, it is never too early to plan for equipment retirement.
The company’s system settings must be removed and the user accounts / credentials of the device must be deleted. Define this process at an early stage if devices are taken out of service earlier than expected. Remember to separate everything. If existing systems are hard-coded to search for retired units, adversaries could accidentally run into unsupervised equipment, one of the easiest ways to access information and infrastructure systems.