Shenefiel: Protecting privacy

Agencies should deploy integrated security technologies to protect sensitive data

Protecting sensitive data is undoubtedly more challenging — and arguably more necessary — during disruptions to government operations. Public trust and, potentially, national security are at stake. As agencies address the stipulations of the federal government's continuity of operations (COOP) directive, they must take special precautions to maintain data privacy and regulatory compliance throughout disruptions.

What technologies must agencies deploy to sustain confidentiality as they collaborate across organizational boundaries during emergencies? Virtual private networks (VPNs) and IP communications tools are critical, and agencies must deploy multilayered, integrated security capabilities across networks end to end.

As agencies implement the COOP vision of internal/external, continuous communications and collaboration during disruptions, they increase the number of potential points at which sensitive data can be exposed. Consequently, security must be accounted for in every network component that data touches — across access and transport infrastructures to every endpoint, including mobile computers.

To protect data from prying eyes, VPNs create secure tunnels through public broadband networks, enabling displaced agency employees to remain productive from home or alternate facilities. In-transit data is kept private via standards-based encryption. Because they can be deployed rapidly, VPNs are suitable for long-term emergencies, such as the destruction of a building, or short-term events, such as snowstorms.

Regardless of whether an agency uses IP communications for day-to-day operations, tools are valuable for quickly, securely restoring communications.

Similarly, implementing manual security processes is too time-consuming in a crisis. Networks must have self-defending capabilities to mitigate security threats before they affect operational continuity. For example, a wide-area network firewall might provide the first line of defense for a network. If a worm gets past the firewall, routers and/or switches will detect the intrusion. If they fail to stop it, the worm could be blocked by branch routers or, beyond that, by security agents on servers or desktop or laptop PCs that are watching for and blocking application or network behavior that violates security policies.

The idea is to amass layers of security that require no intervention by employees, who are then kept free to protect the public and maintain continuity of government operations.

When users access data from home or other outside facilities and when data is backed up to alternate data centers, agencies have ideal opportunities to verify their strategies for ensuring data privacy during disruptions. At the same time, this allows for the controlled flow of information during normal operation.

In doing so, agencies can eliminate gaps in protection, prepare for emergency situations when stakes are highest and achieve the COOP vision established in Federal Preparedness Circular 65. "COOP planning is simply a 'good business practice,' " the circular states.

Shenefiel is manager of federal government industry solutions at Cisco Systems.

The Fed 100

Read the profiles of all this year's winners.

Featured

  • Shutterstock image (by wk1003mike): cloud system fracture.

    Does the IRS have a cloud strategy?

    Congress and watchdog agencies have dinged the IRS for lacking an enterprise cloud strategy seven years after it became the official policy of the U.S. government.

  • Shutterstock image: illuminated connections between devices.

    Who won what in EIS

    The General Services Administration posted detailed data on how the $50 billion Enterprise Infrastructure Solutions contract might be divvied up.

  • Wikimedia Image: U.S. Cyber Command logo.

    Trump elevates CyberCom to combatant command status

    The White House announced a long-planned move to elevate Cyber Command to the status of a full combatant command.

  • Photo credit: John Roman Images / Shutterstock.com

    Verizon plans FirstNet rival

    Verizon says it will carve a dedicated network out of its extensive national 4G LTE network for first responders, in competition with FirstNet.

  • AI concept art

    Can AI tools replace feds?

    The Heritage Foundation is recommending that hundreds of thousands of federal jobs be replaced by automation as part of a larger government reorganization strategy.

  • DOD Common Access Cards

    DOD pushes toward CAC replacement

    Defense officials hope the Common Access Card's days are numbered as they continue to test new identity management solutions.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group