A How-To Guide for IT Security in Government
Jul 2, 2008,
Facing Today's Security Challenges
Safeguarding government data and computing resources has never been more complex. Public-sector security officials are responsible for protecting a network of people and information that extends beyond their control. Public work forces rely on multiple network-connected devices - many of them easily portable and extremely powerful - to go about their daily business. Agencies share data with a multifaceted web of government and third-party partners.
At the same time, the threat landscape is changing. Virus attacks have gone underground as their perpetrators, no longer interested in fame, go after confidential data that can lead to financial gain. Theft of sensitive identity and financial information now is a serious criminal enterprise, with a corresponding increase in the sophistication of cyber-attacks.
In this environment, public-sector enterprises must constantly be vigilant about protecting their networks and data to maintain daily operations and public confidence. Citizens trust government with their personal information, and keeping that data secure is of paramount importance. In this guide, we identify key security challenges and provide solutions and best practices to address them. On the following pages, you'll find practical advice on preventing data loss, addressing policy compliance, securing network endpoints, controlling network access, improving mobile security, strengthening messaging security and choosing a managed security provider.
Symantec's immense data-gathering effort gives it unique insight into real-world security threats and solutions. The company has 2.4 million decoy e-mail accounts that help it study the latest developments in malicious activity. And with more than 40,000 Internet sensors around the world, Symantec experts analyze incidents and threats 24/7. With this guide, Symantec aims to keep readers informed with up-to-date information on the current threat landscape, plus other trends affecting security.
Security breaches can cost a fortune - not just financially, but also in negative publicity and lost confidence from citizens. Productivity losses can be hard to quantify, but they too are real. And regulatory fines can also hurt.
Knowledge is power. The first step in improving security is to understand the risks and vulnerabilities. In these fast-changing times, that means gaining knowledge and implementing solutions today.
Chapter 1: Network Access Control
With the significant increase in the numbers and types of endpoints accessing an organization's network, providing security for the entire network has never been more challenging than it is today. Due to this rapid proliferation of endpoints, it's no longer acceptable to provide unchecked access to an organization's network.
Network access control, when done properly, provides the peace of mind that comes with knowing an organization has complete, end-to-end control over access to its network.
A Comprehensive Challenge
Networks consist of an organization's managed systems (owned and procured by the organization) - in addition to contractor systems, guest systems, public kiosks and partner systems. Administrators often have little or no control over the management of these vastly different endpoints, yet they are expected to keep their networks secure and available.
Added to that is the ever-expanding number of hotspots, kiosks, mobile devices and other types of users. Providing access to networks has become an "anytime, anywhere, anyone" scenario. Networks also need to provide access - both on-site and remote - to both managed computers (owned by the organization) and unmanaged computers (owned by individual workers).
In general, today's networks are much more open than they've been in the past, and that automatically increases an organization's risk. Maintaining network integrity is a constant, daily challenge. Having proper network access control is more important than ever before.
Good network access control is not an isolated endeavor. It's a complete, ongoing process that includes constant, real-time monitoring. The following are some key best practices.
Discover and Evaluate Endpoints - This should occur as endpoints connect to
Industry Solutions for Government
Read real world deployments of technology in government from our sponsors.
View All Industry SolutionsRelated Products and Services
Marketplace
Video 
-
Clean Tech Capital
Chad Vander Veen reports on Sacramento's growing clean technology industry. -
Power Aid, Texting 911 & Broadband
Battery running low? Power up on the go. Got an emergency? Now some residents can text for help. And survey reveals broadband barriers. -
Belkin the Vampire Slayer
Belkin surge protector takes a bite out of vampire power.
Government Jobs
Browse hundreds of public sector career opportunities in GovTech's new jobs section. Popular job searches: government IT, public safety, GIS, transportation, CIO, security, health
Video, Government Articles, Slide Shows, Case Studies, Privacy Policy, News Feeds (RSS), MyGT
twitter
100 Blue Ravine Rd. Folsom, CA 95630.
916-932-1300 Copyright © 1995-2008. All rights reserved.
Government Technology Magazine
Government Technology Magazine provides information technology (IT) case studies, applications, news and best practices for state, city and county government.
Get FREE SubscriptionEmergency Management Magazine
Emergency Management Magazine provides technology news and solutions to the local government authorities that help protect our communities.
Get FREE SubscriptionPublic CIO Magazine
Public CIO Magazine provides technology news and solutions to public sector C-level technology executives.
Get FREE SubscriptionDigital Communities Magazine
Digital Communities Magazine is the premier information source for cities, counties and regions to explore and share experiences and best practices beyond just infrastructure and mobile innovations.
Get FREE Subscription
Latest Government Technology News