Sponsor Content
What does this mean?

Government No Longer Has to Choose Between Cybersecurity and Productivity

Thanks to leading cloud services with embedded security technology, CIOs can help end users work more efficiently while also shoring up cyber-defenses.

James Anderson of Bloomberg Philanthropies and Lamia Kamal-Chaoui of the Organisation for Economic Co-Operation and Development
James Anderson of Bloomberg Philanthropies and Lamia Kamal-Chaoui of the Organisation for Economic Co-Operation and Development hold a new report on government innovation at CityLabDC.
It’s one of the oldest and trickiest balancing acts that government CIOs face: how to ensure the highest levels of cybersecurity without sacrificing end- user productivity. For years, organizations have struggled to weigh the benefits of adding security controls to combat cyber attacks versus the downfalls of making it more difficult for government workers and IT admins to do their jobs.

Fortunately, new technology options eliminate some of these tradeoffs. Leading cloud-based business automation applications like G Suite embed critical security capabilities into their core platform.

“The result is government workers get the latest productivity-boosting innovations while the IT department shores up security and reduces the management overhead necessary to protect operations,” says Gary Danoff, head of G Suite strategy and operations for the public sector at Google Cloud.

Conflicting Priorities

This couldn’t come at a better time for government IT executives who understand the challenge of balancing security and productivity. For example, when a national survey by the Center for Digital Government (CDG) asked IT leaders which barriers prevent them from adopting a hybrid cloud model, almost half (45 percent) named network security as the biggest roadblock. In another recent CDG cloud security survey, 48 percent of state and local senior executives said they were concerned a hybrid cloud environment would create more work for their staff.

The reality is that on-premises and patchwork systems pose great risk to security and productivity. The minute a few patches are complete, a new set of patches is released, requiring administrators to allocate resources toward maintaining control of the environment. Organizations without a comprehensive approach to security can suffer productivity loss and be more vulnerable to a data breach.

“All of this data points to a similar conclusion: Government can’t serve its citizens if productivity suffers as cybersecurity defenses grow stronger; the current environment demands we have both,” Danoff says.

Leading cloud services provide comprehensive tools that make it easier for government workers to perform their jobs. G Suite offers a comprehensive set of intelligent cloud-based tools for end users to create, share and store information, as well as collaborate with peers to solve problems and brainstorm new ideas in real time.

Collaboration happens via the most relevant tools for the task at hand. These tools range from spreadsheets and text-based documents to slide decks, email and websites. Cloud-based storage provides a central location to manage assets created in G Suite or applications from other vendors. Google Cloud Search ensures employees can quickly find their information across various storage locations, including non-Google cloud repositories, databases and public cloud platforms.

Productivity and Security in One

While it’s critical to maintain end-user productivity, state and local officials need much more. In an era of sophisticated cyber attacks, productivity and collaboration tools must also provide in-depth security capabilities.

Phishing attacks remain a primary strategy hackers use to breach systems. New advanced anti-phishing and malware protections in Gmail apply machine learning (ML) to develop better self-learning models to detect threats. For example, Gmail can automatically flag emails from untrusted senders that have encrypted attachments or embedded scripts. It can also warn against emails that try to spoof employee names or come from a domain that mocks a user’s own domain. With these protections, more than 99.9% of business email compromise (BEC) scenarios— when someone impersonates an executive to get sensitive information — are either automatically moved to the spam folder or flagged with anomaly warnings to users.

Other built-in security capabilities include data loss protection to guard against exfiltration, integrated Google Safe Browsing in Chrome, as well as phishing resistant Titan Security Keys for high-risk individuals. With this combination of security controls, agencies can help significantly reduce the risk of phishing attacks.

End-user security and productivity aren’t the only factors to consider. IT staffs are inundated with complex tasks related to managing secure environments, and the built-in security capabilities in G Suite offer relief. Security center for G Suite provides organizations with security analytics, best practice recommendations and integrated remediation that helps admins act against threats. It also allows admins to work together on remediating security threats, so they can collaboratively assess their organization's exposure to security issues.

Good security means constantly staying ahead of threats, and Google’s existing ML models are highly effective at doing this. TensorFlow, an open-source ML framework developed at Google, now blocks around 100 million spam messages every day.

“By continuously releasing new features to improve productivity while simultaneously strengthening defenses with embedded security, G Suite offers a path toward more efficient government security practices and the biggest prize of all: delivering new and more secure services to citizens,” Danoff says.