Addressing Government Data Center Security
This article originally appeared on April 3, 2016, and has been revised to bring our readers the most up-to-date technology information.
The massive growth of data in recent years has dramatically impacted government data center management — putting a premium on storage and data center security that IT leaders must meet while working within budget constraints.
Federal agencies seeking to improve data center performance are encouraged to follow a two-step process that starts with properly scoping the needs of the agency. However, the second step is perhaps the most crucial: ensuring information security.
Implementing data center security
Among the organizations surveyed in Verizon's “2017 Data Breach Investigations Report,” the public sector was the third most prevalent data breach victim, accounting for 12% of incidents.
Moreover, the Ponemon Institute’s “2017 Cost of Data Breach Study” concluded that “disruptive technologies, access to cloud-based applications and data, as well as the use of mobile devices (including BYOD and mobile apps) increase the complexity of dealing with IT security risks and data breaches.”
With the growing number and sophistication of threats, there is no one-size-fits-all process to manage every data security issue. However, some of the key components to consider incorporating in a federal government data center security program include:
Threat identification — This incorporates protocols for asset management, vulnerability assessments and risk management. Perhaps most important for federal agencies, instituting governance will ensure your data is in compliance with regulatory mandates.
Data protection — Safeguarding information comes down to controlling sensitive data and establishing limits regarding when and where it can be accessed. The processes and procedures include encryption, integrity protection and data-loss prevention techniques.
Detection security — Continuous monitoring, particularly through next-generation firewalls, can provide real-time alerts on cybersecurity threats, including anomalies and intrusions. Pre-empting and mitigating security risks saves time, money and resources.
Response security — Incidence response planning, communications and infrastructure can assist in identifying an attack, containing the damage, and restoring the integrity of the network and systems. For cloud users, sandboxing and Software as a Service may be prudent approaches.
Threat recovery — No system or sensitive data is 100% immune to security breaches, terrorist attacks or natural disasters. And in the event of a catastrophic event, you want to be able to maintain continuity for your employees, as well as your citizens. Enhancements to security can include a distributed backup architecture, federated deduplication of data or cloud storage.
Your agency may not be able to rely on a single vendor to ensure comprehensive protection. And while vendor discovery may prove challenging, it’s essential your data center security strategy addresses employees, processes and technology — and includes a road map for re-evaluating and upgrading security solutions to keep up with the latest threats.
In addition, data governance, compliance and security should mutually reinforce one another to ensure efficiency and streamline management and reporting.
The bottom line on data security
Data centers and security are inextricably tied, whether you’re discussing agency-based computer networks or the imminent sprawl of mobile device usage. When seeking the correct solution for an agency, you’ll need to consider not only current usage patterns (in the case of data) and threats (in the case of security), but also project forward to how they can be adapted in the future.
By embracing the best available technologies and seeking the advice of subject matter experts in each field, you’ll position yourself and your agency for ease of use, compliance and positive end results.