Dialing up security as a nation dials in from home

As the ongoing pandemic forces much of the nation’s workforce to log on from home, federal, state and local agencies are scrambling for reliable solutions to keep serving constituents and delivering on their mission.

From an IT perspective, agencies must address several key challenges at once, including endpoint security, encrypted data transmission and bandwidth capacity, says Jim Richberg, a former federal cybersecurity official and now field CISO at Fortinet.

What’s helping IT departments keep up, he says, is an expanding set of secure connectivity capabilities that are able to respond to many of these urgent challenges.

“Organizations grappling with the need to move rapidly to support remote and mobile worker populations don’t have to, and frankly shouldn’t, reinvent the wheel — either in terms of technology or best practices,” he explains.

Richberg explores how the current demands for a remote workforce will have short- and long-term effects on teleworking capabilities, in a new podcast series, “Security Transformation in Government,” produced by FedScoop and StateScoop, and underwritten by Fortinet.

To ensure a successful transition in this crisis, security needs to be top of mind for agency leaders:

Why security matters for the remote workforce

Ensuring endpoint security within the IT environments of remote workers general extends beyond most organizations’ control and brings a new meaning to the term insider risk, cautions Richberg.

He shares how a home network with vulnerable IoT devices such as baby cams and doorbells — or family members using personal applications, social media and gaming consoles — can potentially introduce new threats into the network.

“Cloud computing becomes an especially attractive option under these circumstances. For federal users, [Trusted Internet Connections version 3.0] permits direct connection – rather than having to route traffic back through the home agency – and it encompasses use of software-as-a-service platforms,” he says.

Keeping security at the forefront of decisions

“One of my big concerns about remote telework is that it pits security against performance in a rematch of the classic security versus convenience dilemma that security always seems to lose. In this case, because of the way we’ve had to implement the mass migration into telework, in an ad hoc fashion and under time pressure, it’s been challenging to get connectivity established and workers productive,” Richberg says.

He stresses that security is not a one size fits all problem. Each type of user has differing needs in terms of connectivity and solutions. Ensuring secure and reliable computing today can have long-term effects on the ability of agencies to set up longer-term teleworking options for coworkers to remain productive.

How remote workers can help mitigate cyber risks

“Most people are not IT experts, and the unfortunate reality is that many home networks are running unpatched hardware and software and default passwords,” Richberg says.

“This transition to telework is actually an opportunity for individuals to focus on cybersecurity fundamentals that can not only secure the remote worksite, but can also help safeguard employees and their families against malicious cyber-activities ranging from identity theft to ransomware,” he explains.

Jim Richberg formerly served as the National Intelligence Manager for Cyber in the Office of the Director of National Intelligence, where he set national cyber intelligence priorities. Before that, he monitored and coordinated implementation of the whole-of-government Comprehensive National Cybersecurity Initiative for Presidents George W. Bush and Barack Obama.

Listen to the podcast for the full conversation on security transformation. You can hear more coverage of “Security Transformation in Government” on our FedScoop radio channels on Apple Podcasts, Spotify, Google Play, Stitcher and TuneIn.

This podcast was produced by FedScoop and underwritten by Fortinet.