Government Technology Insider
  • About
  • State & Local
  • Civilian
  • Defense & IC
SUBSCRIBE
No Result
View All Result
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Beyond Modernization
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
Government Technology Insider
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Beyond Modernization
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
No Result
View All Result
Government Technology Insider
No Result
View All Result
Home Cybersecurity

Five Data Center Security Tips to Thwart Increasing Federal IT Threats

by Mav Turner
August 28, 2017
in Cybersecurity
Reading Time: 5 mins read
A A
Federal IT
Share on FacebookShare on Twitter

Within today’s federal IT environments, cybersecurity is one of the highest priorities. Cyberattacks are no longer considered an “if” occurrence—they’re considered a “when” occurrence. Given this new norm, federal IT pros must be prepared to defend their agency’s data.

The good news is, with a combination of tools, teams, and education, it is absolutely possible to defend a federal data center and stop threats before they become major incidents. I recommend the following five-step approach.

Step 1: Integrate SIEM software

Security information and event management (SIEM) software is essentially a combination of security information management (SIM) and security event management (SEM) functionality, all rolled into a single offering. The combination—SIEM—takes relevant security information from across an agency’s multiple locations and presents them through a single view.

There are several advantages here. First, a single view helps the federal IT pro spot trends and patterns and far more easily, so they can identify anything out of the ordinary. Second, it helps identify vulnerabilities and configuration issues quickly, and helps ensure an equally fast response. Third, in terms of maintenance, a SIEM can help oversee patches and log event management.

Step 2: Create a top-tier security team

Attack attempts, particularly into federal agencies, are near constant; as a result, federal IT pros must be more vigilant than ever when monitoring systems with the most sensitive, and therefore valuable, information.

Having a security team in place is an absolute must. Even if the budget does not allow for a large team, the agency should at least look to create a basic-level security team that can work together to create a security framework. And remember: the security landscape is constantly changing. The team should continue to evaluate that framework on an ongoing basis to ensure it is up to date with the latest threat, vulnerability, and mitigation information. In fact, reassess the framework every six to nine months to ensure everything is up to date and as effective as possible.

Step 3: Create a baseline

The security team should be equipped with a comprehensive monitoring toolset that will allow the team to create a baseline of performance expectations across systems, networks, and databases. With this baseline understanding of what “typical” performance looks like for each of these pieces of the infrastructure, it will be far easier for the team to recognize anomalies. With quick recognition, the team can then execute on a pre-determined response plan in order to quickly and effectively investigate and remediate.

Step 4: Use existing resources

As cybersecurity becomes an increasing priority, so too increases the number of free and readily available cybersecurity information and resources that federal IT pros can leverage to help protect their agency. The National Institute of Standards and Technology (NIST) National Vulnerability Database should be a cornerstone of every agency’s security posture. The Common Vulnerabilities and Exposure (CVE) database is another excellent tool. Each of these provides real-time updates on current and potential future security threats, their corresponding threat level, and suggestions for remediation. Take advantage of all these resources and ensure the security team is always up to date on the latest threats and mitigation strategies.

Step 5: Invest in end-user education

End-user education is far too often overlooked—or done simply to check a compliance box. Statistics consistently show that a majority of attacks originate from the inside the agency, stemming from things like phishing attacks or other accidental user errors that stem from an inadequate understanding of potential security threats.

While things may seem obvious to the security team, the rest of the agency’s personnel simply may not understand how one action today may open the door to an attack tomorrow, the next day, or even several months down the road. The reality is, the security of the agency’s data center is only as secure as the end-users working within the infrastructure. Exacerbating the challenge, as more types of devices get approval to be added to the agency network—and are allowed to access the network and data center resources—it’s in the agency’s best interest to properly educate end-users about the impact they can have on overall agency security.

Conclusion

For federal IT pros, trying to harden their agency’s security posture—particularly, enhancing data center security—may seem like running toward a moving finish line. While the security landscape is certainly ever-changing, the five suggestions here are a good place to start in developing reliable data center security measures that will help protect against the expected rise in data breaches and other cyberattacks in the months and years to come.

Want to hear more of what Mav has to say about information security?  Watch this video:

Tags: Common Vulnerabilities and ExposureCVEcyber threatsCyberattackscybersecuritydata centerData Center Securityfederal ITIT modernizationnational institute of standards and technologyNational Vulnerability DatabaseNISTSIEM Software

RELATED POSTS

CISA and Congressional Leaders
Cybersecurity

CISA and Congressional Leaders Look to Combat Cyber Threats from Nation-State Actors

September 14, 2023
Zero Trust Ensures Secure Access from Anywhere for Federal Agencies
Civilian

Zero Trust Ensures Secure Access from Anywhere for Federal Agencies

September 11, 2023
AI Implications – Keeping Cool in the AI Era
Digital Transformation

AI Implications – Keeping Cool in the AI Era

September 7, 2023

TRENDING NOW

  • A True Zero Trust Approach Requires Federal Agencies to Move Beyond Compliance

    A True Zero Trust Approach Requires Federal Agencies to Move Beyond Compliance

    370 shares
    Share 148 Tweet 93
  • DoD Leverages Cyber Threat Intelligence for National Security

    121 shares
    Share 48 Tweet 30
  • Meet Advana: How the Department of Defense Solved its Data Interoperability Challenges

    12024 shares
    Share 4810 Tweet 3006
  • AI Implications – Power Requirements Going Nuclear on Local Grids

    28 shares
    Share 11 Tweet 7
  • Making Identity Verification Equitable for All

    20 shares
    Share 8 Tweet 5

CONNECT WITH US

BECOME AN INSIDER

Get Government Technology Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Strategic Communications Group offers analytics, content marketing, and lead identification services. Interested?
Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About Government Technology Insider
  • State & Local
  • Civilian
  • Defense & IC
  • Categories
    • Acquisition
    • AI & Data
    • Customer Experience
    • Cybersecurity
    • Digital Transformation
    • Hybrid Work
    • Public Safety
  • Contact Us