State and local government agencies are facing a growing number of ransomware attacks that can paralyze government services. As this type of cyberthreat expands, there is an added urgency for leaders to rethink how they approach identity and access management (IAM) controls.
The good news for CIOs and security leaders is the evolution of advanced, centrally deployed and managed IAM tools that make it significantly harder and more costly for hackers to gain access to government’s most exploitable assets, says a new report.
Deploying a centralized IAM platform not only lowers the total cost of ownership across IT systems, it also puts state and local government agencies in a stronger position to embrace emerging security standards, according to Sean Frazier, advisory chief information security officer at Duo Security.
Managing identity through a central platform is not enough to secure your network, however. Organizations also need to rethink what a means to have a secure platform.
Implementing zero trust as a control model for identity authentication can extend access privileges beyond the confines of infrastructure, databases and network devices, according to the report, produced by StateScoop and underwritten by Duo Security.
“The next big step is how do we get to ‘zero trust’ at an enterprise level as we move more towards cloud and mobile,” says Frazier.
The report highlights steps state and local governments can take to pilot newer-generation IAM platforms and suggests essential capabilities to look for when considering what platform to invest in. At a minimum, says Frazier, those systems should be able to:
- Verify who or what is requesting access, using strong multifactor authentication.
- Evaluate the trustworthiness of every device, application and workload accessing your environment.
- Define and enforce adaptive and contextual access policies, granting “least privilege access” as appropriate across your IT environment for each access request.
- Enable secure connections and deploy access proxies (APIs) to all applications.
- Audit user and device activity, leveraging analytic tools to detect anomalies.
The distributed nature of government IT systems makes them easy targets for hackers to penetrate, therefore thinking long-term about IAM tools can save governments from a costly recovery in the event of a ransomware attack.
For example, Baltimore officials estimate the total cost of the RobinHood attack in May could top $18 million. And ransomware attacks in Georgia, Ohio, New York and Florida have all allowed attackers to hold agency data hostage unless officials met attackers’ demands.
As long as employees are one click away from opening a deceptive email or web application, hackers will keep trying to exploit users’ credentials, the report states.
Frazier encourages agencies leaders to continue laying the groundwork for deploying a centralized IAM solution that can manage access controls across multiple IT environments and that also supports compliance with multiple regulations.
“That ultimately means replacing piecemeal IAM applications with a modern, centralized approach, capable of managing multifactor authentication (MFA) and access control at an enterprise level,” Frazier says.
Read more about mitigating the risk of cyberthreats, like ransomware attacks by strengthening identity and access management tools.
This article was produced by StateScoop and sponsored by Duo Security.