BYOD, IoT and the 3rd Platform: What They Mean for Agency Security
There are a number of factors driving the need for a major upgrade in the security of information technology networks in U.S. public sector organizations. First, similar to their counterparts in the private sector, public sector employees want to enjoy the benefits of mobility and, where appropriate, a Bring Your Own Device policy, or BYOD.
Mobility can remove boundaries with regard to time and place, leading to more productivity. This is true for both public sector organizations and private, for-profit entities.
Related to the first factor is the increased digitization of public sector organizations. For example, governments can leverage cloud applications to better deliver every-day services to their constituents. IDC has identified use cases in the areas of public health, transportation, public safety, records management, and economic development, among others. Fully realizing the transformational opportunities in these areas will require many government entities to significantly upgrade their network infrastructure, from core to edge.
Adjacent to the digital transformation trend at the federal and state levels of government is the fact that some municipalities are embarking upon more systematic “Smart Cities” initiatives. Smart Cities are municipalities with a vision, a plan, and an execution road map to enact the digital transformation of government by investing in 3rd Platform information and communications technology (ICT). The 3rd Platform includes mobile technologies, big data analytics, social networks, and cloud services as its foundation for a set of innovation accelerators, such as the Internet of Things (IoT), that enable potentially radical new work processes, services, and products.
All of these major trends are creating the need for “foundational security” within government networks. Foundational security refers to the native integration of security tools in the network infrastructure from core to edge. This includes monitoring, segmentation, policy enforcement and management, and firewalls, among other tools.
Foundational security means that switches, routers, wireless access points, and other network equipment are designed with built-in security from day zero. This is important because it provides stronger network fortification against 3rd Platform attack vectors. Foundational security means end-to-end protection where there are no holes through which attacks can penetrate.
A key feature of foundational security is the use of network analytics to inform the network of security activity. Analytics can let the network know when the security environment is abnormal and can push out fixes as necessary, as well as trigger environment modifications for future protection.