Worried that remote access can lead to increased cybersecurity vulnerabilities?
Learn how Idaho's fastest growing city's public works department stays protected and connected
Sponsored by Tempered
By Yoona Ha, Gov1 BrandFocus Staff
The coronavirus pandemic has forced many office-based workers, including municipal government staff, to embrace remote work. While some may view this option as a privilege, for many local governments, this unprecedented shift toward virtual work has spawned new challenges that pile onto existing workloads.
It also raises serious cybersecurity questions, especially after ransomware attacks have paralyzed cities across the country in recent years.
So how do government organizations balance these competing priorities while remaining in compliance with existing stay-at-home orders and social distancing recommendations?
This is the million-dollar question that one Seattle-based company stepped up to answer.
Tempered, a secure network provider, provides a zero-trust network access solution called Airwall, a Software-Defined Perimeter (SDP), which can set up 5,000 remote workers in just 90 minutes. Its specialty is in filling the network security gaps that major legacy network security technologies cannot close just yet.
Unlike many traditional VPN providers, Airwall offers the ability to hide all devices and networks from cybercriminals so organizations can safely offer secure connectivity to employees anywhere.
One city’s dilemma: How to maintain a secure, remote network 24/7
Eli Daniel, a network administrator with the city of Meridian in Idaho, faced this exact challenge. The city of more than 100,000 residents is considered the state’s fastest-growing city. Even prior to the onset of the coronavirus pandemic, city leaders realized they needed to figure out how to secure communications for the city’s water treatment facilities, including well sites, lift stations and other remote sites spread throughout the city, to maintain a consistent level of service for the growing population.
In particular, the public works department needed to replace its antiquated point-to-point wireless systems that were either continually losing their line of sight or breaking.
“There were just a lot of issues inherent with those types of systems,” said Daniel. “We were getting tired of replacing them. We knew that we were just going to hit the exact same problem for the rest of our lives.”
Updating wireless communications may seem less critical than upgrading the wastewater treatment infrastructure itself, but such inaction could put communities and cities at risk. In Meridian, losing the ability to monitor water pressure across several systems could result in hundreds, if not thousands of homeowners experiencing water pressure drops or outages. In larger cities, a compromised network can throw an entire city into the digital dark ages.
Take for example, what happened when the city of Wilmer, Texas, faced ransomware attacks after hackers infiltrated its computer systems – every city official’s biggest nightmare. The disruptions led to millions of dollars in damage and recovery costs and eroded trust in the integrity of city systems that handle everything from vote counting to water and power. In fact, an estimate of ransomware damages to 23 cities across Texas in 2019 is estimated to be a whopping $12 million.
Why you don’t need to sacrifice security to expand remote work/network access
Now that millions of Americans are suddenly working from home 24/7, due to the coronavirus pandemic, it’s imperative that local governments keep an eye on cybersecurity. Jeff Hussey, the founder and CEO of F5 Networks and now the founder of Tempered, has years of experience in network security and says that most existing networks have a fatal flaw: lack of security and mobility built-in. Tempered offers networks that are invisible to any IP-based threat, which eliminates that fatal flaw he says.
Hussey explains how three key components of Airwall provide the critical cybersecurity elements to support remote work:
1. Zero-trust connectivity addresses the problems of firewalls. There’s a chance that you’ve never heard of the term “zero trust” used to describe networks. Unlike firewalls, zero-trust frameworks take the approach of “never trust, always verify” when it comes to cybersecurity. This means that the network can block connectivity to servers and applications from unknown devices, which makes any kind of data invisible to those who don’t have approved access.
A zero-trust approach works especially well for government entities looking to ensure that only approved users get access. Once a hacker gets through a firewall, they’ll have access to a plethora of data, but with zero-trust systems, users only have access to their authorized — or whitelisted — applications and not the entire corporate network.
2. Microsegmentation minimizes individual user access and therefore potential breaches. Think of a VPN network as a bouncer, says Hussey. Once a user is authenticated, the VPN or bouncer will let them through.
One issue with this in a governmental setting is that you may not want a user to be able to access other areas in a shared network, such as a sheriff’s system or a property tax system. A microsegmented network allows users access only to their authorized applications. That way agencies can defend and secure any breach to one confined area as opposed to the entire shared network.
3. End-to-end encryption provides another remote security layer. End-to-end encryption works by allowing only active communicators to access messages. It’s a line of defense against hackers who want to access lines of communication for the purpose of surveillance, data theft or alterations. With this security measure in place, government officials can send messages without fear of that information being accessed by prying eyes.
One of the biggest mistakes that local government agencies can make right now is to loosen up cybersecurity measures when expanding access to remote workers.
“It’s not worth the risk. With the pandemic in place, government officials are stretched thin unlike ever before,” Hussey said. “Remote access is of paramount importance for any entity that’s responsible for physical infrastructure.”
How Meridian stays protected and connected
After vetting several vendors, Daniel said it became clear that Tempered offered many more advantages over other “big name” vendors. Price was just one of the advantages he saw in Tempered’s Airwall solution. Another was the peace of mind that comes with knowing that the Airwall protects critical data and infrastructure from outsiders – and then there’s the consistent level of support the city has received since implementing Airwall.
“Things get escalated so fast that I get a call within 20 minutes and a resolution soon, and I feel like the relationship we have is the special secret sauce – to be able to reach out to somebody and have contact,” said Daniel. “Airwall is easy to administer, and I don’t have to do any crazy equipment provisioning every time I want to do this. It’s just a piece of cake, and I feel comfortable and confident in the security of it — because it’s built-in. I don’t have to get two solutions for connectivity and security. It’s a win-win for us.”
Another bonus? Increased productivity.
“If we stayed with a point-to-point network system or a multi-product solution for these water sites,” he said, “there’s no way that I’d be able to do everything that I need to do in an hour, whereas it took me 10 minutes to put together the Airwall to scale networking out to remote sites securely.”
Get more info from Tempered