Cloud-based technology continues to mature as more organizations are starting to invest heavily in different applications to store and protect their data. One sector looking to increase their efforts in cloud technology is the public sector, which is expected to see a 17-percent increase in cloud-based security, according to Gartner.
As hackers continue to update their tactics in order to break through networks, the public sector is right to put more of an emphasis on cloud security. Here’s a better look at cloud security in the public sector in 2020.
Transparency and trust are important parts of building a strong public sector. Many states are starting to implement laws mandating certain documents, such as policies and procedures, be made available for the public to access.
In fact, in California, the state passed a bill requiring each state and local law enforcement agency to post current standards, practices, operating procedures, and policies this year. While this helps to increase public trust, there are certain costs and risks for the state when it comes to keeping files and data current and secure. Files have to be collected and server space must be acquired. What’s more, there has to be an adequate IT team in place to monitor everything. To do this, many agencies are turning to cloud services to streamline these processes.
Data that is going into the cloud includes any data that goes to applications that store information in the cloud; such as Salesforce or Dropbox. These servers are managed by the company that owns them and not by local governments that own the data.
Concerns with these services include stolen accounts or hacked information, lost data, or stolen data that has been transferred into a Dropbox. These concerns are warranted by applications that access more information and personal data than is needed, usually because the developers building the software aren’t considering security threats.
One way this can be protected against is to install an application-layer firewall, which can offer organizations and public sector agencies visibility into which cloud-based applications are being utilized.
Data stored within the cloud is needing to be controlled. This can in turn open up the data to vulnerabilities when this information needs to work in tandem with on-premises data.
In reality, hackers are constantly modifying the way they attack a network to get around defenses and pick up the data they want. Eventually, it’s more than likely that an attacker will find their way in, putting an emphasis on agencies needing to prepare for responding to an attack more than preventing it, even though prevention efforts still need to be in place.
What this looks like is agencies being equipped with more breach detection software and taking some of the focus away from investments that are pointed at securing the perimeter. Agencies need to take steps to segment out servers in the cloud so if one area is compromised, others are still kept safe.
Professional Governmental Underwriters, Inc., is a full-service risk management company dedicated to assisting public, educational and non-profit entities in the management of their professional liability exposures including educators liability insurance. We are dedicated to providing state-of-the-art professional underwriting management and loss control advisory services on behalf of our designated carriers. For more information, call us toll-free at (800) 586-6502.