As agencies pass the anniversary of the pandemic’s start, plans for the future of work are more dynamic than ever. In March 2020, agencies rapidly implemented quick shifts to keep functioning while remaining reasonably secure. However, we’re now realizing the full breadth of the security challenges telework poses — and those threats are quickly evolving.
Agencies are experiencing new types of attacks — ransomware and beyond — and malware is finding new avenues of entry. Employees are using work equipment to share personal information — and vice versa — more frequently than they were pre-pandemic. This data mingling creates new outlets for cyberattacks that will only increase as workers transition regularly between desks in living rooms and desks in federal buildings.
Security incidents are inevitable, but data accuracy and availability are nonnegotiable. As more agencies either continue to allow telework or foster a hybrid work environment, federal workers must be vigilant and aware of the threats they pose, while agencies need a reliable, seamless backup and disaster recovery plan.
Agencies Have to Contend with a Large Attack Surface
When it comes to having a backup and disaster recovery plan in place, agencies can begin with a few basic numbers: 0, 1, 2, 3 and 2 million.
Agencies can start with the biggest number, 2 million. This is the approximate number of federal employees at civilian agencies alone, and the number of individuals who can either be assets to protecting their agencies or the weakest links.
This starts with awareness of the risks caused by data mingling, where data is crossed over or “mingled” in multiple environments. Though ordering Girl Scout cookies or coordinating soccer practice through a government email address or device may seem harmless, it isn’t.
The more employees share their personal information on work devices or use personal devices for work, the greater their attack surface becomes.
IT leaders also need to increase awareness of the fact that threat actors can present themselves as believable impersonations of government employees or other trusted contacts.
While identity management tools can help flag these identity impersonation attacks, users need to be educated on what to look for and why they need to stop data mingling. This education should start early, even as a part of the onboarding process, and be consistently revisited to keep awareness fresh.
A New Strategy for Protecting Data
Across over 2 million individual users, there are many opportunities for error. An agency’s data protection strategy is critical. A “3-2-1-1-0” strategy can be a good place to start.
This is a shift from the historical “3-2-1” strategy, in which best practices dictated that three copies of data should be kept on at least two different media, with one copy stored offsite.
This has now been extended to include at least one immutable copy of the data that can’t be changed by ransomware or other malware, as well as identifying data, such as long-term archival data that will likely not need to be utilized again but must be retained for compliance purposes. This data — referenced by the “0” — can be retained in cold storage on the lowest-price environment possible.
An advantage of this strategy is that it works in any environment, physical or virtual, as our government workforce continues to blend. It’s also easy to understand and implement. While supporting a 3-2-1-1-0 strategy, government agencies should seek reliable and intelligent backup solutions that support continuous data protection to meet government networks’ growing data protection needs.
Throughout this transition, the federal government has provided numerous resources to support organizations and users as threats advance. Awareness resources like the Cybersecurity and Infrastructure Security Agency’s Reduce the Risks of Ransomware campaign can join with a well-defined backup strategy and user education.
The coronavirus pandemic is a reminder of how quickly things can change and how essential it is to prepare for the unexpected. There will always be barriers to overcome, but a strong backup strategy and well-educated workforce can be the best starting point to safeguard government data as work environments and risks evolve.