Why Federal Agencies Need Better Online Security
There’s a saying among those working the front lines in the war on terror: Terrorists only need to be successful once, but anti-terrorist efforts must be right every time, every day.
That same applies to the ongoing threat of cyberattacks. Whether the target is the nation’s infrastructure, classified government files, or the personal information of everyday Americans, cybersecurity must be reliable every hour of every day.
Is your data in danger?
Each year, the government collects and stores more and more sensitive information on citizens. We’ve all seen the stories of major hacks and cyber-intrusions at government agencies. That raises the question: How confident can citizens be certain that their personal information can’t be accessed by someone like 100,000 cyber-espionage experts in the Chinese military, or similar cyber-specialists working for Russia, Iran and North Korea?
- A 2016 Wired article reported the U.S. Office of Personnel Management (OPM) database “Repels 10 million attempted digital intrusions per month.” The OPM manages the government’s records for employees and contractors and personal information for civilian federal agencies. In 2015, the OPM missed two intrusions when the personal information of 21.5 million people was hacked in two separate attacks.
- In December 2015, a U.S. voter database of 191 million citizens was exposed, including names, addresses, email addresses, party affiliation and more. The problem was reportedly blamed on human error and faulty database development.
- In March 2020, an investigative CyberNews team in Lithuania discovered an unprotected database of 200 million detailed user records. The data exposed “Full names and titles, email addresses, phone numbers, birthdates, credit ratings, home and mortgage real estate addresses, demographics, mortgage and tax records, and information about personal interests, and investments, as well as political, charitable, and religious donations.”
The researchers said much of the data found in the main folder may have originated in the U.S. Census Bureau. “We were shocked by the sheer scale of the data exposed. The combination of personal, demographic and real estate asset data was an absolute goldmine for cybercriminals.”
Don’t compromise your security
When federal agencies are entrusted with the personal information of millions, it is imperative that online security is up to the task.
Employing generic security software isn’t just insufficient for the needs of government agencies. It’s practically an engraved invitation to hackers and cyber-pirates.
Here are some things to think about when considering your security:
- Do you have an appointed person who can recognize and eliminate security vulnerabilities?
- Are you preventing cross-site scripting, SQL injection attacks, and cross-site request forgery?
- Security terminology is complex—do you have a point of contact who is comfortable with the complexity and necessary technology discussions?
- How many security scans does your code go through to make sure it conforms to your security guidelines?
At Envisage, we call our security strategy “Defense in depth.” It offers system administrators flexibility and the creativity to develop and monitor their security infrastructure, without the risk of compromising data and sensitive information. That’s why the U.S. Department of Homeland Security, Department of Justice, and Department of State, who have some of the most stringent security requirements in the world, work with us.
Your security is too important to not take every precaution needed to keep your data safe. Don’t compromise.