Endpoint Devices: The New Battleground for Public Sector Cybersecurity

Local governments are getting wise to the importance of protecting themselves from potential cybersecurity attacks, but there is still room for improvement, says HP's Christoph Ruef.

In the quest for secure systems, there is still one important weak point that many private and public sector organizations are still overlooking: endpoint devices. These are devices such as PCs, printers, scanners, Voice over Internet Protocol (VoIP) phones and smart meters, which carry important and private information from both staff and citizens. Though these devices might seem innocuous, they're being increasingly preyed upon by cybercriminals to gain access to sensitive information.

In the average home, we may be more aware of the growing number of connected devices — from thermostats, to televisions, gaming systems and smart home devices. However, in a public sector setting, it can be easy to overlook the sheer volume of connected devices, all of which open up the public sector networks to vulnerabilities.

Making things more complicated is the sheer number of endpoints public sectors have to deal with. Employing more than 20 million people, federal, state and local governments are using a lot of connected devices in the workplace, and many struggle to track how many they have deployed.

This is contributing to the sinking feeling that many state and local government officials have when they think about protecting their networks. A recent survey from security consultancy, Netwrix, highlighted that the public sector is still lagging behind the private sector in cybersecurity. Moreover, perhaps more shockingly, only 14 percent of government respondents considered themselves "well prepared" for IT risks. Meanwhile, SecurityScorecard found that across all industries surveyed in its 2017 cybersecurity report, government organizations received one of the lowest security scores.

SIGN UP: Get more news from the StateTech newsletter in your inbox every two weeks!

Why Do Hackers Target Public Sector Endpoint Devices?

Cybersecurity for endpoint devices is widely underappreciated. In many cases, endpoint security is not seen as a high requirement for IT procurement contracts.

For example, in a recent Spiceworks survey of more than 300 enterprise IT decision-makers, just 16 percent considered printers a high-risk target for a security breach, significantly less than PCs and mobile devices. This underappreciation for the risk that devices such as printers pose can lead to unattended vulnerabilities that cybercriminals are likely to exploit.

Unauthorized users can access these devices through an unsecured wireless connection — allowing anyone to capture privileged data or access the internal network.

Another reason that cybercriminals are targeting endpoint devices is that these devices are constantly being equipped with greater functionality and connectivity. Features such as wireless printing or the ability to connect with additional devices, like tablets, provide greater accessibility and flexibility for workers, but can also create gateways into private networks. As these endpoint devices become evermore interconnected with our networks, protecting them becomes vital.

3 Ways to Defend State and Local Government Data

With the cost of cyberattacks growing quickly, not only in terms of revenue and value of stolen data, but also in terms of credibility, government officials should take all the steps they can to keep data safe. So how do we go about defending government data from endpoint intrusion? There are a few steps that IT teams can take:

1. Protect digital data: It may seem like a no-brainer for companies in the financial services space, but the public sector must be vigilant about password protecting documents and leveraging encryption. This includes the sharing of documents and personal information via email, but extends to encrypting information to and from printers/scanners or multifunction devices for added protection.

2. Centralize device management: One way to take the burden off IT staff regarding security is to centralize device management. Taking advantage of HP's Secure Managed Print Services or Device as a Service - a subscription model for devices - ensures employees have the most up-to-date and secure environments. In this instance, responsibility over adhering to security policies, fleet management, management of confidential information and end-of-life device disposal is managed by a manufacturer or service provider specializing in fleet security to ensure endpoint security is meeting all requirements.

3. Adopt devices with built-in cybersecurity: Deploying devices with security features built in by the manufacturer adds an additional layer of security. Public sector departments should look for technologies such as self-healing properties to ensure devices, from PCs to printers, are as secure as possible. This means going beyond products that advertise bolt-on virus protection, toward those that leverage a layered security approach needed to combat advanced attacks.

That said, following these endpoint security strategies is only part of the broader cybersecurity puzzle. Public institutions should take a new approach to their procurement, vendor selection and IT device deployment protocols, placing security at the center of decision-making. The frequency and scale of cyberattacks will continue to rise, but with more information and a plan to mitigate these risks, the public sector will be better prepared against potential breaches.

 

Cybersecurity-report_Malware_Worms_etc.jpg

Compliance Can Keep Government Endpoints Safe

Keeping practices up to date with cybersecurity policies is also an enormous part of protecting state and local government networks.

According to a report released by Risk Based Security earlier this month, there were more than 7.8 billion data records exposed in 2017 — a 24.2 percent increase from 2016. The vulnerability intelligence service reported that government breaches accounted for 7.2 percent of all breaches, but that number is likely higher since 40 percent of breaches came from organizations/agencies that were not identifiable based on public disclosure data, according to Dark Reading.

One explanation for this could be a lack of compliance, because while more than half of governmental bodies have regulations in place around print security, just over one-third recognize they are completely compliant, according to a survey by the Center for Digital Government.

The good news is that regular employee communication and training around security compliance and related rules can help minimize security risks and move a public sector organization toward full compliance. With that in mind, government officials should have a plan in place to confirm employees are compliant and endpoint devices are part of their broader cybersecurity plan.

zoram/Getty Images
Feb 20 2018