How Utah Gained Visibility into the Devices on Its Networks

State and local government agencies invite cyberattacks upon themselves if they do not know which devices are accessing their networks and cannot control who has access to which services or infrastructure.

Utah wanted to make sure it was not in that position following an internal security assessment made two years ago that showed the Beehive State did not know which devices were connected to its networks. 

In 2018, Utah partnered with cybersecurity software firm Forescout to gain that needed visibility. Forescout recently announced it had created an integrated solution with cloud computing company ServiceNow to deliver an asset intelligence solution for customers, including the state of Utah. The solution is being used to gain visibility into the roughly 60,000 network-connected devices across state agencies that serve 3.1 million inhabitants.

Utah CISO Phil Bates tells StateScoop that the partnership allows him to have insight into every device connected to the state’s networks and has made a “huge” difference in the state’s security management. The agentless solution also is expected to save the state millions of dollars in compliance cost savings. 

VIDEO: These are the cybersecurity threats that keep state CISOs up at night. 

Utah Gains Security and Savings with Device Visibility Solution

Bates says the Forescout solution enables the state to respond to security incidents faster, and automates the security and compliance processes for tens of thousands of state devices. 

“The main benefit is it makes the state more secure,” he says. “The secondary benefit is we’re saving a lot of man hours because we used to do a lot of this manually.”

“The powerful Forescout solution that integrates ServiceNow’s offerings helps the State of Utah eliminate network blind spots and maintain an accurate asset inventory at all times, which is critical to achieving regulatory compliance and minimizing security risk,” Pedro Abreu, chief strategy officer of Forescout, said in a statement. “We believe collaboration across the industry is key and this integrated solution brings together the right ingredients for Utah to orchestrate a successful security management system and as a result, improve its cybersecurity posture, IT efficiencies and overall bottom line.”

Utah has spent nearly $1.2 million on the technology, according to StateScoop. However, according to Forescout, the state’s manual compliance tasks on its large network were projected to cost more than $1 million. With Forescout’s ServiceNow integration, Utah is projected to save millions of dollars resulting from faster audits by automating real-time asset management, compliance remediation and incident response workflows, according to Forescout. 

The software’s user interface gives state IT security staff a list of all devices connected to the state’s network, which can be sorted by device type, software version, malware signature and other filters, Bates tells StateScoop. If malware is detected on a device, software can disconnect it from the network within one minute and then to search for other devices with the same infection.

Such processes in the past could take up to four or five hours since staff only had an IP address to go by. They would then need to work with the state’s network operation center, which would then try to locate the device before it could be disconnected. “That is especially true if I have wireless devices moving from building to building,” Bates says.

The tool is also saving the state time and money on managing security compliance. That is because, StateScoop reports, every device registered in the state’s inventory is deemed compliant before it is allowed online. Utah can also largely automate device patching and updating. “Now we have a really good inventory, because if you’re not in that system, you’re not in our network,” Bates says.

Additional anticipated benefits from the Forescout and ServiceNow technology integration include a reliable single-source-of-truth repository that increases asset compliance and cybersecurity effectiveness. The companies also say Utah will now have real-time monitoring and rich contextual asset intelligence across its campus, data center, cloud, Internet of Things and operational technology environments.