Local Governments Streamline Remote Access With SASE

How Does SASE Help Local Governments?

Sood says traditional, hardware-based approaches present challenges.

“There is the physical layer — the cooling, the power that’s required for it,” he says. “And if there’s an issue with the hardware, it requires an onsite presence. There is potential downtime there.”

With police, human services and other city agencies needing 24/7 access to systems, “ensuring that the environment and solutions stay up consistently and in a reliable manner is very important to us,” he said.

Prior to SASE, “we had multiple remote access solutions, and we wanted to consolidate these different platforms into one,” Sood says. The city needed an approach “that allows all of our various departments to use one centrally managed solution that has real-time monitoring and analytics and still allows us to implement data protection policies.”

With that in mind, the IT team sought out “an agile solution that would allow us to provide a modern, cloud-native approach to securing and streamlining our hybrid workforce,” Sood says.

“Zscaler allowed us to shift from a traditional, hardware-based security model to a direct-to-cloud connection. That helped reduce latency. It significantly simplified network infrastructure and also our ability to monitor and protect user activity,” he says.

“From an administration standpoint, the efficiencies we’ve been able to gain with our new solution — it’s dramatic,” he says. Service desk call volume has dropped significantly, “and the administration required on the infrastructure side has dramatically improved.”

With the city’s previous remote-access solution, “we were supporting close to 50 Windows servers. With our new platform, it’s a fraction of that,” he says. “Those additional servers that were in our previous environment required maintaining, patching, updating applications. Now we can shift a lot of that time into other areas, and use that time to continuously improve the things that we’ve put into place with Zscaler.”

How Can Local Governments Manage Secure Access With SASE?

Monroe County, Ga., CIO Boyd Elrod points to the complexities of managing access in the public sector.

“We must have secure access, and we are subject to state and federal codes that mandate things like encryption, different levels of multifactor authentication. We have retention and transparency policies to adhere to,” he says. “We also have workers in various geographic locations. They bring different devices to the table.”

With traditional approaches, “if you wanted to provide secure remote access, you’d usually have to cobble together a solution that requires multiple vendors, different security appliances, different VPN clients, different ISPs,” he says. “All of these things are more links in the chain to break — to be compromised.”

The county IT team leverages Prisma SASE from Palo Alto Networks and is exploring other modernized solutions as well. With SASE, “you have a single pane of glass. It gives you centralized administration, centralized control monitoring and reporting. The standardization that comes along with that saves staff hours, and it gives you a realistic recovery time objective if something’s wrong,” Elrod says.

SASE handles “all the facets of making the endpoint talk to the edge, and from there to a cloud service. It’s a Swiss Army knife for network engineers and other people who are responsible for getting that end user to the resources they need,” he says.

RELATED: State governments automate user privileges to assist with identity management and access.

How Does SASE Support Remote Access for the Public Sector?

In state and local government, remote access is a foremost concern. Many IT teams are supporting a hybrid workforce, and some agencies by definition need to connect from offsite locations.

“We have some people who can work remotely, and of course on our public safety side that’s the only place they work — in their patrol cars or EMS vehicles or ambulances,” Elrod said. For these users, “SASE gives them that secure pipe, it secures the endpoint, it gives them that avenue to connect.”

For IT, it’s easier to support those remote users with SASE. The technologists can focus on operating a single, integrated solution, he says, “instead of having to manage so many different systems just to get one employee connected.”

In Alexandria, SASE is a natural fit for supporting remote access, says Deputy CIO Ryon Saenz: “Zscaler natively compliments having internet access.”

“The old solutions usually required an appliance or something for VPN or remote access,” he says. “This removes that middleman: We use the actual internet that people have access through — whether they are home, mobile or in the office — to set up web application-based policies for their access.”

This approach simplifies the management of remote access and elevates the overall level of security.

“We’re a zero-trust model, which is very important to us — to look at everything from a security-first standpoint,” Sood says. “With Zscaler, we’re able to now proactively address issues from our various departments that we help support.”

Click the banner below to sign up for the StateTech newsletter for weekly updates.

How Does Artificial Intelligence Support SASE Solutions?

Sood points to the SASE solution’s inherent artificial intelligence and machine learning capabilities as a boon to overall security. With AI and ML, “we’re able to address some of these issues before they’re even reported or noticed by the end-user community,” he says. “That built-in AI and machine learning has really been instrumental in supporting our hybrid workforce.”

Experts say it makes sense for state and local governments to explore the potential of SASE.

“State agencies facing budget constraints might appreciate SASE’s potential cost efficiency through reduced hardware investments and the ability to scale security services based on actual needs,” says IEEE Senior Member Kayne McGladrey.

Especially for agencies with offices across multiple locations, he says, SASE can help to ensure “more consistent access to cloud resources while maintaining the security standards required for government operations.”