StateTech - Technology Solutions That Drive Government en Secret Weapons Against Public-Sector Cyberattacks: Education and Training <span>Secret Weapons Against Public-Sector Cyberattacks: Education and Training</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Fri, 05/25/2018 - 10:34</span> <div><p>It’s no secret that cybersecurity is top of mind for public-sector CIOs, particularly with the public’s personal data at risk.</p> <p>While technology is an important tool in combatting cyberthreats, <a href="">firewalls </a><a href="">and</a><a href=""> strategies like </a><a href="">microsegmentation</a> are only half the battle when it comes to preventing breaches and minimizing their impact.</p> <p>“As much as you want to put firewalls in place and every other security policy in place,<strong> a human is still going to be your weakest point into your network</strong>,” said Valecia Stocchetti, CERT manager at the Multi-State Information Sharing and Analysis Center (MS-ISAC), speaking at the <a href="">Public Technology Institute</a>’s <a href="" target="_blank">National Symposium on Cybersecurity &amp; Local Government</a> in Washington, D.C., on May 23.</p> <p>She notes that staff that aren’t trained on phishing attacks can take down even the most sophisticated systems.</p> <p>“One of the things that people don’t realize is that [a nasty malware infection] is just caused by a click of a button, and that’s it, one person and then one other weak security policy in place, where they don’t have SMB blocked from workstation to workstation, and then <strong>it’s a recipe for disaster</strong>.”</p> <p>Even beyond regular staff, however, Stocchetti says that executives are often reluctant to shut down their network, which is usually necessary to prevent a spread of the infection.</p> <p>“No one wants to pull the plug on their network and no one wants to be down for more than a few hours, but if you don’t do it right away you could be facing even more problems in the future,” Stocchetti added.</p> <p><a href="" target="_blank"><strong>SIGN UP</strong>: Get more news from the <em>StateTech</em> newsletter in your inbox every two weeks</a></p> <h2 id="toc_0">Constant Training Combats Human Error</h2> <p>How can agencies and departments work to inoculate themselves against viruses or shut down these cyberattacks before they spread to catastrophic levels?</p> <p>“<strong>Education and training is a big part of it</strong>,” says Stocchetti.</p> <p>This can include implementing internal phishing exercises that can help IT teams identify which staff might be vulnerable to phishing emails and to then educate these staff members on what an attack might look like and how to avoid it. Governments in Kansas City and Westland, Mich., have <a href="">implemented phishing exercises like these to prepare employees for possible scams</a>.</p> <p>Stocchetti herself has fallen victim to an internal phishing exercise, noting that it can happen to even the most tech-savvy employees, and so government agencies should be prepared and keep education and training constant.</p> <p>“As much as you can invest all those resources, <strong>we’re still human</strong>, we still have emotions, we still have our own brain and you can’t … control that, and that’s the scariest part,” said Stocchetti.</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/juliet-van-wagenen"><img src="/sites/" width="58" height="58" alt="Juliet Van Wagenen" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/juliet-van-wagenen"> <div>Juliet Van Wagenen</div> </a> </div> <div class="author-bio"> <p> <div><p>Juliet is the senior web editor for <em>StateTech</em> and <em>HealthTech</em> magazines. In her six years as a journalist she has covered everything from aerospace to indie music reviews — but she is unfailingly partial to covering technology.</p> </div> </p> </div> </div> </div> </div> Fri, 25 May 2018 14:34:15 +0000 juliet.vanwagenen_22746 40876 at Cloud Security Concerns in the Public Sector and How to Tackle Them <span>Cloud Security Concerns in the Public Sector and How to Tackle Them</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Thu, 05/24/2018 - 12:46</span> <div><p>The cloud, these days, is everywhere. Particularly, acceptance of the cloud has grown by leaps and bounds among state and local governments, as many, <a href="">such as Arizona</a>, turn to cloud-first policies or hybrid cloud adoptions in an effort to snag the cost and agility benefits the technology affords.</p> <p>“We live in a cloud-first world,” said Joey Muniz, security solutions architect at Cisco, speaking at the <a href="" target="_blank">Public Technology Institute</a>’s <a href="" target="_blank">National Symposium on Cybersecurity &amp; Local Government</a> in Washington, D.C., on May 23. “But what people typically don’t understand is cloud security.”</p> <p>Cloud security concerns may still be holding many governments back from adopting the technology, and for those who have already moved to the cloud, what it means for cybersecurity may not be clear.</p> <p>The confusion stems from the multifaceted nature of the cloud and how data can be stored — and made vulnerable — at each stage.</p> <p>When it comes to standing up a firm cloud security posture, understanding and a dialogue around the possible vulnerabilities is key.</p> <p>“People start to throw technology right away at the problems,” said Muniz. And although technology is important in keeping data safe and segmented, the threat landscape is constantly shifting. “<strong>It’s not necessarily about capabilities</strong>. If you’re hoping I’m going to pull out of my pocket the cloud security products, it’s not necessarily about that. It’s about understanding [how data gets] to and from the cloud, as well as all the services within there.”</p> <p>So, how can CISOs stay on top of cloud security? The first step is to understand how it works and where vulnerabilities may rear their heads. Muniz earmarked two aspects, in particular: how data goes <em>to</em> the cloud and how data is protected <em>within</em> the cloud.</p> <p><a href="" target="_blank"><strong>SIGN UP</strong>: Get more news from the <em>StateTech</em> newsletter in your inbox every two weeks</a></p> <h2 id="toc_0">Securing Public-Sector Data that Goes to the Cloud</h2> <p>Data going to the cloud encompasses any data that goes to applications that store data in the cloud, such as Salesforce or Dropbox, whose servers are managed by the company that owns them and not by the government organization that owns the data.</p> <p>Concerns with such services include <strong>stolen or hacked </strong><strong>accounts,</strong><strong> lost data or even sensitive data being foisted into a personal Dropbox account</strong> and leaving the organization’s security perimeter, all of which could expose sensitive data.</p> <p>These security concerns are heightened by simple applications that access more data and personal information than necessary, often because the developers or companies building the applications simply aren’t thinking about this security threat.</p> <p>To better understand which applications employees are actually using, and where sensitive data might be lurking outside an agency’s security perimeter, Muniz recommends a <strong>Controlled Access Secure Broker</strong>. A CASB can provide reverse token assessments that offer governments a window into where employees are storing data and which applications they are really using.</p> <p>Another option is an application-layer firewall, which offers agencies visibility into which applications are being used. “A CASB or next-gen tech firewall are things you should start thinking about to get a <strong>grasp on what devices are actually phoning out to the cloud</strong> so you can start to implement security to the cloud,” said Muniz.</p> <h2 id="toc_1">Securing Public-Sector Data that Lives Within the Cloud</h2> <p>Data stored within the cloud, is, essentially, “having a data center virtually inside the cloud,” Muniz explains, pointing to something like <a href="" target="_blank">Microsoft Azure</a>. “That’s different [than sending data to the cloud] because now you actually have control of what’s in the cloud.”</p> <p>This can open up the data for vulnerabilities when this data needs to communicate with on-premises data.</p> <p>The good news, however, is that many of the same rules apply to securing data within the cloud as to securing data within any network. And the first step is not to focus only on keeping attacks outside the perimeter, but to assume that, eventually, an attack will penetrate the system, and that new attacks will constantly be just outside the perimeter.</p> <p>“The reality is that the attackers are constantly changing the way they attack to get around the defenses,” said Muniz. Eventually, it’s more than likely that an attacker will find their way into your network. The best defense, then, is to plan for when a cyberattack happens.</p> <p>“<strong>Start with assuming you’ve been owned</strong>,” said Muniz.</p> <p>This means preparing appropriately: Equip with the correct visibility and breach detection software, and <strong>don’t focus all investments on securing the perimeter</strong>. Take steps to segment servers in the cloud based on least privilege so, at the very least, only one segment on a network is compromised. Put together an actionable and frequently updated incident response plan.</p> <h2 id="toc_2">Cloud Security Best Practice Is to Constantly Evolve</h2> <p>But the reality of cloud security — and all public-sector cybersecurity — is that government IT teams need to be always on the lookout for new best practices and software to <a href="">combat ever-evolving </a><a href="">cyberthreats</a>.</p> <p>“<strong>It is a cat-and-mouse game</strong>,” says Muniz, noting that any advice he offers now will likely be obsolete in six months as threats evolve. “Security is a journey; it’s not a destination. You don’t become secure; you maintain security. Best practice is going to be to change the mindset.”</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/juliet-van-wagenen"><img src="/sites/" width="58" height="58" alt="Juliet Van Wagenen" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/juliet-van-wagenen"> <div>Juliet Van Wagenen</div> </a> </div> <div class="author-bio"> <p> <div><p>Juliet is the senior web editor for <em>StateTech</em> and <em>HealthTech</em> magazines. In her six years as a journalist she has covered everything from aerospace to indie music reviews — but she is unfailingly partial to covering technology.</p> </div> </p> </div> </div> </div> </div> Thu, 24 May 2018 16:46:58 +0000 juliet.vanwagenen_22746 40871 at Cities Could Make Desktop Phones a Thing of the Past <span>Cities Could Make Desktop Phones a Thing of the Past</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Wed, 05/23/2018 - 11:00</span> <div><p>It’s no secret that desk phones, like payphones, are going the way of the dinosaur. In fact, <a href="" target="_blank">according to research from IDC</a>, <strong>75 percent of the U.S. workforce will be mobile by 2020</strong>.</p> <p>To cut costs and align workflow with actual staff usage, some city governments are considering ditching the desktop phone for good and instead investing in more reliable and robust broadband infrastructure to support the use of more mobile technologies.</p> <p><a href="" target="_blank"><strong>SIGN UP</strong>: Get more news from the <em>StateTech</em> newsletter in your inbox every two weeks</a></p> <h2 id="toc_0">Palo Alto Replaces Desktops with Smartphones</h2> <p>In the tech-forward city of Palo Alto, Calif., for example, the city government recently launched a pilot that swaps desktops for smartphones that can route calls and chats through a laptop, <a href="" target="_blank">StateScoop reports</a>. The pilot aims to mimic the culture of Silicon Valley businesses — and employees’ personal lives — where the move to smartphones is nearly ubiquitous, Palo Alto Chief Information Officer Jonathan Reichental recently told the source.</p> <p>“You have this question that if you are a mid-sized or large organization in a city — is it worth continuing to maintain or invest in an infrastructure that less and less people use and where there are preferred alternatives?” Reichental said.</p> <p>The move is also poised to help the city government attract millennial talent as the Silver Tsunami approaches and enticing younger employees to the public sector becomes increasingly urgent. However, the cultural shift for older employees could prove to be a major issue.</p> <p>“There is still a big piece of corporate culture, and organizational culture that needs to change,” Reichental told the site. “I think somebody who has spent most of their career with a desktop phone will struggle with just with the idea of not having them, let alone the implementation of transition away from them. I think you’d see intense pushback if this transition were to happen all at once.”</p> <p>Still, the cost benefit alone could make the pilot project — which still has no official launch date or timeline — worth the effort.</p> <p>“<strong>We incur </strong><strong>significant</strong><strong> cost because of these phones</strong>, and the analysis is beginning to show that they are an unnecessary infrastructure in the medium to long term,” Reichental said.</p> <h2 id="toc_1">Mentor, Ohio Trims the Budget with the Move Away from PBX</h2> <p>Perhaps less extreme than the move to smartphones is <a href="" target="_blank">Mentor, Ohio</a>, which recently updated to a modern collaboration system from <a href="" target="_blank">Cisco Systems</a> that supports far more than person-to-person calls when it learned that its outdated PBX phone system was costing the city hundreds of thousands of dollars each year.</p> <p>“We were being billed for services to a building that had been torn down and turned into a parking lot,” Ali Seyhan, the city’s chief technology officer, <a href="">told <em>StateTech</em> in an earlier interview</a>.</p> <p>Seyhan estimates the upgrade will save the city government <strong>$1 million over the next five years</strong> — or $37,000 in monthly expenses — by creating greater transparency into their phone usage and eliminating obsolete phone charges, including those from employees that had long ago left the city and still had phone lines in their name.</p> <p>“I would almost guarantee that every municipality and state have similar issues,” Seyhan says. “People quit or retire, and information about phone services does not get communicated because detailed documentation is not in place.”</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/juliet-van-wagenen"><img src="/sites/" width="58" height="58" alt="Juliet Van Wagenen" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/juliet-van-wagenen"> <div>Juliet Van Wagenen</div> </a> </div> <div class="author-bio"> <p> <div><p>Juliet is the senior web editor for <em>StateTech</em> and <em>HealthTech</em> magazines. In her six years as a journalist she has covered everything from aerospace to indie music reviews — but she is unfailingly partial to covering technology.</p> </div> </p> </div> </div> </div> </div> Wed, 23 May 2018 15:00:23 +0000 juliet.vanwagenen_22746 40866 at 3 Ways Managed Print Services Can Improve State and Local Agency Operations <span>3 Ways Managed Print Services Can Improve State and Local Agency Operations</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Tue, 05/22/2018 - 10:16</span> <div><p>As with any other technology tool, printers, copiers and multifunction devices should make life, and work, easier for government agencies who already have a lot on their plates. But within too many agencies, printing is a source of stress and confusion. Ink and toner levels run low, wasted paper and electricity costs stack up, and each department often buys its own equipment — frustrating users and tying up the time of IT staffers as they attempt to troubleshoot dozens of different devices.</p> <p>At many government agencies, print exists in a sort of limbo between IT and operational departments. And because no single department “owns” the technology, it frequently sprawls throughout departments, creating <strong>management headaches and inefficiencies</strong>.</p> <p>That’s why many government agencies are turning to <strong>managed print services</strong> (MPS) providers. The term “MPS” encompasses a broad range of services offered by partners and vendors, from simplifying ink and toner ordering to the rigorous redesign and ongoing management of an organization’s entire print environment. In an effective MPS engagement, organizations can save both time and money, while also shoring up security vulnerabilities.</p> <p>“It’s something that can be <strong>offloaded from the IT manager’s plate</strong>,” says Kimberly Moffett, a program manager for managed print services at CDW. “It helps them control their costs, and it helps them streamline and automate their business processes. An MPS provider can tell you what’s overutilized and what’s underutilized. It makes things more efficient, and it frees up time for IT teams to work on more strategic projects.”</p> <h2 id="toc_0">1. MPS Simplifies Agencies' Printer Woes</h2> <p>Brian Healy, senior manager of managed print services for <a href="" target="_blank">Brother</a>, says that every MPS engagement should begin with a discussion about the agency’s goals for the program, followed by a robust assessment of the existing environment. Almost invariably, Healy says, MPS providers find that they’re able to consolidate printing to fewer machines and reduce the overall use of ink, toner and paper. “If it’s a previously unmanaged environment, you’re almost <strong>guaranteed to reduce costs</strong>,” he says.</p> <p>Many government agencies can see substantial cost benefits even from simple engagements, such as <a href="" target="_blank">CDW’s Printer Supplies Program</a>, a no-cost, no-contract program that gives users discounts and free shipping on print consumables across all manufacturers. The program also gives agencies the option to install software that will trigger alerts when supplies run low, and can even <strong>automate ordering</strong>.</p> <p>“It’s offering the customer a solution that fits their needs,” says Alison Hill, supervisor for managed print services at CDW. “If a company just wants free shipping, that’s fine. But if they want to be more hands-off and not have to worry about ordering, we can bump them up to those levels, too.”</p> <p>Enrollment in the program, Hill says, has <strong>increased tenfold over the past three years</strong> and can be a huge time and resource saver for paper-heavy agencies.</p> <h2 id="toc_1">2. Print Services Help States Get Sustainable</h2> <p>While many agencies first look to MPS providers as a way of reducing the total cost of ownership of their print environments, the potential business benefits go far deeper.</p> <p>“It’s not all about restricting printing,” says Valerie Alde-Hayman, an analyst with <a href="" target="_blank">Gap Intelligence</a>. “The true savings aren’t just about pages. They’re about <strong>automated workflows and saving time</strong>.”</p> <p>For example, Alde-Hayman says, an MPS partner can help agencies and departments automate processes, such as billing, that previously required employees to spend large amounts of time manually scanning and copying.</p> <p>“If you can put workflows in place that<strong> reduce those man-hours and prevent errors</strong>, you’re saving money and you’re saving time,” she says. “It’s those simple manual processes that organizations don’t think about – or maybe they don’t even know there’s an automated workflow.”</p> <p>A more streamlined print environment, with fewer total devices and device types, can also improve productivity. MPS providers minimize costly downtime for printers and copiers. Further, employees are likely to become more familiar with print tools (and encounter fewer problems that require troubleshooting help) when they work with a smaller number of products. When the start of a meeting is delayed because a printer is low on toner or an employee is struggling with an unreliable copier, an agency can lose productive minutes from dozens of employees.</p> <p>Additionally, Healy says, reductions in paper and toner usage can help local governments to meet their goals for <strong>sustainability</strong>, which is a growing area of concern for many states, counties and cities.</p> <p>“It’s <strong>reducing print, reducing electricity consumption</strong>, even increasing the yield of toner — all of that goes to sustainability,” he says. “If you’re going from 200 print devices to 100 devices, you’re going to be reducing energy consumption.”</p> <h2 id="toc_2">3. Prioritize Printer Endpoint Security</h2> <p>Historically, printers, copiers and scanners have been largely ignored in many agencies’ cybersecurity strategies. That’s beginning to change, however, as security professionals become more aware of the potential damage that might result from an attack on a device — or even from sensitive information thoughtlessly left in a printer tray.</p> <p>By monitoring device health, pushing out updates and patches, and implementing security and control measures, an MPS partner can <a href="">help governments improve their overall security posture</a>.</p> <p>“In a typical unmanaged environment, <strong>users can gain access</strong> not only to the devices themselves, but to features within those devices that should be reserved for departments like human resources or finance,” Healy says.</p> <p>Print security is an “evolving theme” that many print vendors and MPS partners are now becoming increasingly aware of, Alde-Hayman says. “There’s a very wide range of vulnerabilities, from ‘I left confidential information on an output tray, and now everyone knows what my boss earns’, to a full-on data hack that originates in a printer,” she says.</p> <p>“By having MPS in place, organizations can often <strong>prevent or identify potential breaches</strong>,” Alde-Hayman adds. “A partner can offer print security, or at least bring an awareness of it to the organization.”</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/statetech-staff"> <div>StateTech Staff</div> </a> </div> <div class="author-bio"> <p></p> </div> </div> </div> </div> Tue, 22 May 2018 14:16:43 +0000 juliet.vanwagenen_22746 40861 at Cities and Counties Turn to Machine Learning to Bolster Cybersecurity <span>Cities and Counties Turn to Machine Learning to Bolster Cybersecurity</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Mon, 05/21/2018 - 11:40</span> <div><p>In late 2017, a government employee in Livingston County, Mich., plugged a personal laptop into the workplace server — inadvertently exposing the network to malware.</p> <p>“We had <strong>9,000 attacks within a few minute</strong>s from this computer,” says Rich Malewicz, CIO and security officer for <a href="" target="_blank">Livingston County</a>.</p> <p>The county detected the attack and stopped it quickly using a program called Darktrace, which uses artificial intelligence (AI) and machine learning to provide <strong>real-time alerts about abnormal activity</strong> on the network.</p> <p>“No device on the network detected [the attack] except for Darktrace,” he says.</p> <p>More local and state governments are <a href="">eyeing AI and machine learning as tools to help combat </a><a href="">cyberattacks</a>, in part because hackers themselves have adopted the technology.</p> <p>“Other local governments should use AI and machine learning because it’s being used against them,” Malewicz says. “Traditional security controls are not sufficient to fight artificial intelligence and machine learning attacks.”</p> <p><a href="" target="_blank"><strong>SIGN UP</strong>: Get more news from the <em>StateTech</em> newsletter in your inbox every two weeks</a></p> <h2 id="toc_0">Machine Learning Tools Provide an Adaptable Defense</h2> <p>A Public Technology Institute survey, “<a href="" target="_blank">The State of City-County IT, 2017</a>,” finds that AI and machine learning are among the emerging IT areas government leaders expect to be most impactful in the next<strong> three to five years</strong> — behind only the Internet of Things.</p> <p>A <a href="" target="_blank">recent report from Deloitte Insights</a> states, “Machine learning could be vital to fraud detection and cybersecurity.”</p> <p>“A learning system that can respond to ever-changing threats in an unpredictable way may be the best defense against adversaries, whether rogue states or cybercriminals. Such a system should be able to learn from its own experience as well as external information,” according to the report, “AI-Augmented Government.”</p> <p>New York City’s cybersecurity team recognizes the importance of AI in cybersecurity. In 2017, Mayor Bill de Blasio created <a href="" target="_blank">New York City Cyber Command</a> to centralize the city’s cybersecurity efforts. NYC CISO Geoffrey Brown soon hired Quiessence Phillips as deputy CISO for threat management. She leads a security team at the city’s network operations center located in a hub in Brooklyn.</p> <p>“Machine learning has many applications — for security teams, its most notable use is <strong>incorporating supervised and/or unsupervised learning into detection mechanisms</strong>,” says Phillips.</p> <p>“This allows for large-scale behavioral detection, specific to one's network,” she adds. “Many vendors are providing a form of machine learning within their products to provide this; however, internal teams can also advance this area by actively ‘teaching’ the platform to hone the detection of anomalies, analyze malware and streamline threat intelligence frameworks.”</p> <h2 id="toc_1">New and Emerging Threats Create an Evolving Landscape</h2> <p>Michael Lee Sherwood, Las Vegas director of information technologies, agrees machine learning is vital to protecting his city from cyberthreats. When Sherwood first joined the City of Las Vegas, one of his first purchases was the Darktrace platform.</p> <p>“<strong>The threat landscape is constantly evolving and changing</strong>,” he says. “We needed [a tool] that evolved as the landscape evolved. The only way to do that is to have tools that are able to adapt and are able to proactively know what the new threats are going to be.”</p> <p>The Las Vegas information security team consists of three full-time employees and one intern. Tapping AI and machine learning is like having another two additional, full-time staff members who are monitoring the system 24/7, Sherwood says.</p> <p>“<strong>There are not enough humans</strong> to hire that you could afford to do all the work,” Sherwood says. “You’re going to have to start entrusting machines to assist.”</p> <p>That means having the right tools and embracing the technology, he says.</p> <p>“There is no way you’ll be able to keep up in a municipal space unless you start at least investigating some of these technologies,” Sherwood says. “<strong>AI and machine learning is the way of the future</strong>.”</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/erin-cunningham"> <div>Erin Cunningham</div> </a> </div> <div class="author-bio"> <p> <div><p>Erin Cunningham is a writer and editor based in Maryland with experience writing about state and local government, education, technology and more.</p> </div> </p> </div> </div> </div> </div> Mon, 21 May 2018 15:40:41 +0000 juliet.vanwagenen_22746 40856 at Public Transit Wi-Fi Fuels Larger Smart City Build-Outs <span>Public Transit Wi-Fi Fuels Larger Smart City Build-Outs</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Thu, 05/17/2018 - 16:19</span> <div><p>Odds are, your city’s buses, subways and trains are already outfitted with Wi-Fi. In fact, with <a href="" target="_blank">nearly 80 percent of Americans carrying smartphones</a>, transit districts such as the <a href="">Chicago Metra, the Minnesota Valley Transit Authority</a>, Massachusetts Bay Transportation Authority, <a href="" target="_blank">Des Moines Area Regional Transit Authority</a> and more have workable high-speed wireless connectivity up and running for their riders.</p> <p>But mass transit Wi-Fi isn’t just about surfing the web. “Connected transportation is <strong>much more than simply adding Wi-Fi to buses or subway stations</strong>,” <a href="">Cisco</a>’s Michelle Maggiore wrote in a <a href="">recent column for<em> StateTech</em></a>. “It is a necessary step to adding safety and efficiency to citizens’ travels through a city.”</p> <p>And, in fact, many cities now outfitted with Wi-Fi solutions are using the capability as a <strong>springboard for larger initiatives</strong> that can <a href="">improve the rider experience</a>, make streets safer through <a href="">intelligent transportation solutions</a> and even lay the groundwork for smart city build-outs.</p> <p><a href="" target="_blank"><strong>SIGN UP</strong>: Get more news from the <em>StateTech</em> newsletter in your inbox every two weeks</a></p> <h2 id="toc_0">New York Taps Wi-Fi to Expand Tracking Capabilities</h2> <p>New York City’s Metropolitan Transportation Authority, for instance, launched a project with Transit Wireless in 2011 to outfit all 278 underground subway stations with Wi-Fi. In tandem with the rollout, which was completed in <a href="" target="_blank">January 2017</a>, the MTA also wanted to provide riders with the ability to access train arrival information in the station.</p> <p>Building off of the growing Wi-Fi infrastructure, the MTA worked with Piper Networks to implement proximity beacon technology that tracks the location of each subway train, a <a href="" target="_blank">blog post from Piper Networks</a> notes.</p> <p>How does the Internet of Things solution work? The blog post explains:</p> <blockquote><p>The IoT solution works by installing four high-performance BLE (Bluetooth Low-Energy) beacon transmitters on the first and last cars of each New York City subway train. As the trains pass through the stations, Piper’s receivers placed within Transit Wireless Wi-Fi access points at either end of the station, pick up the signal and forward the data securely to MTA’s servers. There, the data points are calculated and shared with MTA’s iTrack location software to pinpoint train location and trigger the arrival information displayed on the LCD screens in the stations.</p> </blockquote> <p>Over the next few years, the MTA will work to expand the capability to all <strong>269 lettered-line subway stations</strong> and for all <strong>3,600 buses</strong>, ultimately offering a better rider experience throughout the city.</p> <p>“With this new and updated technology, we’ll help ensure riders have the information they need to get where they need to go,” New York Governor Andrew Cuomo <a href="" target="_blank">said in a statement in 2016</a>.</p> <h2 id="toc_1">KC Streetcar Lays the Groundwork for Smart Growth</h2> <p>Kansas City is building a “smart city corridor” that ultimately aims to improve the lives of residents through technology. To launch and test many of these capabilities, the city is calling on its KC Streetcar service to <a href="">act as a “smart city laboratory”</a> and jump-start much of the digital infrastructure necessary to foster economic growth and reverse population decline downtown.</p> <p>The city has installed <strong>Wi-Fi hubs, sensors and other technology</strong> along the <strong>2-mile-long route</strong> of the streetcar, as well as powerful fiber underneath the tracks. It is using that connectivity to bring high-speed internet to businesses and residents downtown, as well as collect data from <strong>54 blocks worth of sensors</strong> that inform city services. The sensor data is pooled into a cloud service that is used to inform everything from pothole prediction to crime and economic analysis.</p> <p>“All of this was about demonstrating the possibilities of what public transportation can be, how we can leverage transit investment, and how we could create an experience that was bigger than just the transportation service itself,” Tom Gerend, executive director of the <a href="" target="_blank">Kansas City Streetcar Authority</a>, <a href="">told <em>StateTech</em></a>.</p> <p>The initiative is expected to pay off in spades, representing<strong> $2.2 billion</strong> in economic growth <strong>over the next five years</strong>, officials predict.</p> <p>And, indeed, the more that transit authorities think tactically about what they want to achieve with their mass transit connectivity, the more ROI they’ll see and the more they will be able to achieve for their city in the long run.</p> <p><em>This article is part of </em>StateTech<em>'s <a href="">CITizen blog series</a>. Please join the discussion on Twitter by using the <a href="">#StateLocalIT</a> hashtag.</em><br />  </p> <p><em><a data-entity-type="" data-entity-uuid="" href=""><img alt="CITizen_blog_cropped_0.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></em></p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/matt-parnofiello"><img src="/sites/" width="58" height="58" alt="Matt Parnofiello" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/matt-parnofiello"> <div>Matt Parnofiello</div> </a> </div> <div class="author-bio"> <p> <div><p>In his role as Senior Business Development Strategist and Senior Public Safety Strategist at CDW•G, Matt Parnofiello manages technology integration projects with public safety agencies from concept to implementation. Working with the CDW•G team, customers, and industry partners he provides agencies with new capabilities and improved safety through digital transformation.</p> </div> </p> </div> </div> </div> </div> Thu, 17 May 2018 20:19:43 +0000 juliet.vanwagenen_22746 40851 at 5 Human-Centric Tips to Make Government IT Projects a Success <span>5 Human-Centric Tips to Make Government IT Projects a Success</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Thu, 05/17/2018 - 10:27</span> <div><p>When launching a new government technology project, it can be easy to get lost in spreadsheets, timelines, demos and buzzwords, but the key to success lies with keeping <strong>relationships at the heart</strong> of the pursuit.</p> <p>“It’s not about the technology. It’s about technology adoption,” said Teri Takai, moderator of the panel “Fostering Strategic Relationships Beyond IT” at the <a href="" target="_blank">Adobe Digital Government Symposium 2018</a> in Washington, D.C., on May 15. Takai, who is currently the executive director for the Center for Digital Government and is the former CIO for the State of California, State of Michigan and the Defense Department, noted that <strong>big IT spend does not equal success</strong>, and often a simpler, more user-centric tool trumps a large but tone-deaf deployment.</p> <p>So how can government CIOs and IT teams go about keeping both constituents and state workers in the eyeline of tech deployments? Experts on the panel proffered these tips to improve everything from adoption to return on investment for IT projects:</p> <p><a href="" target="_blank"><strong>SIGN UP</strong>: Get more news from the <em>StateTech</em> newsletter in your inbox every two weeks</a></p> <h2 id="toc_0">1. Cross-Department Relationships Are King</h2> <p>It’s often been said that stakeholder engagement is the key to success for new IT deployments, but what it takes to attain that stakeholder buy-in often <strong>starts long before the first meeting</strong>.</p> <p>“You have to have working relationships with people before you need them. That’s really important,” said Dean Pfoltzer, a former senior executive at the Defense Department who served in key roles in IT modernization and reform efforts.</p> <p>These relationships are key to not just getting a project off the ground, but also in seeing it through whenever it hits a rough patch, added Pfoltzer.</p> <p>“Sometimes you’re just trying to hold things together, and those relationships are really important because <strong>no project ever goes squeaky clean</strong>. Everything has rocky times. Those relationships sometimes are really important just to be able to sit down and clarify [where things went wrong],” he adds.</p> <p>And when it comes to being a project leader, those relationships may also play a large role in your ability to course-correct when necessary — something that will only strengthen a project as it moves forward.</p> <p>“<strong>Part of the art of being successful is listening</strong>, and not only listening, but acting upon it,” said Pfoltzer. “You build credibility that way because if people feel like you’re listening to them and adjusting, they trust you, and then, when you really need their trust, they still trust you. That’s critical to your success.”</p> <h2 id="toc_1">2. Think About Government IT Modernization Early and Often</h2> <p>IT modernization and digital transformation aren’t “once and done” efforts. In fact, these are constant and ongoing processes that require CIOs and IT teams to stay one step ahead at all times.</p> <p>“If your system is even <strong>five years old</strong>, it’s legacy. It now needs to be modernized again,” said Karen Loquet, deputy audit controller for <a href="" target="_blank">Los Angeles County</a>, who previously worked with LA County’s centralized IT department. She notes that LA County is currently upgrading some systems that are <strong>40 or 50 years old</strong>, but that with a rolling system of auditing IT and thinking about modernization, departments and agencies can stay ahead.</p> <p>“You should already be thinking about how are you going to revamp that, especially with the speed of technology today. The way things are moving so fast, <strong>we have to continue to stay up to speed</strong>,” Loquet added.</p> <h2 id="toc_2">3. Zero In on User-Centric Designs</h2> <p>Not properly understanding what constituents want or need from a system can be catastrophic from both an adoption and cost standpoint.</p> <p>“<strong>It’s really easy to break the bank</strong>,” said Pfoltzer, speaking to the costs of IT deployments.</p> <p>To stay within cost constraints, IT teams need to take the time to <strong>understand what people want, not just what agencies think they want</strong>, which will allow them to work through the most cost-effective way to deliver the most desired outcome.</p> <p>“It should be continuous. It should be something that in the background is always occurring and if you do it right, the customer experience improves and sometimes without them even knowing it,” Pfoltzer added.</p> <h2 id="toc_3">4. Get All Government Staff on Board with New Tech Rollouts</h2> <p>While getting C-suite buy-in is key to getting projects off the ground, <strong>getting staff on board is even more crucial</strong> to getting a new tech deployment to launch — and seeing return on investment.</p> <p>“<strong>Never underestimate the power of the staff</strong>,” urged Pfoltzer. “Their bosses feed their senior leaders. I can talk to their senior leader all day long, but if the staff on their side isn’t convinced, they can change minds better than I can.”</p> <p>On the contrary, getting staff buy-in means they can champion a project to their manager and ensure its success.</p> <p>“Sometimes the best champions are the people in the middle of the work processes…because most of their bosses don’t know IT,” Pfoltzer added. “If they tell their boss, ‘This is way better than what I had,’ that carries much more credibility and that actually helps propel [the project].”</p> <h2 id="toc_4">5. Make Business as Agile as Government IT</h2> <p>The move to more agile IT is all the rage, but if business processes don’t match that willingness to modernize speed and flexibility, it all accounts for naught.</p> <p>“As you’re doing the IT modernization, <strong>your business has to modernize</strong>. That means your business has to be at the table and be willing to keep an open mind to modernize the business process,” said Kumar Rachuri, director of state and local government solutions at Adobe. “If your business process is rigid, set in the old ways of working 50 years ago, it doesn’t matter how many millions of dollars you dump into a modernized system, <strong>you’re not going to get 100 percent benefit from it</strong>.”</p> <p>This requires the business side of the equation to stay engaged with an IT project as it moves through a rollout and adjusts according to new needs. Oftentimes, vendors can play a large role in that.</p> <p>“Vendors and support contractors … have a lot of good information,” said Pfoltzer, adding that keeping vendors engaged can help agencies and departments implement a more continuous approach to modernization. “Technology should be ongoing; it should be a paradigm that it’s always going to change, and if you <strong>build that into your paradigm</strong>, it helps with planning, too.”</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/juliet-van-wagenen"><img src="/sites/" width="58" height="58" alt="Juliet Van Wagenen" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/juliet-van-wagenen"> <div>Juliet Van Wagenen</div> </a> </div> <div class="author-bio"> <p> <div><p>Juliet is the senior web editor for <em>StateTech</em> and <em>HealthTech</em> magazines. In her six years as a journalist she has covered everything from aerospace to indie music reviews — but she is unfailingly partial to covering technology.</p> </div> </p> </div> </div> </div> </div> Thu, 17 May 2018 14:27:19 +0000 juliet.vanwagenen_22746 40846 at Los Angeles County Brings Its Payroll into the Digital Era <span>Los Angeles County Brings Its Payroll into the Digital Era</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Wed, 05/16/2018 - 14:04</span> <div><p>With more than <strong>100,000 employees</strong> on the payroll, Karen Loquet of Los Angeles County knew the government had to do something to reduce the time burden and sheer number of forms that employees were required to fill out and process.</p> <p>“In government, there are many, many forms, and so we looked at trying to improve those forms for our employees,” said Loquet, speaking at the <a href="" target="_blank">Adobe Digital Government Symposium 2018</a> in Washington, D.C., on May 15.</p> <p>So, the deputy audit controller set out to reduce the manual processes associated with payroll and create better, self-service systems for employees.</p> <p>“With an over <strong>$30 billion budget</strong>, there’s a lot of paper flowing through the Los Angeles County … My goal was to get [the county] to move beyond paper.”</p> <p>To do this, Loquet turned to <a href="" target="_blank">Adobe</a>’s Experience Manager Forms to integrate many of its existing platforms and, ultimately, eliminate much of the time that employees were spending filling in and filing payroll paperwork.</p> <p>“We took the AEM platform and we integrated it with our active directory; we integrated it with our [electronic health record] system just to make it easier for the employees who were actually submitting the forms,” said Loquet. “I’m confident that we’re reducing time [for these employees].”</p> <p>As part of its Centers of Excellence program, LA County is also pursuing similar projects that cut down on the manual process burden, often to the tune of hundreds of hours of time savings. An employee direct deposit program, for example, eliminated about <strong>41,000 documents annually</strong> for the county across all <strong>39 departments</strong> in Los Angeles County and the separate payroll departments and clerks that were previously tasked with processing those payments manually.</p> <p>“You’re talking about <strong>$30,000 savings</strong> just to process that direct deposit versus manually,” said Loquet, who mentioned that upgrades to the county’s wire transfer process are next on the roster.</p> <p>Touting the Centers of Excellence, she pushes IT professionals in local governments to ensure they are continuing to innovate in such a way. “As IT professionals, we should be looking at that innovation, making sure that the departments we serve and the different companies we serve, that we’re really being innovative for them,” said Loquet.</p> <p><a href="" target="_blank"><strong>SIGN UP</strong>: Get more news from the <em>StateTech</em> newsletter in your inbox every two weeks!</a></p> <h2 id="toc_0">LA Jumps Cultural, Technical Hurdles on the Road to Self-Service</h2> <p>But it wasn’t all smooth sailing for Loquet as she moved forward to upgrade the IT underlying the self-service payroll experience. Both cultural and technical challenges underscored the undertaking.</p> <p>“For us, we were upgrading to [Adobe AEM version 6.1] at the time and it was a very steep learning curve for my technicians,” said Loquet. To ease the challenges for technicians, Adobe came in and <strong>trained and certified Loquet’s IT staff</strong> on the new version before each employee was able to create AEM forms. “That was a really good process.”</p> <p>Loquet also cautions counties or departments thinking of pursuing a similar change to ensure both IT and business teams understand the requirements from a compliance and user standpoint prior to pursuing a project.</p> <p>“We ran into a couple of challenges because I really believe <strong>the requirements were not understood by both parties</strong> as well as they could have been, and, so, once we got those ironed out, we’re getting great products,” said Loquet.</p> <p>Further, Loquet encountered cultural and management pushback, which she flags as the most difficult part of any technology project. To push through, she recommends approaching both government leaders and IT teams throughout the process to keep everyone on the same page.</p> <p>“You do need that sponsorship from your IT managers, your leaders, your CEOs — you need to make sure you have people who are willing to invest in where you’re going. Then again, you definitely need the technicians on your side as well, so make sure they are squared away with the technology … and they have the tools that they need,” said Loquet. “<strong>The hard part is making sure that people can see the vision</strong> and where you’re wanting to go.”</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/juliet-van-wagenen"><img src="/sites/" width="58" height="58" alt="Juliet Van Wagenen" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/juliet-van-wagenen"> <div>Juliet Van Wagenen</div> </a> </div> <div class="author-bio"> <p> <div><p>Juliet is the senior web editor for <em>StateTech</em> and <em>HealthTech</em> magazines. In her six years as a journalist she has covered everything from aerospace to indie music reviews — but she is unfailingly partial to covering technology.</p> </div> </p> </div> </div> </div> </div> Wed, 16 May 2018 18:04:24 +0000 juliet.vanwagenen_22746 40841 at Harris County Improves Disaster Recovery with Hyperconverged Infrastructure <span>Harris County Improves Disaster Recovery with Hyperconverged Infrastructure</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Mon, 05/14/2018 - 22:57</span> <div><p>Disaster can strike at any time. And for state and local agencies tasked with not just getting themselves back up and running, but also getting the general population back on its feet, having <strong>weeks or months of downtime simply is not an option</strong>.</p> <p>For this reason, a strong disaster recovery plan underscored by supporting IT is a must-have for local governments. This is especially true for those in areas prone to natural disasters, such as Harris County, Texas, which bore the full brunt of Hurricane Harvey and is <a href="" target="_blank">predicting another above-average hurricane season in 2018</a>.</p> <p>Alongside other <a href="">IT upgrades that improved efficiencies and cut costs for Harris County</a>, the county has employed a hyperconverged infrastructure, which gave it an edge during an emergency, when it counted most.</p> <p><a href="" target="_blank"><strong>SIGN UP</strong>: Get more news from the <em>StateTech</em> newsletter in your inbox every two weeks!</a></p> <h2 id="toc_0">HCI Helps Harris County Migrate Data More Quickly</h2> <p>When it upgraded to hyperconverged infrastructure, the <a href="" target="_blank">Harris County District Attorney’s Office</a> improved its disaster recovery.</p> <p><a href="" target="_blank">Dell</a> EMC hyperconverged appliances in the main data center replicate virtual machines and data to a duplicate set of HCI appliances at a backup data center in a colocation facility, says Rurik Wilmot, a senior network and systems administrator for the county.</p> <p>When Hurricane Harvey began flooding downtown Houston and <strong>water climbed to 6 feet</strong> at the Harris County Criminal Justice Center, IT staff quickly moved operations to the secondary data center.</p> <p>HCI appliances were protected because they were on the building’s sixth floor; however, the chillers started to go offline. With hyperconverged systems, the county's IT team was able to migrate data more quickly to backup systems.</p> <p>“We failed over everything from the production site to the disaster recovery site, which was far easier to do with hyperconvergence than with traditional infrastructure,” Wilmot says. “<strong>It’s literally a handful of clicks</strong>.”</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/wylie-wong"><img src="/sites/" width="58" height="58" alt="" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/wylie-wong"> <div>Wylie Wong</div> </a> <a target="_blank" class="twitter" href=";screen_name=WylieWong&amp;tw_p=followbutton&amp;variant=2.0"><span>Twitter</span></a> </div> <div class="author-bio"> <p> <div><p>Wylie Wong is a freelance journalist who specializes in business, technology and sports. He is a regular contributor to the CDW family of technology magazines.</p> </div> </p> </div> </div> </div> </div> Tue, 15 May 2018 02:57:37 +0000 juliet.vanwagenen_22746 40836 at 3 Tips to Secure the Internet of Things for Smart States <span>3 Tips to Secure the Internet of Things for Smart States</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Mon, 05/14/2018 - 10:21</span> <div><p>Thanks to the promise of the Internet of Things and the savings, efficiencies and insights connected devices can deliver governments, all eyes are on smart cities as of late. Many view IoT as the culmination of years of investments in high-speed networks, sensors and analytics that will help bring greater understanding, awareness and insight into all manner of behaviors, including buying, driving and eating habits.</p> <p>Municipalities of all sizes around the world are embracing this digital transformation and have launched smart city initiatives to make service delivery more efficient, <strong>improve quality of life</strong>, develop new sources of revenue, protect the environment, and respond to a changing threat landscape.</p> <p>Cities and towns are deploying a wide array of smart technologies, connected devices, in-vehicle solutions, cameras and sensors within their infrastructure and services to offer efficiencies for a variety of government services, including <a href="">streets and roadways</a>, <a href="">first responders</a>, <a href="">power and water systems</a>, <a href="">garbage collection</a>, <a href="">snow removal</a> and <a href="">social services</a>.</p> <p>But alongside streamlining operations, <strong>IoT has maximized the </strong><strong>cyberattack</strong><strong> surface</strong>. Unlike traditional IT devices, such as PCs, <strong>IoT devices often do not have anti-malware programs built in</strong>. Instead, they often have default passwords, open hardware and software ports, no support for encryption and the inability to update firmware. These vulnerabilities in IoT devices are evidenced in recent attacks, such as how <a href="" target="_blank">hackers were able to take over various surveillance cameras in Washington D.C.</a>, just prior to last year’s presidential inauguration.</p> <p>While cities have been receiving most of the attention in regard to their efforts to take advantage of the IoT, looking at the state level is equally important. The <a href="">potential IoT opportunity for states</a> is even larger for states, but government IT leaders should be wary of the increased security risks that going smart brings. So how can states stay safe? Here are <strong>three tips for states looking to secure IoT tech</strong>:</p> <p><a href="" target="_blank"><strong>SIGN UP</strong>: Get more news from the <em>StateTech</em> newsletter in your inbox every two weeks</a></p> <h2 id="toc_0">1. States Should Not Treat IoT Security as an Afterthought</h2> <p>Many states fall victim to chasing technology, often looking to security as an afterthought, which can lead to unforeseen vulnerabilities after states have already made IoT investments. Instead, government leaders and IT teams should treat network security as a foundational consideration from the inception of the planning process.</p> <p>Moreover, a state’s IT department that hasn’t already prioritized modernizing its infrastructure and evaluating security solutions is even farther behind on IoT than it may realize. Similarly, those IT teams currently undertaking infrastructure and security initiatives should plan with future IoT initiatives in mind; failure to do so could quickly render newly adopted infrastructure and security solutions obsolete.</p> <h2 id="toc_1">2. State Security Leaders Should Seek Outside IoT Expertise</h2> <p>Many state organizations prepare to implement IoT on their own, designing their own network architecture to support IoT. In fact, many prefer to manage their own IoT device security and are comfortable building their own in-house IoT solutions. While the initiative and innovation is admirable, it may be helpful to <strong>bring in outside IoT expertise to evaluate and mitigate potential risks</strong> to operations and, by extension, to internal business clients and customers.</p> <p>Organizations that implement, house and manage IoT on their own will have their hands full when it comes to securing IoT deployments. If done incorrectly, they risk exposing their core networks to security threats, such as the recent <a href="" target="_blank">Reaper and Mirai botnet attacks</a> that infected <strong>2 million IoT devices in one month</strong>, including internet-connected webcams, security cameras and digital video recorders (DVRs). IT departments are able to deploy anti-malware clients on their computers, but these solutions don’t yet exist for IoT devices.</p> <p>One way to mitigate the risk associated with an IoT implementation is to use a combination of software-defined networking and software-defined perimeter technologies to reduce the attack surface. These approaches allow IT departments to leverage existing physical networks with overlay private networks that hide IoT devices from the outside world and isolate the devices from other enterprise resources.</p> <h2 id="toc_2">3. Separate State Networks to Avoid Intrusion</h2> <p>Another approach that states can use is to create physically separate networks using <strong>4G-LTE dedicated to IoT devices</strong>. With this approach, if a hacker is able to compromise the IoT devices, they are unable to conduct a “pivot attack” to other enterprise assets, since the physically separate IoT network is “air-gapped” from their secure enterprise network.</p> <p>Instead of directing this network through the company’s data center for example, companies can direct the parallel networks to public or private clouds — limiting access to valuable information and reducing bandwidth bottlenecks. If hackers gained access to one of the parallel networks, they could <strong>not pivot to another networ</strong>k.</p> <p>For example, IoT devices associated with a city’s traffic management system (or within public safety) can exist on a different network than the other critical networks in that city. With these separate networks in place, if people hacked the traffic management system, for example, they would be unable to pivot from that network to other critical public systems.</p> <p>States need to <strong>think carefully about which devices they connect to which networks</strong>. As we enter the smart state future, driven by holistic connectivity, we need to do so with our eyes open. Securing the smart states requires us to be pragmatic and to ensure we keep certain devices unconnected and others separate from mainstream networks.</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank" title="CDW Cybersecurity Insight Report"><img alt="Cybersecurity-report_EasyTarget.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/taxonomy/term/11481"><img src="/sites/" width="58" height="58" alt="Ken Hosac, Cradlepoint" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/taxonomy/term/11481"> <div>Ken Hosac</div> </a> </div> <div class="author-bio"> <p> <div><p>Ken Hosac is vice president of IoT Strategy at Cradlepoint. As part of the leadership team since 2009, Ken has helped drive Cradlepoint’s growth and development through roles in strategic planning, product management, solution strategy and thought leadership.</p> </div> </p> </div> </div> </div> </div> Mon, 14 May 2018 14:21:55 +0000 juliet.vanwagenen_22746 40831 at