Government Technology - September 2008 - (Page 44) security S TAT E | L O C A L | F E D E R A L j j Security in the B Y H I LT O N C O L L I N S | S TA F F W R I T E R in government and come private industry share Agency: Text to insights on cybercome security for wireless networks. Text to Contact: come emailaddress Agency: California Office of Information Security and Privacy Protection, Westchester County, N.Y. Synopsis: People Text to Technology: Cellular phones, wireless technology, anti-virus software. Wireless World Contact: Lennox Harris, manager of network engineering, Westchester County, N.Y., ldh1@westchester gov.com. W SEPT_08 ireless networks are nearly everywhere nowadays in the public sector. State and local governments nationwide have fervently pursued them for so long that it’s unusual to find an agency or municipality with employees who can’t access an office network on a wireless connection. And with smartphones becoming popular, the government wireless umbrella is becoming crowded with different types of access points — some mobile, others stationary and all representative of in-demand technology that’s transformed how government works. Consequently state and local IT professionals must work diligently to keep up with the security challenges this sprawling technology causes. In June 2008, Symantec released the Critical Connections report, which contained results of a survey conducted two months prior on information security priorities. Of the 600 participants, 200 were from state and local government, 200 from federal and 200 from the private sector. Only 24 percent of state and local respondents planned to increase spending on mobile security in 2008, even though 34 percent of them said mobile security was a critical issue. And only 52 percent of state and local respondents rated their organizations highly — 8, 9 or 10 on a 10-point scale — when it came to IT security. When asked to name their No. 1 security concern, 60 percent said they were most worried about data breaches. And since keeping government data safe is their top concern, no doubt they’re aware of one major challenge — safeguarding local, employee-only private networks from the outside world. Experts explain best practices for securing state and local networks. ©ISTOCKPHOTO.COM/ALBERTOPVEIGA “The users themselves still think of these devices as phones. They don’t think of them as the computer that sits on your hip.” Paul Miller, managing director of mobile security, Symantec Who’s on Your Network? “When you place a Wi-Fi access point, which is commonly called an AP, on the network, it’s usually attached to the LAN,” said Ira Victor, director of compliance for Data Clone Labs Inc., a firm that helps clients address information security challenges. “But because the Wi-Fi signal goes everywhere, it makes it open to the public even though it’s on your LAN.” In this case, security managers must weed out unauthorized users. They need to identify what security level is necessary, determine who is an authorized user and create policies to ensure everyone understands the protocols. “The most important requirement from a network access control perspective would be defining your policies for accessing your environment. That’s really the prerequisite for any effective network access control,” 44 http://ISTOCKPHOTO.COM/ALBERTOPVEIGA http://www.govtech.com
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.