The enduring shift toward at least partial work-from-home arrangements for government employees is creating new workforce possibilities for many agencies, but also new challenges on the technology security front for both Federal and state and local governments, experts said this week.
Vincent Sritapan, Section Chief of the Cyber Quality Service Management Office at the Cybersecurity and Infrastructure Security Agency (CISA), explained how important mobile computing and connectivity has become especially during the pandemic era at a May 31 event entitled “Embracing Zero Trust: Protecting Data in a Remote World” and hosted by GovExec.
“We take our mobile devices everywhere, we access it to get data,” he said. “If you look at just internet traffic during COVID, and post-COVID, what I would say is that more than half of internet traffic comes from a mobile device, a smartphone or a tablet,” he said.
“Due to this fact, I still think that mobile devices are the weakest link” in the security landscape, he said.
Leah McGrath, Executive Director at StateRAMP, explained at the same event how local and state governments are gearing up for the same security challenges posed by increased use of mobile technologies.
“There’s the technologies, the practices are there,” McGrath said. “It’s about continuing to evolve and continuing to improve what we do, which is why I think continuous monitoring is such a key aspect to this,” she said, along with organizations continuing to promote best practices in security.
McGrath further explained how the trend toward online and remote access has catapulted governments to move closer to private-sector standards for online tools.
“People, whether outside the border of Washington, D.C., and the Federal government, are looking for that digital experience that’s similar to google.com or amazon.com in government to make things easier to understand and use,” she said.
Ultimately, Federal agencies are making necessary changes to meet the needs of remote work, and to incorporate that trend into their burgeoning zero trust security strategies, Sritapan explained.