@CloudExpo Authors: Liz McMillan, Pat Romanski, Zakia Bouachraoui, Elizabeth White, Yeshim Deniz

Related Topics: @CloudExpo, Mobile IoT, Cloud Security, Government Cloud

@CloudExpo: Blog Feed Post

Why Poor Data Classification in Government Will Impact BYOD

This idea that executives will one day soon have to loosen their grip over endpoints is a major concern

In recent discussions with IT leaders from both federal and Department of Defense sides of US government, representatives stated that they are having a heck of a time accommodating expansive growth in mobile computing. This is critical given that today, in most cases, agencies and departments still have control over which mobile devices can be used. In the future, these executives realize that the changing demographics of contractors and employees means they will not only need to support continually growing traffic, multiple presentations and increased asset management, but will also have to deal with a wide spectrum of mobile devices due to Bring Your Own Device (BYOD).

This idea that these executives will one day soon have to loosen their grip over endpoints is a major concern. Contrary to belief it is not about power and supremacy over their domain.  Most users have no concept of the level of complexity for managing access and availability of data and applications when there is no control over the endpoint; nor should they. While network security solutions have improved dramatically over the past decade, improper use of the tools and ever increasing abilities of hackers means that “locking the front door” isn’t good enough to solve this problem by itself.

One of the keys to solving this issue in a way that doesn’t alienate users, but also ensures confidentiality and security of government data is going to be segmentation. Segmentation is the act of distributing the data across multiple tiers from unclassified to compartmentalized and providing greater levels of restrictions on access at each layer. For example, unclassified information should be hosted in the public cloud with no permanent connections back to any data center housing higher classified documents. For Official Use Only (FOUO), Confidential, and Secret data should require minimum Virtual Private Network (VPN) connections for access. This means that the mobile devices must support the VPN protocols in use in order to establish a connection. Finally, Top Secret and above information should require on-premise wireless or wired support only combined with two-factor authentication, VPN and the ability to remove any data downloaded to the mobile device when the VPN connection is broken.

However, the biggest issue for government is going to be segmenting data that is either improperly classified or comprised of various levels of classifications. I was once part of a project where the requirements documents were improperly labeled FOUO, which raised many problems sharing them with foreign counterparts even though the project was developing a collaboration portal to work with foreign government officials through what was going to be a publicly hosted application. This is just one small instance of tens of millions within the government. Moreover, it seems more recent projects have seen serious disagreement among government IT employees and contractors as to what are the appropriate classification levels for certain pieces of data. In one of these cases a very junior security professional within the government was demanding aggregated publicly available information could not exist in a publicly hosted cloud.

I don’t relish these government IT executives position with regard to the growing mobile demand. BYOD is going to amplify this problem exponentially.

Read the original blog entry...

More Stories By JP Morgenthal

JP Morgenthal is a veteran IT solutions executive and Distinguished Engineer with CSC. He has been delivering IT services to business leaders for the past 30 years and is a recognized thought-leader in applying emerging technology for business growth and innovation. JP's strengths center around transformation and modernization leveraging next generation platforms and technologies. He has held technical executive roles in multiple businesses including: CTO, Chief Architect and Founder/CEO. Areas of expertise for JP include strategy, architecture, application development, infrastructure and operations, cloud computing, DevOps, and integration. JP is a published author with four trade publications with his most recent being “Cloud Computing: Assessing the Risks”. JP holds both a Masters and Bachelors of Science in Computer Science from Hofstra University.

CloudEXPO Stories
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next-gen applications and how to address the challenges of building applications that harness all data types and sources.
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app security and encryption-related solutions. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University, and is an O'Reilly author.
CloudEXPO New York 2018, colocated with DevOpsSUMMIT and DXWorldEXPO New York 2018 will be held November 12-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI and Machine Learning to one location.
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
ICC is a computer systems integrator and server manufacturing company focused on developing products and product appliances to meet a wide range of computational needs for many industries. Their solutions provide benefits across many environments, such as datacenter deployment, HPC, workstations, storage networks and standalone server installations. ICC has been in business for over 23 years and their phenomenal range of clients include multinational corporations, universities, and small businesses.