Page 7 - GCN, May 2016
P. 7

With mandates like FedRAMP, the push to standardize on IPv6, and enforcing the use of https for encrypted web sites, government agencies have made significant progress in ensuring secure infrastructure. It’s widely understood, however, no organization can fully prevent any and all attacks.
“There is no single solution when it comes to security,” says Ruff. “The threat landscape is ever-changing. The bad guys are getting smarter and are well-funded. And they are moving at a pace where no organization can keep up.” Ruff says the best advice is to follow the government’s guidelines, restrict employees and their access to only those applications and services they truly need, and fully understand the sensitivity of applications and data.
Achieving an effective security posture also requires partners that understand the unique challenges of government security. One of those challenges is preventing malicious activity like cross-scripting, SQL injections
and Distributed Denial of Service (DDoS) attacks from affecting government environments. Akamai has worked with a federal agency facing that issue. The result was a cloud security solution that includes a web application firewall to defend against these types of threats.
DDoS attacks, where cybercriminals try to overwhelm servers with enormous amounts of traffic and knock them offline, are particularly troubling. While Akamai saw a 148 percent increase in DDoS attacks across all industries last year. Yet not one government agency using Akamai’s cloud security solution has been affected.
Mobility comes with its own unique challenges around security. According to a report from Norton Security, there has been a 214 percent increase in mobile vulnerabilities during the past year alone. That number continues to rise as malicious actors embed malicious code into legitimate applications. This not only affects users, but could potentially end up inside an agency’s infrastructure if an employee is careless about security when interacting with the datacenter.
Generally speaking, Ruff says agencies are looking
for a defense-in-depth posture where they can take what FedRAMP and other government requirements provide and combine them with intelligent solutions. These solutions should provide multiple security parameters protecting the data and datacenter. The security ecosystem should include not only firewalls and intrusion detection/prevention systems, but also a fully distributed cloud security infrastructure to keep threats far from the agency’s datacenters.
Akamai’s highly distributed, intelligent cloud-based network, used by many government agencies today, provides that type of defense-in-depth protection. Because of its pervasive reach—90 percent of the world’s Internet users are within a single “network hop” of an Akamai server—it can begin mitigating potentially dangerous situations as soon as malicious operators try to enter the network. Through agency policies, it also can prevent or allow users within the network and datacenter perimeter.
Akamai’s cloud security solutions also let agencies take advantage of the company’s extensive resources
on potentially malicious actors. This client reputation data, collected from the billions of IP addresses that interact with Akamai’s Intelligent Platform every month, provides valuable information about which IP addresses are malicious. Based on that information, agencies can automatically block requests from those addresses.
When it comes to optimizing web performance and security, experience clearly matters. “We’ve been in the government marketplace for 12 years, and we’ve seen it all,” says Ruff. “Our goal is to continue to keep our fingers on the pulse of what the public sector needs and if it doesn’t exist, we’ll develop it.”
On any given day, Akamai drives or supports as much as 80 percent of the federal government’s web traffic. It also manages the traffic of many state and local government agencies. Akamai complies with all relevant government and industry standards, including FedRAMP, IPv6, ISO, HIPAA, SOX and PCI DSS. And it is accredited to work with DoD classified systems.
Across the globe, Akamai runs a highly distributed content delivery network with more than 210,000 servers within 1,450 networks. Every day, Akamai delivers web traffic reaching more than 30 Terabits per second, consisting of more than two trillion daily Internet interactions. Ready, willing and able to develop solutions that meet government’s needs, Akamai is at the forefront of the industry, with hundreds of patents to its credit.

   5   6   7   8   9