What the Government Shutdown Means for IT Security

Government Shutdown and IT Security CloudThere have been ten United States federal government shutdowns since 1980, but a lot has changed in 39 years.  This current shutdown is now the longest in US history, with no clear end in sight (you can view an up-to-the-minute shutdown clock on USA TODAY). The Department of Agriculture, Commerce, Homeland Security, State, Housing and Urban Development, Interior, Justice, State, and Transportation have all closed their doors either partially or completely, along with the Environmental Protection Agency and NASA. This has resulted in the furlough of nearly 400,000 employees, some of whom come from crucial cybersecurity and IT departments. This has left some government agencies concerned about data breaches, cyberattacks, and the overall security of their data.

 

Government Shutdown Affects IT Workers

Despite the Justice Department Security Center remaining open, and the Treasury Department stating that security incident response and emergency operations are an essential function of the agency, a Duo Security Report reveals that nearly 85% of employees have been furloughed at the National Institute of Standards and Technology (NIST). This means the NIST’s 2019 security standards and guidelines—which includes risk management policies, security controls, and classified information access requirements—will be delayed, impacting government security teams awaiting new best practices and threat-mitigation strategies. That’s not all; the Department of Homeland Security’s newly-established Cybersecurity and Infrastructure Security Agency has furloughed 45% of its employees, weakening the government’s security capabilities.

“Security is challenging enough when fully-staffed and fully-funded,” writes Duo’s Fahmida Y. Rashid. “Trying to keep networks and data safe and thwarting attacks when not at full-strength is risky, especially when no one can predict how long this state of affairs will last.”

 

Are Government Agencies Secure in the Cloud?

Government agencies started cautiously making their way into the cloud in 2011, empowered by the White House’s Cloud First Initiative, which proposed spending about $20 billion on cloud services to improve innovation, agility, server utilization efficiency, and productivity in application development. But many still weren’t there when the last major shutdown occurred in 2013. So, while concerns over data security existed during that 16-day shutdown, there was little to-do about the cloud. Since then, it’s estimated that government agencies have spent over $7 billion migrating to the cloud, making concerns regarding government clouds much more prominent during this current shutdown. But are the concerns valid?

While the absence of furloughed IT experts who were responsible for maintaining security remains a challenge for some government agencies, there is a silver lining for those working with a third-party cloud provider. The availability of their cloud is one area where (most) government agencies can breathe a sigh of relief.

“If [government network managers] are responsible for maintaining security, and if government IT staff is minimized because of the shutdown, there could be reasons for taking a system offline,” says Shawn McCarthy, Director of Research at IDC Government. “Likewise, if security, network management, security audits, etc., are handled by a third party … [there is] no reason why a system hosted for the government should be shut down.”

 

Can I Still Purchase Cloud Services Through the GSA Contract?

The General Services Administration (GSA), the federal government’s procurement expert, helps other federal agencies get the products and services they need, such as cloud services. While the shutdown has led the GSA to furlough about half of its workforce, roughly 4,100 employees continue to work, helping out other government agencies. Nextgov reports that the GSA should not be affected. If you have further questions regarding purchases through the GSA, the cloud acquisition page provides their customer service number and a live chat option.


The DSM G-Cloud: Powering Government Agencies

If your agency is concerned about security now or in the future, consider making a move to DSM’s G-Cloud. G-Cloud is the first virtual private cloud solution designed for national, state, regional, and local government agencies. We ensure strict security protocols, 99.99%+ uptime, and a complete compliance package, including CJIS for government. DSM’s G-Cloud is also available for purchase through GSA contract #47QTCA18D005E. Contact one of our IT experts today to learn more.

6 Tips to Achieving Cloud Predictability

Related posts