As COVID-19 restrictions ease, federal agencies are beginning to bring employees back into the office. Whether teams are returning to the office full time, continuing to work in a remote environment, or using a hybrid approach, the top priority is to keep employees safe and the business of government running smoothly, all while protecting the nation’s most important technology infrastructure.

No matter where teams are physically located, Force 3 Security engineers offer these top five security tips and tools to help federal technology leaders keep their networks secure no matter where their teams work.

Multi-Factor Authentication (MFA)

Attackers will often search for the weakest link in the agency’s security posture. With employees accessing your network from multiple – and potentially new – endpoints, weak passwords or lack of security on the endpoint is a perfect way for skilled cybercriminals to get into your network. 81% of breaches are caused by compromised credentials. To protect against these threats, the tools used by your workforce to get their jobs done should have strong, multi-factor authentication to prevent unauthorized access into your systems. DUO Security, which was recently acquired by Cisco, offers an impressively easy way to layer on MFA with a minimal disruption to the user while incorporating the latest methods of authentication.

Through its authentication application, DUO sits between your points of access and your network. Authentication operates via Universal 2nd Factor (U2F), a more secure means of authentication facilitating push notifications in comparison with less secure SMS (text) based methods. DUO works with PIV/CAC and meets common federal technology requirements, including NIST guidelines for authentication.

Implement Security at the Application Level, Not the User Level

Both multi-factor and zero-trust authentication offer a security model that shifts traditional, perimeter-based security where anyone with the credentials can access everything inside your network from any device to individual application security. Application-based security utilizes user identity, the trustworthiness of the device, and established security policies to grant access to that one application. It is a more scalable approach to security that protects every attack surface by validating every point of access. With employees accessing your network from various environments both inside and outside of your office, to truly protect your network and the devices connected to it, security protocols need to be set inside of the firewall at the application level to fortify your network against breaches.

Next Generation Firewalls Support and Scale VPN Access

While employees are slowly returning to work, many are still working remote. A recent survey of federal workers found that 63% of employees expected to be working remote into 2021. Older firewall technology can’t support high numbers of employees accessing your network through VPN. The best way to achieve consistent, scalable VPN access that lets employees work as though they are sitting in their office inside your agency is by upgrading to a Next Generation Firewall (NGFW). NGFWs can support not only the increasing number of users but the increased load on the device to deliver the additional services and functionality required to protect those users in times of need. NGFWs also offer additional controls including enhanced security with identity store and authentication, threat intelligence, URL filtering, and analytics.

Secure Your Cloud Apps – Including Those you Don’t Know About

Regardless of where you are in your cloud migration, employees working in the office and remotely are connecting various endpoints to some cloud based applications. In addition, remote employees are more likely to use shadow IT – those apps that may not be authorized by your team but help them get their jobs done. Fortify your cloud applications to proactively protect them against threats inside and outside threats. Cloud security tools such as Cisco Umbrella not only protect against malware and other threats, they also help you gain visibility into your cloud apps and find use of shadow IT across your environment. Umbrella also blocks malicious and unwanted domains and cloud applications before your users even establish a connection.

Automate Your Security

Cybersecurity teams were overwhelmed BEFORE the pandemic. With many employees working remote or in a hybrid environment, hackers and cybercriminals could see this new working environment as an opportunity to find weaknesses in your systems. Monitoring, maintaining, and watching for new threats is even more challenging in the current working environment. As constant vigilance is needed to watch over your network, automating your network security is critical. Scans, queries, and reports can all be automated. Leverage the latest security technology to help you, not make your job harder. There are many security technology tools that are FedRamp authorized that can automate security protocols and spot trends. By using these tools to their fullest potential, it becomes easy to identify unusual behavior that could signify a threat, allowing technology teams to stop a breach from happening.

Choose the Right Collaboration Tools

Employees who are working in a socially distanced office environment or remote must still be connected to each other. Modern collaboration tools allow employees sitting in different offices or different states to work as though they were in the same conference room. Collaboration applications such as Webex Teams and Webex Meetings offered by Cisco allow employees the ability to instant message and participate in group chat sessions regardless of physical location. Webex also offers huddle spaces where interactive meetings can take place using virtual white boards, document sharing, and other features that allow participants to collaborate in real time – from anywhere.

As a federal agency, you also have the added complexity of needing collaboration solutions that adhere to the numerous and ever-evolving compliance demands, including modernization requirements. If mission security is a concern for your collaboration tools, Cisco offers a FedRAMP Impact Level 2 (IL2) Webex tool for Civilian agencies. They also have HCS-D solutions designed specifically for Department of Defense agencies that offer DoD Impact Level 5 (IL5) certification. Remote workers using these tools can achieve the highest level of security as they do in the office environment.

Get Support When You Need It

While businesses and government work through plans on getting employees back into the office safely, securing your network no matter where your employees work is crucial to maintain the business of government. Regardless of what security protocols you already have in place, talking to a service provider about your current security landscape and how your employees are working is a good first step. The service provider can help assess your situation and recommend the right security tools to help you achieve mission success.

Force 3 is a technology solutions provider that has worked with the federal government providing secure technology solutions and services for over 25 years. We understand the security requirements needed in the federal space and partner with leading manufacturers. Our engineers are trained to better support the needs of our federal customers. Security is woven into everything we do. Contact Force 3 today and let us help your agency stay secure with a remote workforce.

Related Blog Posts

See All Blogs

5 Tools to Help Federal Employees Return to Work Safely

As COVID-19 restrictions continue to ease across the country, federal agencies are slowly bringing employees back into the office. However, many employees who have spent several months working in a remote environment may be nervous about returning to the office,…

Using the CDM Program to Keep Federal Networks Secure No Matter Where Employees Work

As federal agencies deal with the impacts of the COVID-19 pandemic on where and how employees work, federal CIOs that were already facing constraints securing their networks prior to the pandemic now have to contend with network security for the…

Force 3 Awarded ITES-SW2 Contract

Crofton, MD—September 9, 2020— Force 3, a Sirius company, has been awarded the Information Technology Enterprise Solutions-Software 2 (ITES-SW2) contract. In addition to helping save time on procurement and cutting costs by consolidating their software purchases, the ITES-SW2 contract allows…

Force 3 Gives Back to the Community Through Virtual Food Drive

Philanthropy and community outreach have always been an integral part of Force 3’s corporate culture. To support those in need in our communities, Force 3 is running a Virtual Food Drive during the month of September to support the Maryland…

Ignore the Workforce at Your IT Modernization Peril

Federal agencies are currently faced with the daunting task of modernizing billions of dollars’ worth of outdated technology. On the path to IT modernization success, the investment in technology represents only half the battle though — agencies also need to…

Force 3 Named Public Sector Partner of the Year and Federal Intelligence Partner of the Year at Cisco Partner Summit

This week, Force 3 was recognized for our leadership in the public sector by receiving two awards at the Cisco Partner Summit in Las Vegas, NV. Force 3 was named the Americas Geographical Region Public Sector Partner of the Year…

Creating a Disaster Recovery Plan that Keeps Pace with Technology

The fear of a disaster in your data center is what nightmares are made of for technology teams. Are the systems backed-up properly? Will we lose data? How much downtime will we incur? Does the team know what to do?…

Protecting your Agency from Phishing

As we spend an increasingly large percentage of our time online, we’ve become aware of the malicious tactics used to trick us into downloading malware or betraying our credentials. Even as our built-in threat detection improves, we risk letting it…

Choosing an IT Solution Provider that Keeps Projects on Track

Most of us have experienced a project that hasn’t gone quite as planned. Information wasn’t received at the right time, different teams had completely different interpretations of the requirements, or somebody didn’t realize they were responsible for a task. Little…

TechTarget: Big Blue Drives Collaboration Among IBM Business Partners

IBM is investing in resources and business processes to make it easier for IBM business partners to create alliances with each other. Following last month's IBM Think conference in San Francisco, Senior Director of Software Practice Charles Fullwood discusses the…

Deployment and Resident Engineers Deliver On-Site Solutions

At Force 3, we provide solutions. From infrastructure management to cloud migration, we create custom answers to federal IT’s most pressing problems. But we believe strong, sustainable solutions involve more than just software and hardware. What agencies often need most…

WBJ: Here’s What it Takes for a Mid-Tier Maryland Contractor to Compete in Evolving Federal IT Marketplace

More than three-fourths of federal government agencies — about 77 percent, according to a Government Accountability Office report — will not meet their planned technology modernization goals by the end of the year. Our CEO, Mike Greaney, recently sat down…

The Rally Call for Digital Transformation Is Here: Are You Ready for the Journey?

Today, digital transformation has become the rallying cry for government organizations aiming to innovate and improve operations. The promise of digital transformation is profound: faster and more informed decision-making, improved customer insights, greater cost savings, more reliable products and services,…

3 Tactics to Avoid Insider Threats Posed by Third-Party Contractors

"The balance between too much security and too little is delicate. Overzealous access policies can bring efficiency and productivity to a screeching halt. But an overly lax approach can expose sensitive data to people who don’t need it and shouldn’t…

Improving Insider Threat Detection with Security Integration

With cyber-attacks like Nyetya and WannaCry dominating headlines over the last several months, you’d think malware would top the list of security pro’s biggest concerns. But you’d be wrong, according to the SANS Institute’s 2017 annual data security survey. While…

Unstructured Data: The Threat You Cannot See

In this article for Dark Reading, Force 3 software practice director Charles Fullwood examines why security teams needs to take a cognitive approach to the increasing volumes of data flowing from sources they don't control. Every day, IT security teams…

Expect security, cloud spending in 2018 Federal IT Budget

In recent interviews with TechTarget, industry leaders--including Force 3's Greg Kushto--cited an uptick in federal IT procurement activity during the government's fiscal fourth quarter and expected FY 2018 to feature security and cloud investments. IT solution providers planning to pursue…

NextGov: How to Unleash Federal IT Workers as Changemakers

Written by Force 3's vice president of client solutions Jason Parry, this article was originally published at www.NextGov.com. The public-sector workforce has always been plagued by stereotypes. To the layman, “government job” calls to mind images of a middle-aged bureaucrat,…

SearchITChannel: New tech, old virtues keep server virtualization going

"Server virtualization is well past the peak of the technology adoption curve, but SMB customers, open source technology and hybrid clouds keep demand going." —John Moore, SearchITChannel Server virtualization platforms have been around for ages and would seem to be old…

FedTech: How to Make the Most of the Federal Hiring Freeze

Although the freeze may constrain resources, it is also an opportunity to conduct an IT inventory, invest in training and prioritize projects. In this article for FedTech, writer Phil Goldstein addresses how federal agencies are handling the recently announced federal…

3 Opportunities for IT Teams Dealing With Federal Hiring Freeze

With a federal hiring freeze ordered across the board for federal agencies, government organizations find themselves rethinking operations—including IT. It’s a tough reality for federal IT teams, with civilian agencies seeing the deepest impact. The order heavily affects IT professionals,…

DevOps: An Evolving Approach for Evolving IT Teams

By promoting collaboration and better communication, DevOps practices can help IT teams raise their profile and generate better outcomes for their organization. And here's how: Imagine you’re an architect tasked with designing a massive mixed-used building in Washington D.C. It’s…

Federal Times: Contractors Can Help With Feds’ Security Fears

In a single, average day, the Department of Defense alone experiences an estimated 100,000 cyberattacks. Meanwhile, with accusations of Russian election hacking dominating our national dialogue and new breaches constantly being reported, federal agencies have developed a real and justifiable fear:…

Promoting a Workplace Cybersecurity Culture

Cybersecurity awareness ranks high on the federal government’s agenda and rightly so. Data breaches at federal agencies affect not only the entity in question, but potentially countless U.S. citizens whose private information it might possess. Earlier this year, a hack…

Federal Times: 4 Ways Contractors Can Help Alleviate Feds’ Security Fears

In a single, average day, the Department of Defense alone experiences an estimated 100,000 cyberattacks. Meanwhile, with accusations of Russian election hacking dominating our national dialogue and new breaches constantly being reported, federal agencies have developed a real and justifiable fear:…

Channel technology trends 2017: Cloud, cybersecurity & automation

Channel partners can expect to see plenty of activity next year in cloud computing, multi-cloud in particular, as well as cybersecurity and IT automation. When it comes to channel technology trends, 2017 seems likely to showcase some familiar developments —…

An Ounce Of Prevention Is Worth A Pound Of Reaction

Imagine you’re at a seafood restaurant. One look at the menu, and you know exactly what you want: lobster. Your food arrives, you clean your plate, and then proceed to pull out your EpiPen because you also happen to have…

How to improve government services delivery

It’s a truth as inherently American as NASCAR and as inscrutable as pop music: When it comes to providing citizen services, the government can be technologically challenged.In a recent interview with Wired magazine, even President Barack Obama acknowledged the government’s…

Full speed: Cisco Partner Summit sets the tone for the future

Full speed: The theme from last month’s Cisco Partner Summit speaks volumes about the company’s vision—not to mention it’s understanding and embrace of how quickly our industry is evolving. Most of all, it gives Cisco’s partners in the security and…

Transitioning from the server room to the board room

How can IT professionals balance business goals and information security?For years, businesses and their IT operations experienced a strained symbiosis — each needing the other to thrive, but frequently at odds in matters of prioritization, budgeting, and resources.Fast-forward to the…

How can we help your agency achieve its mission?

Maximize your IT investments. Learn more about solutions and services from Force 3.