New study highlights risks of cyber threats via smartphones and other devices accessing federal agency networks

WASHINGTON, Feb. 27, 2018 /PRNewswire-USNewswire/ -- A new study of federal government IT officials shows agencies are taking significant steps to address the risk of cyberattacks from the growing use of smartphones, tablets, sensors, wearable and other endpoint devices accessing their networks. However, the proliferation of those devices —including the use employees' personal devices to access information on government networks — has more than half of agency IT officials concerned about network attacks from endpoint devices.

The study identified the top priorities and concerns IT officials face securing mobile and endpoint devices; the security features and capabilities most important to them in the tools they're acquiring; and the top challenges agencies face in implement modern endpoint security tools. Six in 10 IT officials surveyed say securing government-issued mobile devices is a top concern over the next 12-18 months, many may be overlooking technologies they already have or own to address security concern.

"Securing federal agency networks is getting more complicated by the day. We surveyed our readership comprised of C-Level and senior tech leaders from government to learn more about how agencies are protecting networks at the edge. This study, gave us great insight into how agencies are currently using a wide array of approaches to address endpoint security," said, Goldy Kamali, CEO and founder of Scoop News Group, publisher of CyberScoop. 

This online survey, conducted by CyberScoop and FedScoop and underwritten by Samsung, provides a new snapshot of what matters most to federal IT and security leaders in securing endpoint devices accessing their networks — and where key gaps remain.  The study surveyed qualified federal government information technology and cybersecurity officials who have decision making responsibility or influence regarding cybersecurity services, solutions, requirements, budgets or contracts.

The study found that at least 6 in 10 federal IT/security officials have implemented, or are in the process of implementing, various methods for securing endpoint devices, including:

• Multi-factor authentication – 79%
• Single sign-on – 76%
• Securing endpoint devices – 75%
• Identify management – 73%
• Securing mission-critical field devices – 69%
• Role-based security - 69%
• Remote device management – 67%
• Role-driven secure access – 60%
• Derived credentialing – 59%

Defense / intelligence agencies are outpacing civilian agencies in embracing certain approaches to endpoint security, including the use of biometrics and alternative forms of authenticating users, according to the study's findings.

"As the federal workforce becomes more mobile, with personnel using smartphones and tablets to perform real mission work, we see federal IT leaders increasingly prioritizing endpoint security and embracing innovative multi-factor approaches," said Chris Balcik, Vice President, Samsung Federal. 

"Agencies are moving beyond two-factor authentication to incorporate biometrics, user behavior and role-based controls into their endpoint security strategies, protecting data at the hardware level and taking human error out of the equation."

The study also pointed to current and emerging gaps federal IT officials face in addressing endpoint security risks.

One of those gaps is the growing use of personal mobile devices by federal employees to do their work in the face of limited support for those devices by federal IT departments. More than 90 percent of agency IT officials said their organizations provide secure mobile access for work-issued devices, but less than 20 percent support workers' personal devices to access most agency systems. However, 40 percent of those same officials voiced concern about the securing personal devices.

Agencies face a variety of barriers to securing endpoint devices, the study found. Budget funding, cumbersome approval processes, the lack of internal expertise and the need for greater guidance on emerging threats and technical support are among the most often-cited obstacles.

The study concluded that in light of long-standing budget limitations, agencies could take greater advantage of technologies they may already have or own — or is readily available in the commercial market — to improve endpoint security. Some of those technologies include biometrics and derived credentialing to confirm the identity of users and digital containers that separate work applications and data from consumer applications on devices.

Download the Federal Endpoint Security report, "Closing the Gaps in Federal Endpoint Security" for detailed findings and guidance on how agencies are implementing modern endpoint security.

CyberScoop is the leading media brand in the cybersecurity market. With more than 350,000 unique monthly visitors and 240,000 daily newsletter subscribers, CyberScoop reports on news and events impacting technology and security. CyberScoop reaches top cybersecurity leaders both online and in-person through our website, newsletter, events, radio and TV to engage a highly targeted audience of cybersecurity decision makers and influencers.

FedScoop is the leading tech media brand in the federal government market. With more than 210,000 unique monthly visitors and 120,000 daily newsletter subscribers, FedScoop gathers top leaders from the White House, federal agencies, academia and the tech industry to discuss ways technology can improve government and identify ways to achieve common goals. With our website, newsletter and events, we've become the community's go-to platform for education and collaboration.

For more information, contact: Wyatt Kash, Senior VP Content Strategy, Scoop News Group, at [email protected] or 202-887-8001.

SOURCE FedScoop

Related Links

http://www.fedscoop.com