By Sascha Giese, Head Geek™, SolarWinds
Sascha Giese, Head Geek™, SolarWinds
As the second half of the year gets well underway, and lockdown restrictions generally continue to ease, one of the main topics of concern is a “second wave” of COVID-19 potentially hitting the U.K. in the coming weeks or months. With some scientists predicting “a second wave is almost inevitable”, the public sector needs to ensure it’s ready for any eventuality. In terms of technology, while it has thus far enabled many employees to work remotely, more can be done to improve IT systems if a widespread lockdown is reintroduced.
What Tech Challenges Are on the Horizon?
The main difficulty is if the country as a whole tries to return to normal too soon. For many people, working from home has not been easy, or even possible. While many others are happy working from home, those individuals who haven’t been able to do so will no doubt be keen to return to their offices. But if this isn’t managed carefully across all organisations, the likelihood of a potential second wave becomes a worryingly high possibility. Add to this the increased allowance for more social activities to recommence, and the risks become even higher.
In general, the challenges for public sector technology, if a second wave occurs, isn’t much different than what has already been implemented. If further local or national lockdowns are enforced, the office-based employees needing to work from home already have the measures in place—such as VPN—to do this securely. And the technology supporting those on the healthcare frontline will still be up and running to help patients recover. Most or all organisations now have the processes, means, and experience to ensure moving back to remote working is doable, and should be a smoother transition than it was the first time around.
However, if organisations are perhaps too enthusiastic about returning to offices, and IT solutions put in place to enable remote working are reversed and the resources used elsewhere, we’re back at square one. So what can organisations do in the next few months to prepare their IT systems for a potential second wave?
Where Should IT Investments Focus?
One of the biggest impacts the pandemic has had on public sector organisations—particularly in healthcare—this year has been the increase in cyberattacks. The World Health Organization (WHO) has observed a fivefold increase in cyberattacks since the start of the pandemic, suggesting cybercriminals have been taking advantage of the focus being less on security and more on addressing the health risks around the world. While the technology for remote working is now in place, attention over the next few months should be on ramping up cybersecurity measures across the board. Not only will this help protect organisations in the day to day, it’ll also ensure, should a second wave hit, there’s less risk of a cyberattack bringing down vital IT services.
Vulnerability management
One of the first steps organisations should take is implementing a vulnerability management lifecycle. The aim of this is to highlight any system weaknesses potentially allowing a hacker to infiltrate the network. This lifecycle is comprised of five stages:
- Identify any operating system weaknesses in network devices and systems, and determine how critical these are
- Protect these systems and applications by increasing security measures
- Detect new vulnerabilities by introducing firmware against common vulnerabilities and exposures (CVE)
- Respond quickly to any new threats, particularly while existing vulnerabilities are being fixed
- Verify threats have been eliminated and keep up-to-date reports on all activities
IT tool consolidation
Once these processes are in place, organisations should aim to consolidate their IT management tools where possible to increase efficiency. For applications to run effectively, they rely on multiple dependencies across the IT stack. Failure or poor performance from any of these can impact the experience delivered by the application, including its security. To combat this, a layered approach is required along with automation to ensure assets and data are protected and policies are enforced.
IT consolidation is beneficial because it can help organisations to: automate monitoring to react faster to obstacles; see logs or configuration changes within the context of the item having the issue; and reduce functional overlaps between different silos having their own tools. Doing so can prove to be the cheaper option as more cost-effective solutions can be found to cover multiple needs, rather than paying for several different tools across the organisation.
Automation is particularly important to bolster cybersecurity efforts. By integrating it, organisations can improve the reliability of their critical security functions. Some examples of tools designed to support these efforts include:
- Patch management – Security patches can be implemented as soon as they’re available without IT managers having to integrate them manually several times
- Threat detection and response – Cyberthreats can be identified and responded to quickly to prevent a widespread impact
- Access rights management – Having visibility into who has access to any part of the network means unusual changes can be noticed quicker
- Configuration management – Alerts for any changes to configurations of networks, servers, applications, and databases helps flag any security threats
As autumn approaches and the potential for a second wave of COVID-19 increases, organisations across the public sector would benefit from investing in IT solutions designed to keep systems up and running during the tougher winter months. Not only for the healthcare sector left to cope with an influx of patients, but also for the entirety of the public sector, which ultimately is the backbone of our society.
Recent Comments