Building Security with Advisory Services

This interview is an excerpt from GovLoop’s recent research guide, The Current State of Government’s Cybersecurity.

“At all levels of government, what we’re seeing is that agencies are in a very reactive mode when it comes to cybersecurity,” said HP’s Chief Security Advisor Michael Howard. “The number of attacks are on the rise and agencies are being bombarded from all sides. Keeping up with the security toolsets that need to be in place to confront cybersecurity threats today is extremely challenging.”

In an interview with GovLoop, Howard and Ronald Chestang, Senior Security Consultant at HP, explained how security advisory services can help agencies navigate the complexities of IT security while also bridging resource and workforce gaps.

Specifically, Howard and Chestang emphasized the need to seek assistance in securing printers. It is difficult for many agencies to evolve their digital toolsets while still ensuring robust print security. What’s more, many agencies have trouble finding IT staff with the know-how to implement and manage those print security systems.

“Printers are one of those areas that have always been overlooked but it’s important to realize that they are sitting on the network,” Howard said. Even as we move into the digital era, printers are a core component of operations. They are also a critical vulnerability.

“It is critical to understand the risks around printers, as well as the advantages of securing them from both a cost perspective and a control perspective,” Chestang said.

To bridge the gap between resources and security needs, many agencies are turning to third-party providers for tools and expertise. “We are seeing more organizations outsourcing security simply to get additional resources,” said Howard. “It’s something that agencies are going to have to do in order to get the technologies and people they want in place in a timely and an effective manner.”

However, bringing in third-party providers isn’t always a smooth process. “We’ve seen it go both ways,” Howard continued. “Some organizations say outsourcing didn’t work as effectively as they hoped because they lost some control over their security. But on the flipside, other organizations say it gave them immediate relief.”

HP’s Print Security Advisory Services actually places greater control in the hands of agencies by first giving them a full view of their environment and its potential vulnerabilities. “This all of a sudden opens the environment where a CISO now has 100% visibility,” Howard said. “He can see what’s going on in the environment, and then can start controlling it.”

After an initial assessment of the printer infrastructure, the advisory team and HP can help formalize and implement security protocols. One such protocol is consolidation and access control which allows appropriate users to utilize agency printers and ensure unauthorized users don’t have access to these security points

The key to achieving the best results lies in choosing the right security advisory service that can adapt to the unique needs of your agency, giving administrators ultimate control over the process and procedures of security while bringing in the technical expertise to execute those goals.

“All the CISO’s that I’ve talked with said this collaboration is perfect, because they don’t have the time to train somebody specifically in print security,” Chestang said. “So they would rather partner with HP and let us be the experts. We work with their teams to make sure that we’re aligning the print security policies with their overall IT security policies.”

“It’s always a challenge with outsourcing, especially if agencies haven’t done it before,” agreed Howard. “But if you do it right, there are significant advantages. You get immediate toolsets in place and you get personnel in place that are already trained on how to use those toolsets. You can see immediate results.”

As agencies manage the many disparate components of the cybersecurity environment, it’s easy to focus on the newest digital technologies while missing the threats that have always been connected to your network. Yet printer security is a vital component of any protected IT infrastructure. To ensure agencies are effectively secured across their entire network, it’s critical to seek assistance from third parties who know the intricacies of printer security and marry those details to your mission’s specific needs.

To learn more about the current state of government cybersecurity, be sure to check out our latest guide by clicking here.

 

Screen Shot 2016-08-17 at 12.55.44 PM

Leave a Comment

One Comment

Leave a Reply

Dovell Bonnett

Many of us in the cybersecurity world have been warning of the data attacks and theft for decades. And even with all that is now starting to be done, we are only addressing the three snow flakes on top of the ice burg. User convenience will always outweigh security. So developers, like us here at Access Smart, design convenience around security. Users don’t need to know what’s going on, they just want to do their jobs.