Government Cloud On-Ramping

Uploaded on 2022-05-03 in TECHNOLOGY--Resilience, GOVERNMENT-National, FREE TO VIEW

Legacy systems are both unreliable and expensive, with the cloud offering many benefits in flexibility, agility and cost reduction. Despite High Assurance Software Defined Wide Area Network  (SD-WAN) frameworks now being generally available, an estimated 80% of UK government departments are still failing to make the move, with their cloud strategies on hold.

The UK Treasury is becoming increasingly frustrated by the billions of pounds wasted by government departments on legacy technology and proprietary infrastructure. With Digital Transformation now imperative, there is little patience for the endemic delays in decision making that are adding untenable costs to a government that simply has no more resources.

Why are departments still spending £millions every month on expensive proprietary connectivity when the tried, tested and proven SD-WAN alternative costs just a fraction? How can departments justify the use of outdated legacy systems that demand huge expenditure just to keep up and running when reliable, lower cost cloud-based alternatives are so accessible?

With the High Assurance SD-WAN framework now generally available, there are no more excuses. Digital Transformation must progress, quickly.

Weak Excuses

Digital Transformation is now vital for government departments. After two years of pandemic delayed projects and facing unprecedented financial pressures, there is zero tolerance for excuses. Not only are legacy systems both unreliable and expensive, but the cloud offers many benefits in flexibility, agility and cost reduction. And yet, an estimated 80% of UK government departments are still failing to make the move, with their cloud strategies on hold.

So what’s going on? Many departments have clearly defined Digital Transformation roadmaps; cloud providers have been selected - often more than one to provide resilience and contingency; and application migration plans have been defined. The one remaining sticking point is data security - most notably, the safeguarding of data in transit between the on site systems and the cloud. 

With departments typically opting for a hybrid environment during the incremental Digital Transformation process, rather than a wholesale move to the cloud, it is clearly important to extend the data security posture between the current environment and the cloud. Furthermore, there is no argument that Government departments have stringent data security requirements - much of the data is highly sensitive. Compromising security due to the impact on network performance is, clearly, not a viable option - or for those organisations who have chosen that route, an extremely high risk alternative, particularly given increasingly concerning geopolitical circumstances.
Claims that the use of low cost SD-WANs to provide the vital link to the cloud are inherently lacking in the security required to safeguard sensitive data, however, are out of date.

Yes, SD-WANs use public infrastructure, but the Common Criteria accredited High Assurance SD-WAN framework that couples a High Assurance security overlay with market leading SD-WAN technologies, is proven and being used by governments and organisations across the world to safely accelerate Digital Transformation plans.

Security Stand-Off

The only beneficiaries of this endemic decision-making paralysis are technology vendors and service providers raking in £millions every month to support and maintain outdated, often inadequate, technology. Given the huge cost differential between legacy and cloud-based solutions, the biggest risk now facing UK government is that individuals tasked with achieving Digital Transformation and radically reducing IT spend will feel compelled to simply ignore data security issues. 

With a desire to achieve a stable, effective and scalable technology infrastructure, it is a hugely frustrating situation for IT and network teams – not to mention those with budgetary sign off. While the risks associated with failing to consider the security implications are profoundly serious, there is no more money: unless this stand-off is addressed, everyone involved stands to lose.

Security must be at the heart of any Digital Transformation journey – and that requires a shift towards a Zero Trust mindset.

It means stepping away from the concept of a trusted environment and a focus on securing the data irrespective of its location. This is where High Assurance SD-WAN frameworks change the game, using crypto-segmentation to protect and ensure the integrity of sensitive data - without any impact on network performance.

Accelerating Change

With this Zero Trust approach, a High Assurance SD-WAN overlay makes the underlying network infrastructure irrelevant, whether it is public or private, trusted or untrusted. The data security team simply needs to define the policy and, with ownership of the cryptography keys, can be confident that data is protected at all times wherever it goes. 

The model is akin to the transfer of gold or cash between banks. Security at each bank is established and accepted – it is the movement between the banks that raises concerns. The use of a secured armoured vehicle is reinforced by locking the gold away in a secure environment using keys that only the bank – not the guards – have access to. Similarly with crypto-segmentation, even if the data is compromised in transit, the only people who have access to the keys are the owners of the data: no one else can do anything with that data. Irrespective of where that data is travelling, it is protected.

For government departments the High Assurance approach to SD WAN enables the secure utilisation of low-cost SD-WAN connectivity, which is a huge financial incentive. Furthermore, there are no constraints on network redesign; no barriers to the types of data or applications that can be migrated to the cloud, which ensures both operational agility and a consistent data security posture that can evolve throughout the Digital Transformation journey, from on premise, through hybrid, to the cloud. This means Digital Transformation plans can be accelerated and departments can quickly realise economies of scale. 

Conclusion

Delaying Digital Transformation is creating unacceptable risk and incurring unacceptable costs. Every postponed decision compromises progress and leaves government departments at the mercy of vendors who are continuously inflating maintenance and support charges. The transformation away from legacy to current technology is an absolute must – a fact clearly recognised by government department heads who are having to explain, under fire, why they are continuing to spend Treasury money on outdated IT projects.

Right now, most decision making committees are using the concept of data risk as an excuse for not progressing Digital Transformation. But any claim that plans cannot move forward due to regulatory compliance or internal controls are no longer true – that risk argument has been addressed and resolved.

The benefits of the Digital Transformation are indisputable, from systems stability to hugely significant cost savings: so just what is the excuse for continued mis-spend of public money and failure to follow well established routes to the cloud? 

Paul German is CEO at Certes Networks

You Might Also Read: 

Three Vital Concerns For Companies Running Hybrid Cloud Environments:

 

« Cyber Attacks On Ukraine Are Increasing
Lapsus$ Hackers Targeted T-Mobile »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Fortify Experts

Fortify Experts

Fortify Experts is a search and recruitment firm specializing in Cyber Security.

Japan Information Security Audit Association (JASA)

Japan Information Security Audit Association (JASA)

JASA is non-profit association active in developing and managing the quality of Information Security Auditing and Auditors in Japan.

Data Shepherd

Data Shepherd

Data Shepherds primary focus is to protect your business. We achieve this by offering extensive and unique expertise in innovative IT and Cyber security solutions.

Virsec Systems

Virsec Systems

Virsec detects and remediates previously “indefensible” advanced memory-based attacks on critical applications and server endpoints.

Callsign

Callsign

Callsign’s mission is to seamlessly power the identification of every web, mobile and physical interaction.

Incognito Forensic Foundation Lab (IFF Lab)

Incognito Forensic Foundation Lab (IFF Lab)

IFF Lab is a premier cyber and digital forensics lab in India that offers forensic services and solutions, cyber security analysis and assessment, IT support, training and consultation.

ShieldIOT

ShieldIOT

ShieldIOT delivers a complete AI-powered security solution across any IoT device, application and network.

CHEQ

CHEQ

CHEQ provides fully autonomous, preemptive technology for brand safety and ad-fraud prevention.

Bechtle

Bechtle

Bechtle is one of Europe’s leading IT service providers offering a blend of direct IT product sales and extensive systems integration services.

CWSI

CWSI

CWSI provide a full suite of enterprise mobility, security and productivity solutions to many of Ireland and the UK’s most respected organisations across a wide range of industry and public sectors.

FiVerity

FiVerity

FiVerity provides financial institutions with cyber fraud defense to combat a dangerous and growing threat - the convergence of fraud-related theft with sophisticated, high-volume cyber attacks.

BATM Advanced Communications

BATM Advanced Communications

BATM Advanced Communications is a leading provider of real-time technologies for networking and cyber security solutions.

Acumera

Acumera

Acumera is a leader in managed network security, visibility and automation services.

Resmo

Resmo

Resmo is an all in one platform for SaaS app and access management for modern IT teams.

VAST Data

VAST Data

The VAST Data Platform delivers scalable performance, radically simple data management and enhanced productivity for the AI-powered world.

Cylerian

Cylerian

Cylerian is a Next Generation SaaS Security Platform - One unified cloud platform to achieve your security, compliance, and operational objectives.