Government Cloud On-Ramping

Uploaded on 2022-05-03 in TECHNOLOGY--Resilience, GOVERNMENT-National, FREE TO VIEW

Legacy systems are both unreliable and expensive, with the cloud offering many benefits in flexibility, agility and cost reduction. Despite High Assurance Software Defined Wide Area Network  (SD-WAN) frameworks now being generally available, an estimated 80% of UK government departments are still failing to make the move, with their cloud strategies on hold.

The UK Treasury is becoming increasingly frustrated by the billions of pounds wasted by government departments on legacy technology and proprietary infrastructure. With Digital Transformation now imperative, there is little patience for the endemic delays in decision making that are adding untenable costs to a government that simply has no more resources.

Why are departments still spending £millions every month on expensive proprietary connectivity when the tried, tested and proven SD-WAN alternative costs just a fraction? How can departments justify the use of outdated legacy systems that demand huge expenditure just to keep up and running when reliable, lower cost cloud-based alternatives are so accessible?

With the High Assurance SD-WAN framework now generally available, there are no more excuses. Digital Transformation must progress, quickly.

Weak Excuses

Digital Transformation is now vital for government departments. After two years of pandemic delayed projects and facing unprecedented financial pressures, there is zero tolerance for excuses. Not only are legacy systems both unreliable and expensive, but the cloud offers many benefits in flexibility, agility and cost reduction. And yet, an estimated 80% of UK government departments are still failing to make the move, with their cloud strategies on hold.

So what’s going on? Many departments have clearly defined Digital Transformation roadmaps; cloud providers have been selected - often more than one to provide resilience and contingency; and application migration plans have been defined. The one remaining sticking point is data security - most notably, the safeguarding of data in transit between the on site systems and the cloud. 

With departments typically opting for a hybrid environment during the incremental Digital Transformation process, rather than a wholesale move to the cloud, it is clearly important to extend the data security posture between the current environment and the cloud. Furthermore, there is no argument that Government departments have stringent data security requirements - much of the data is highly sensitive. Compromising security due to the impact on network performance is, clearly, not a viable option - or for those organisations who have chosen that route, an extremely high risk alternative, particularly given increasingly concerning geopolitical circumstances.
Claims that the use of low cost SD-WANs to provide the vital link to the cloud are inherently lacking in the security required to safeguard sensitive data, however, are out of date.

Yes, SD-WANs use public infrastructure, but the Common Criteria accredited High Assurance SD-WAN framework that couples a High Assurance security overlay with market leading SD-WAN technologies, is proven and being used by governments and organisations across the world to safely accelerate Digital Transformation plans.

Security Stand-Off

The only beneficiaries of this endemic decision-making paralysis are technology vendors and service providers raking in £millions every month to support and maintain outdated, often inadequate, technology. Given the huge cost differential between legacy and cloud-based solutions, the biggest risk now facing UK government is that individuals tasked with achieving Digital Transformation and radically reducing IT spend will feel compelled to simply ignore data security issues. 

With a desire to achieve a stable, effective and scalable technology infrastructure, it is a hugely frustrating situation for IT and network teams – not to mention those with budgetary sign off. While the risks associated with failing to consider the security implications are profoundly serious, there is no more money: unless this stand-off is addressed, everyone involved stands to lose.

Security must be at the heart of any Digital Transformation journey – and that requires a shift towards a Zero Trust mindset.

It means stepping away from the concept of a trusted environment and a focus on securing the data irrespective of its location. This is where High Assurance SD-WAN frameworks change the game, using crypto-segmentation to protect and ensure the integrity of sensitive data - without any impact on network performance.

Accelerating Change

With this Zero Trust approach, a High Assurance SD-WAN overlay makes the underlying network infrastructure irrelevant, whether it is public or private, trusted or untrusted. The data security team simply needs to define the policy and, with ownership of the cryptography keys, can be confident that data is protected at all times wherever it goes. 

The model is akin to the transfer of gold or cash between banks. Security at each bank is established and accepted – it is the movement between the banks that raises concerns. The use of a secured armoured vehicle is reinforced by locking the gold away in a secure environment using keys that only the bank – not the guards – have access to. Similarly with crypto-segmentation, even if the data is compromised in transit, the only people who have access to the keys are the owners of the data: no one else can do anything with that data. Irrespective of where that data is travelling, it is protected.

For government departments the High Assurance approach to SD WAN enables the secure utilisation of low-cost SD-WAN connectivity, which is a huge financial incentive. Furthermore, there are no constraints on network redesign; no barriers to the types of data or applications that can be migrated to the cloud, which ensures both operational agility and a consistent data security posture that can evolve throughout the Digital Transformation journey, from on premise, through hybrid, to the cloud. This means Digital Transformation plans can be accelerated and departments can quickly realise economies of scale. 

Conclusion

Delaying Digital Transformation is creating unacceptable risk and incurring unacceptable costs. Every postponed decision compromises progress and leaves government departments at the mercy of vendors who are continuously inflating maintenance and support charges. The transformation away from legacy to current technology is an absolute must – a fact clearly recognised by government department heads who are having to explain, under fire, why they are continuing to spend Treasury money on outdated IT projects.

Right now, most decision making committees are using the concept of data risk as an excuse for not progressing Digital Transformation. But any claim that plans cannot move forward due to regulatory compliance or internal controls are no longer true – that risk argument has been addressed and resolved.

The benefits of the Digital Transformation are indisputable, from systems stability to hugely significant cost savings: so just what is the excuse for continued mis-spend of public money and failure to follow well established routes to the cloud? 

Paul German is CEO at Certes Networks

You Might Also Read: 

Three Vital Concerns For Companies Running Hybrid Cloud Environments:

 

« Cyber Attacks On Ukraine Are Increasing
Lapsus$ Hackers Targeted T-Mobile »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IX Associates

IX Associates

IX Associates is a UK based IT Integration business specialising in risk, compliance, eDefence, and network security solutions.

Norton

Norton

NortonLifeLock is dedicated to helping secure the devices, identities, online privacy, and home and family needs of approximately 50 million consumers.

Resolver

Resolver

Resolver’s Integrated Risk Management platform helps plan and prepare your organization to limit the likeliness or impact of security risk and compliance events from occurring.

Cyxtera Technologies

Cyxtera Technologies

Cyxtera offers powerful, secure IT infrastructure capabilities paired with agile, dynamic software-defined security.

Stealthcare

Stealthcare

Stealthcare is a full service, global cyber security firm offering solutions that educate, empower and protect.

HackControl

HackControl

HackControl services include penetration tests, security audits, block chain audits and brand and anti-phishing protection.

Cypherix

Cypherix

Cypherix is tightly focused on cryptography and data security. We leverage our expertise to deliver state-of-the-art, world-class encryption software packages.

Q6 Cyber

Q6 Cyber

Q6 Cyber is an innovative threat intelligence company collecting targeted and actionable threat intelligence related to cyber attacks, fraud activity, and existing data breaches.

KeyData Associates

KeyData Associates

KeyData is a recognized leader in cybersecurity services specializing in Identity and Access Management (IAM), Customer Identity & Access Management (CIAM) and Privileged Access Management (PAM).

Grant Thornton

Grant Thornton

Grant Thornton is one of the world’s leading networks of independent assurance, tax and advisory firms.

Telit Cinterion

Telit Cinterion

Telit Cinterion is a global enabler of the intelligent edge providing highly secure IoT solutions, modules and services.

Doherty Associates

Doherty Associates

Drawing on our deep industry knowledge and business insight, Doherty deliver intelligent IT solutions and services that help people work more securely, more productively and more creatively.

Bulletproof Solutions

Bulletproof Solutions

Bulletproof provides IT expert support, services, and guidance to businesses small and large as they grow and adapt to today’s complex IT, cybersecurity, and compliance needs.

Sirar by STC

Sirar by STC

Sirar is an advanced technology and cybersecurity company established by STC, the MENA region’s ICT and digital services provider.

Swise

Swise

Swise is a Cyber security and compliance platform for your small business. Simplify and automate your security and compliance with our AI-powered platform.

Datacom

Datacom

Datacom design, build and run IT systems and processes across operations, cybersecurity, cloud, digital platforms, payroll and enterprise applications.