Government Cloud On-Ramping

Uploaded on 2022-05-03 in TECHNOLOGY--Resilience, GOVERNMENT-National, FREE TO VIEW

Legacy systems are both unreliable and expensive, with the cloud offering many benefits in flexibility, agility and cost reduction. Despite High Assurance Software Defined Wide Area Network  (SD-WAN) frameworks now being generally available, an estimated 80% of UK government departments are still failing to make the move, with their cloud strategies on hold.

The UK Treasury is becoming increasingly frustrated by the billions of pounds wasted by government departments on legacy technology and proprietary infrastructure. With Digital Transformation now imperative, there is little patience for the endemic delays in decision making that are adding untenable costs to a government that simply has no more resources.

Why are departments still spending £millions every month on expensive proprietary connectivity when the tried, tested and proven SD-WAN alternative costs just a fraction? How can departments justify the use of outdated legacy systems that demand huge expenditure just to keep up and running when reliable, lower cost cloud-based alternatives are so accessible?

With the High Assurance SD-WAN framework now generally available, there are no more excuses. Digital Transformation must progress, quickly.

Weak Excuses

Digital Transformation is now vital for government departments. After two years of pandemic delayed projects and facing unprecedented financial pressures, there is zero tolerance for excuses. Not only are legacy systems both unreliable and expensive, but the cloud offers many benefits in flexibility, agility and cost reduction. And yet, an estimated 80% of UK government departments are still failing to make the move, with their cloud strategies on hold.

So what’s going on? Many departments have clearly defined Digital Transformation roadmaps; cloud providers have been selected - often more than one to provide resilience and contingency; and application migration plans have been defined. The one remaining sticking point is data security - most notably, the safeguarding of data in transit between the on site systems and the cloud. 

With departments typically opting for a hybrid environment during the incremental Digital Transformation process, rather than a wholesale move to the cloud, it is clearly important to extend the data security posture between the current environment and the cloud. Furthermore, there is no argument that Government departments have stringent data security requirements - much of the data is highly sensitive. Compromising security due to the impact on network performance is, clearly, not a viable option - or for those organisations who have chosen that route, an extremely high risk alternative, particularly given increasingly concerning geopolitical circumstances.
Claims that the use of low cost SD-WANs to provide the vital link to the cloud are inherently lacking in the security required to safeguard sensitive data, however, are out of date.

Yes, SD-WANs use public infrastructure, but the Common Criteria accredited High Assurance SD-WAN framework that couples a High Assurance security overlay with market leading SD-WAN technologies, is proven and being used by governments and organisations across the world to safely accelerate Digital Transformation plans.

Security Stand-Off

The only beneficiaries of this endemic decision-making paralysis are technology vendors and service providers raking in £millions every month to support and maintain outdated, often inadequate, technology. Given the huge cost differential between legacy and cloud-based solutions, the biggest risk now facing UK government is that individuals tasked with achieving Digital Transformation and radically reducing IT spend will feel compelled to simply ignore data security issues. 

With a desire to achieve a stable, effective and scalable technology infrastructure, it is a hugely frustrating situation for IT and network teams – not to mention those with budgetary sign off. While the risks associated with failing to consider the security implications are profoundly serious, there is no more money: unless this stand-off is addressed, everyone involved stands to lose.

Security must be at the heart of any Digital Transformation journey – and that requires a shift towards a Zero Trust mindset.

It means stepping away from the concept of a trusted environment and a focus on securing the data irrespective of its location. This is where High Assurance SD-WAN frameworks change the game, using crypto-segmentation to protect and ensure the integrity of sensitive data - without any impact on network performance.

Accelerating Change

With this Zero Trust approach, a High Assurance SD-WAN overlay makes the underlying network infrastructure irrelevant, whether it is public or private, trusted or untrusted. The data security team simply needs to define the policy and, with ownership of the cryptography keys, can be confident that data is protected at all times wherever it goes. 

The model is akin to the transfer of gold or cash between banks. Security at each bank is established and accepted – it is the movement between the banks that raises concerns. The use of a secured armoured vehicle is reinforced by locking the gold away in a secure environment using keys that only the bank – not the guards – have access to. Similarly with crypto-segmentation, even if the data is compromised in transit, the only people who have access to the keys are the owners of the data: no one else can do anything with that data. Irrespective of where that data is travelling, it is protected.

For government departments the High Assurance approach to SD WAN enables the secure utilisation of low-cost SD-WAN connectivity, which is a huge financial incentive. Furthermore, there are no constraints on network redesign; no barriers to the types of data or applications that can be migrated to the cloud, which ensures both operational agility and a consistent data security posture that can evolve throughout the Digital Transformation journey, from on premise, through hybrid, to the cloud. This means Digital Transformation plans can be accelerated and departments can quickly realise economies of scale. 

Conclusion

Delaying Digital Transformation is creating unacceptable risk and incurring unacceptable costs. Every postponed decision compromises progress and leaves government departments at the mercy of vendors who are continuously inflating maintenance and support charges. The transformation away from legacy to current technology is an absolute must – a fact clearly recognised by government department heads who are having to explain, under fire, why they are continuing to spend Treasury money on outdated IT projects.

Right now, most decision making committees are using the concept of data risk as an excuse for not progressing Digital Transformation. But any claim that plans cannot move forward due to regulatory compliance or internal controls are no longer true – that risk argument has been addressed and resolved.

The benefits of the Digital Transformation are indisputable, from systems stability to hugely significant cost savings: so just what is the excuse for continued mis-spend of public money and failure to follow well established routes to the cloud? 

Paul German is CEO at Certes Networks

You Might Also Read: 

Three Vital Concerns For Companies Running Hybrid Cloud Environments:

 

« Cyber Attacks On Ukraine Are Increasing
Lapsus$ Hackers Targeted T-Mobile »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

CW Jobs

CW Jobs

CWJobs.co.uk is a leading specialist IT recruitment website covering all areas of IT including Cyber Security.

Bit4id

Bit4id

Bit4id provides technologies for electronic signature, online authentication, cybersecurity and all other services based on the concept of digital identity.

MindPoint Group (MPG)

MindPoint Group (MPG)

MindPoint Group is a specialist Information Security Consulting firm.

Arsenal Recon

Arsenal Recon

Arsenal Recon are digital forensics experts, providing consultancy services and powerful software tools to improve the analysis of electronic evidence.

VU Security

VU Security

VU is a specialist in Cybersecurity software development with a focus on the prevention of fraud and identity theft.

PSYND

PSYND

PSYND is a Swiss consultancy company based in Geneva specialized in CyberSecurity and Identity & Access Management.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

RhodeCode

RhodeCode

RhodeCode is an open source repository management platform. It provides unified security and team collaboration across Git, Subversion, and Mercurial.

TAG Cyber

TAG Cyber

TAG Cyber's mission is to provide world-class cyber security research, advisory, and consulting services to enterprise security teams around the world.

Inveteck Global

Inveteck Global

Inveteck Global is a Ghana-based cyber security firm providing strategic guidance and technical solutions to all our clients to best serve their individual needs.

Telesign

Telesign

Telesign connect, protect, and defend online experiences with sophisticated digital identity and programmable communications solutions.

Evolver

Evolver

Evolver delivers technology services and solutions that improve security, promote innovation, and maximize operational efficiency in support of government and commercial customers.

Mindgard

Mindgard

The Mindgard Security Copilot platform secures your Artificial Intelligence, GenAI and LLMs.

Synergy ECP

Synergy ECP

Synergy ECP has a talented, dedicated staff to provide a broad range of services to the defense and intelligence industries.

Claratti

Claratti

Clarrati are a team of innovators. Industry leaders in the cloud computing, remote working, and work-from-home space. We partner with you to empower your business for the future.