SOLUTION BRIEF Identity and Access Management Solutions from CA Technologies for Government Agencies Your Network Has Been Compromised. Is It Time To Reevaluate Your Traditional Cybersecurity Paradigms?
CA Technologies provides solutions for Identity and Access Management that allow federal agencies to not only see who is on their networks, but control access and manage what users are able to do with information once accessed.
Executive Summary Challenge For several days, a member of the management team has been logging into the department s network and browsing financial records. As a senior leader in the organization, his presence goes unnoticed by IT staff. Over the course of a week, he downloads the personal information of every citizen receiving services from a particular program over, which he does not have jurisdiction. An IT manager notices this behavior and questions the senior leader only to find him completely unaware. His password had been compromised and the intruder entered the network and took what he needed. Unknown to the agency, the intruder also uploaded the stolen information to his own program and then launched a targeted attack. Opportunity As more and more government services move online to increase efficiency and decrease human error, information security has become a top concern for federal agencies. The exponential growth of data collected and managed by the federal government, along with the adoption of mobile devices, has contributed to the need for increased cybersecurity. 3
Section 1: Improving your Posture against Cybersecurity with Continuous Monitoring Situations like this are common today; so much so that even the largest government agencies must operate under the assumption that their networks have been compromised. However, internal cybersecurity threats are not the only challenge to federal IT systems. Foreign cybersecurity adversaries are prolific collectors of U.S. information and almost all of the suspicious network activity of intelligence value has resulted from spear phishing emails with malicious attachments received by cleared contractors. Mobile devices present an additional cybersecurity challenge. In October 2012, a National Aeronautics and Space Administration (NASA) laptop containing hundreds of personnel records was stolen from an employee vehicle. The incident was the fourth serious laptop theft in the agency since August 2011. NASA is not alone; The Department of Veterans Affairs had a similar breach in 2010. But intruders are not merely interested in stealing information. Skilled adversaries can also shut down entire networks, disrupting citizen services and other mission critical operations. Identity and Access Management (IAM) solutions from CA Technologies allow agencies to know who is on their network and restricts what users can do with agency information. Authentication and authorization, two aspects of IAM and priorities of the Comprehensive National Cybersecurity Initiative (CNCI), provide the foundation for effective security by ensuring that all users employees, contractors and partners have the correct level of access rights. 4
Section 2: Next Steps Sound IAM provides the foundation for effective security by ensuring that all users employees, contractors and partners have the correct level of access rights. As the federal government continues to adopt mobile and cloud technologies and collaborate across agency lines, security of content is imperative. To learn more about CA Technologies products and solutions for government agencies, visit ca.com/publicsector. Connect with CA Technologies at ca.com Agility Made Possible: The CA Technologies Advantage CA Technologies (NASDAQ: CA) provides IT management solutions that help customers manage and secure complex IT environments to support agile business services. Organizations leverage CA Technologies software and SaaS solutions to accelerate innovation, transform infrastructure and secure data and identities, from the data center to the cloud. CA Technologies is committed to ensuring our customers achieve their desired outcomes and expected business value through the use of our technology. To learn more about our customer success programs, visit ca.com/customer-success. For more information about CA Technologies go to ca.com. Copyright 2013 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. acs3864_0513