5 Steps to Secure Government Networks

World governments face a tidal wave of sobering news on the cybersecurity front. Reuters claimedin July that Britain was losing the war against cybercrime, and that same month The Hill reported that cybercrime may cost the United States up to $100 billion a year.

Joe Pajer, president and CEO of Thinklogical, has tips for government employees who want to safeguard their data against attack. His company, based in Milford, Conn., designs secure fiber-optic video router and switch systems. Whereas typical LAN environments connect computers to servers and other computers, a keyboard, video and mouse (KVM) system connects a user’s peripheral devices to multiple computers, servers and other equipment.  

---

Photo: Joe Pajer

---

Thinklogical released a white paper this summer with cyberfitness recommendations, which Pajer expanded upon for Government Technology.

1.    System architecture should physically separate the target of the attack from people who threaten it. “It makes sense to have your system behind some physical barrier that people have to be approved to go through,” Pager said. “You certainly don’t want any scenario in which they can use a device to take something out of that room with them.”

2.    System technology should eliminate the ability for others to attack or infiltrate from a distance. Pajer advocates fiber-optic cabling as a more secure option than copper and more difficult for malicious forces to compromise. “If you want to tap into a fiber-optic cable, you must physically touch it and tap into it,” he said. “However, when you do that, there’s a loss of light, and that loss of light can be detected by the equipment, and the equipment will immediately know.”

3.    The system should allow for tight access control. This is a given in any network configuration, but Pajer offered detailed recommendations. Restricting router communication and user access is part of the technique. “You can take that kind of partitioning concept and work it all the way down to restrict each port and each user as to where they can go when they get on that machine,” he said.

4.    The system should automatically and continuously monitor for breaches. According to Pajer, this is relatively easy to accomplish in a fiber-optic environment. “The kinds of things we do watch for are usage patterns and loss of light on the optical fiber,” he said.

5.    The system should be able to withstand attacks and quickly recover from them. Tips in Thinklogical’s white paper include configuring two synchronized parallel routers, so if one fails, the other’s still ready to go.

Pajer declined to discuss specific pricing for KVM deployments, but stated that costs would vary depending on the agency's size and specific needs. Customers pick and choose which aspects of the system they want.

“Not everyone needs them all, but they value different ones for different things,” he said.