February 29, 2024

We are creating some awesome events for you. Kindly bear with us.

Utah, U.S. Secures Shared Data with Encryption

Utah’s Department of Technology Services is encrypting the data it shares internally and externally with other agencies and private entities to combat the rising number of cyberattacks. DTS contracted with Virtru, an encryption company, about five years ago to shore up its enterprise cloud-based email system after finding the administrative tools in its previous solution to be problematic.

Using an outside vendor for encryption makes it harder to perform administrative functions. The vendor had to communicate with its third-party encryption group, which had to authorise a direct discussion, implement the change and then tweak it based on feedback. It became cumbersome to manage encryption when there was a middle man.

Virtru works with DTS’ existing email system, automating the encryption. All users must do is toggle it on or off, depending on the contents of a message. To use it on a mobile device, state workers use an app to encrypt and decrypt messages.

Utah’s 26 agencies have different needs for encryption. Certain agencies in the state require all messages to be encrypted, so they put a couple of email gateways in place to say if any email communications are going from this group to any other party in the state or externally, it has to be encrypted. Other agencies tried that and found it problematic.

Users can set a default for the percentage of their emails that must be encrypted to adjust for that or they can just turn it on or off. To ensure that someone doesn’t forward sensitive content, encryption makes the information readable only by the intended recipients.

After everyone is comfortable with encrypted email, DTS starts talking about expanding the service to other datasets, such as documents created as part of collaborative projects or archived data. Virtru’s encryption can be integrated into specific workflows such as email, file sharing and the internet of things. It’s important for information stored in cloud networks but also for organisations such as state agencies that need to share sensitive data, such as criminal justice, health or payment information.

They also aim to collaborate with thousands of external organisations, so the states need to embrace the cloud, move sensitive data into these cloud systems and then share data with third parties while always maintaining control over that content.

In Utah, an ongoing challenge is ensuring that encryption is seamless for users. For example, one system requires them to log in with two-factor authentication, but if they are using a new device, it asks for additional security information. It is a safeguard against bad actors acquiring someone’s credentials, but it happens in the background and is triggered only when necessary. Adapting to encryption takes some cultural change. Workers need to be aware of what is happening to smooth the transition process.

According to the recommendations of the National Institute of Standards and Technology (NIST), many threats against end-user devices could cause information stored on the devices to be accessed by unauthorised parties. To prevent such disclosures of information, particularly sensitive data, the information needs to be secured.

Securing other components of end-user devices, such as operating systems, is also necessary, but in many cases, additional measures are needed to secure the stored information. The primary security controls for restricting access to sensitive information stored on end-user devices are encryption and authentication. Encryption can be applied granularly, such as to an individual file containing sensitive information, or broadly, such as encrypting all stored data.

The appropriate encryption solution for a particular situation depends primarily upon the type of storage, the amount of information that needs to be protected, the environments where the storage will be located, and the threats that need to be mitigated. When selecting a solution type, organisations should consider the range of solutions that meet the organisation’s security requirements, and not just the solution type that is most commonly used.

PARTNER

Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.

PARTNER

CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.

PARTNER

Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.

SUPPORTING ORGANISATION

SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.

PARTNER

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 

PARTNER

IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.

Send this to a friend