Hackers are using government contractors to access sensitive information. Are you at risk?
Communications security for government contractors
Even though many government systems may be protected from outsiders trying to access and steal data, the contractors and suppliers they communicate with daily are just as susceptible to attacks. Recent announcements about hackers working through government contractors have exposed new threats to securing government information and weaknesses in some communications platforms.
These hackers get through systems in many ways, including:
- Posing as a meeting attendee
- Tapping into conversations as they traverse the network
- Intercepting files being sent or in storage
- Recording messages and videos from the network
Security for government and defense contractors
Federal, state, and local governments are implementing programs to assure compliance to a minimum set of standards to protect information that travels between contractors and their agencies. Sometimes compliance is not enough. With so many forms of communication required to do business, it is important to make sure all devices and sessions are secure between all participants. Audio meetings, video meetings, messaging and file sharing all need to be protected with multiple security methods.
Here are a few tips to improve security for government contractors:
- Calling through the public telephone network is difficult to secure. However, conversations from secure devices through a cloud service can be protected with standard protocols. The key is to be sure that all audio and video conversations have not only standard encryption but have identity protection and verification of your intended audience.
- Messaging and file sharing also need to be encrypted. Make sure the encryption is end to end for files and messages in transit and at rest. Storage of data should not only include protection of storage locations, but also protection for content and encryption keys. End to end encryption is paramount in securing messaging and files.
- Choose the right products to achieve compliance and advanced security. Government authorized communication and collaboration products have security for protecting conversations with government agencies. Companies with FedRAMP authorization for cloud products have physical and software security compliance allowing contractors to just subscribe and have the federal government approved capabilities protecting them.In many cases this government authorization is not enough. Choose your collaboration service with additional security such as Anti-malware, Data Loss Protection (DLP), Identity proofing (IDP) and Multifactor Authorization (MFA). These are explained in the DIBs security white paper linked below.
- Choose the right partners. Sometimes meeting standards and creating security policies can be overwhelming. Consultants may create difficult procedures or extensive implementation projects. Partnering with Webex by Cisco, the leader in collaboration security and government communication gives you the knowledge and support you need to achieve successful interactions with your government customers. Webex for Government has FedRAMP moderate authorization and Webex for Defense has Impact level 5 (IL5) authorization for achieving active work with the Department of Defense. This platform makes use of the NIPRNet Defense network to communicate with the DOD.
Webex by Cisco has many resources no matter where you are in your security development:
The government and defense contractor security whitepaper provides concise information about products and technologies that meet and exceed strict compliance standards and safely protect communications with government agencies. Click here and learn how to mitigate security breaches when collaborating with the Department of Defense or other government agencies.
To learn more technical information about the Webex by Cisco security advantage, click on this link: pdf
The Webex for Government web page has detailed information about products for meetings, messaging and calling that are compliant with government agencies and provide advanced security. Secure Collaboration | Webex For Government
Call your Cisco Government Sales office or partner for information on how Webex helps you achieve CMMC compliance, a cyber security program being developed by the Department of Defense. 1-888-469-3239
Contact Webex. Click here and contact Webex for additional information on security for government contractors and management of your communications.
Oct 12, 2021 — Niraj Gopal