Enabling Government to Safely Import Public Data with Zero Trust CDR as a Service
Against a backdrop of austerity and ever reducing budgets, a government organization has implemented a cloud based portal to import citizen data cost effectively and securely.
The government organization is moving toward an internet based portal, enabling citizens to upload information in a more expedient way, as part of an initiative to put people and place at the heart of the service. The organization needs to be certain that their portal couldn’t be used as a “backdoor” to import malware into the organization.
Taking the lead from the national cybersecurity body, they chose Forcepoint Zero Trust CDR as a Service (CDRaaS). It is a true zero trust approach to securing data in the cloud, ensuring documents and images uploaded via their citizen portal are malware free.
“The citizen portal is a potential vector for the introduction of malware. We needed to be certain we had taken every possible step to ensure we were safely importing citizen data into the organisation and that the portal could not become a “backdoor” for malware to get in."
Overcoming Data Risks
The government organization decided to implement their citizen portal in the cloud, taking advantage of the potential cost savings to be gained from having no infrastructure to support and maintain.
However, against the backdrop of many high profile cyberattacks on government using zero day malware, the team needed to be certain that the documents and images being uploaded into the portal, in support of benefit claims, were free of malware.
Mindful of the potential pitfalls, the team asked for advice from their local National Cyber Security Centre.
By integrating Forcepoint CDRaaS directly into their cloud based portal every time a citizen submits a document or image via the portal the service automatically transforms the file in real time. Extracting only the valid business information from it and creating a digitally pure file. The file is verified, the original is discarded, and a wholly new threat free file, formatted to match the original, is placed where it can be accessed and used with confidence.
“We know that zero day malware cannot be detected using anti virus approaches and that it can be concealed in documents and images and uploaded via a portal.”
The Zero Trust Approach
CDRaaS offers a zero trust, security as code, approach to importing data in real time. Serverless and cloud native, it is accessed via APIs built into the portal application, enabling the authority to place complete trust in its data and remove the maintenance and update costs associated with virus scanners. As the service runs in Amazon AWS, with industry leading 99.95% reliability levels, the authority can meet its targets for reliability and availability and the team have confidence that uploads are risk free.
Integrating 'Zero Trust CDR as a Service' has also proven highly cost and energy efficient. Compared to an on premises equivalent, the government organization is seeing savings of over 50 percent per annum in the management of hardware, power and cooling.
The unique way that Zero Trust CDR is delivered via the cloud and built on a serverless model provides risk free data import. Removing the need for updates and maintenance, reducing energy consumption and providing high availability as the application scales effortlessly to cope with peaks in demand. Find out more about how Zero Trust CDR is the right solution for your malware problem.