Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How the DOT discovered its network was compromised by shadow IT

Kenneth Corbin | Feb. 23, 2017
Finding of hundreds of pieces of unauthorized networking equipment, including many off-the-shelf consumer-grade devices, compelled the Department of Transportation CIO to alert department leadership and launch a rearchitecture of the network.

It was also clear that those security concerns were much bigger than just an IT problem. McKinney says that he initiated a thorough scan of the network and found no evidence that DOT data or systems were compromised, but he also notes that skilled intruders "don't leave a trail of cookies." In any event, McKinney brought his findings to the department's brass.

"I felt like it was potential security vulnerability, and it was my responsibility to tell the political leadership about it," he says. "[It was] not only an eye-opener for us, but also an eye-opener for our departmental leadership."

The shadow IT revelations and the associated security concerns led McKinney to launch a project to rearchitect the DOT's network, an effort that, while still ongoing, has been introducing more centralized controls and clearer segmentation to cordon off the systems of various administrations within the department.

The experience also compelled his office to change the internal processes for introducing new equipment to the network, including a policy directive putting the various DoT administrations on notice that the days of ad hoc, unsecured and unmanaged network expansion were over.

"We also at that point put out policy memos and told the entire department that there will be no adding equipment to the network without going through a formal change-management process," he says. "We had one, but people had been ignoring it."

Now, an alumnus of the federal government, he is preaching a message of network visibility and centralized management.

"I think it's really good to start to make sure you have a clear and complete understanding of your infrastructure and your network, your servers and all your connections to the internet," he says. "I'm a huge proponent of you've got to know what you own, and you've got to manage what you know well."

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.