Technology is quickly becoming a keystone in connecting vulnerable groups to social support. Following the 2010 Haiti earthquake, Google developers came up with a “Google People Finder” to help those affected in the disaster connect with their loved ones.

In the age of information, social support from governments can more quickly reach people in need, through innovations like cloud computing and AI. However, as citizens’ personal information crosses the wide ocean of the Internet, governments must ensure the data of the most vulnerable are kept secure.

CyberArk investigates how governments may step up on security while reaching out to the vulnerable.

Cutting processing time for unemployment benefits

Covid-19’s brutal arrival in the first half of 2020 tore apart economies, leaving many communities around the world dealing with the aftermath of lockdowns.

In a report from the US Department of Labor, unemployment rates spiked from around four per cent to over 14 per cent during April 2020. Government services were suddenly swarmed with unemployment claims, which reached a total over 33 million by May 2020, reported NBC News.

Cloud and AI were key to overcoming this hurdle. State authorities partnered with Google to implement cloud-based AI tech in exponentially speeding up claims processing. Illinois, for instance, was able to help over a million residents in their unemployment claims in weeks, Google wrote.

High stakes

Although the power of cloud data is an extremely powerful tool, governments and organisations must take key considerations to safeguard citizen data.

Data leaks can be catastrophic, and can cost organisations ridiculous amounts of money. The recent SolarWinds breach was said to have cost the company at least US$18 million, reported Reuters. Cyber attackers will go the mile to find loopholes in exploiting lucrative personal data.

All it takes is a single careless employee and an unsuspecting phishing email to compromise a whole organisation. As cloud adoption booms, hackers can more easily take advantage of misconfigured accounts with excess permissions to burrow deep into an organisation.

Once inside, hackers can give themselves more access to move deeper in the network while remaining undetected. They would then have free reign to access sensitive customer or organisation data.

An IBM study done in 2020 found that cloud misconfigurations caused 19 per cent of all breaches. These also cost much more than other breach types at US$4.41 million on average.

No excess access

How can organisations steer clear of such dangerous and expensive mistakes? Experts from CyberArk recommend six steps to ensure just the right levels of permissions within the cloud.

First, identify the teams and individuals responsible for implementing least privilege strategies. Clear leadership is crucial.

Second, bring the cloud experts into the discussion of cyber strategies. They would know what’s needed and what works best.

Third, map out all the points the organisation needs to protect. Security teams should also map access relationships between accounts to understand potential fault points.

Fourth, remove excess permissions immediately. AI can help to speed up and simplify this process.

Fifth, always start with the strictest permissions. It’s easier to grant them rather than tighten them afterwards.

Finally, conduct timely reviews to clean up unused permissions, so they aren’t allowed to accumulate.

New tech can drastically change the way governments provide support for vulnerable communities. A keen eye needs to be trained on security development, as we start to entrust more personal data with it.

Find out more about CyberArk’s Six Best Practices for Cloud Least Privilege here.