If you follow our blog posts, then you’d find us and our clients writing a lot about how IP data can be successfully applied across a number of traditional industries, from advertising to retail and streaming media to publishing. Government, on the other hand, has been one business segment where the benefits of incorporating the use of geolocation and IP data can best be described as more like an “open secret.” However, with cyber and security risks ever increasing, more and more government organizations across all three levels―local, state and national―are now actively looking for more reliable and cost-effective solutions that can be delivered with IP intelligence data.
In recent years, the federal government has published several papers on cybersecurity, including Executive Order 13800 and the follow-on Cyber Risk Determination Report, the Trusted Internet Connection (TIC) paper, and NIST Special Publication 800-53 rev. 4 / National Vulnerability Database (NVD). All are particularly informative as to how cyber initiatives are being considered and managed by the government.
Specifically, NIST 800-53 and the NVD thoroughly address cybersecurity from start to finish, and the applicability of IP intelligence is clear and definitive. Contained within these documents are lists of low-, moderate-, and high-impact security controls. Of particular interest is the list of “High Impact Controls” of which IP intelligence is either directly or indirectly referenced dozens of times. Example references from different sections of NIST 800-53 include, but are not limited to: AC-17 Remote Access, AU-3 Content of Audit Records, IA-4 Identifier Management, PL-8 Information Security Architecture, SC-7 Boundary Protection, and SI-4 Information System Monitoring.
Almost any agency has cyber, security, or controlled-access priorities. Some the typical agencies are those involved with intelligence, security, law enforcement, fraud and investigative missions. Agencies that need targeted notifications as well as geospatial or demographic information or perform network analysis and management are among the most common users. Our government clients include the National Nuclear Security Administration, U.S. Department of Energy, U.S. Department of Justice, Drug Enforcement Administration, and New York State.
Digital Element’s NetAcuity® technology offers accurate and time-relevant information about online entities, users and attack vectors such as location, proxy/VPN and more. By leveraging IP intelligence data, government organizations can proactively employ real-time intelligence about inbound and outbound network traffic; identify location and connection type information; uncover potential threats; and add critical intelligence to the investigation of cyber events. The most popular solutions for government include proxy identification with PulseTM and ZIP+4 geotargeting with PulsePlusTM.
Examples of successful government applications include:
Cyber/anti-fraud: Identify incoming proxy and other circumvention tools used by bad actors or pinpoint the location of an originating IP to help prevent intrusion attempts.
Criminal investigations: Effectively sort through billions of IP and mobile connections for anomalous activity or connection types.
Intelligence community: By setting IP criteria, SIGINT and cyber analytics can be optimized and enhanced by reducing multiple orders of magnitude from billions of IP and mobile data points.
Credential verification: Compare and validate users’ IP information versus supposed origination location or proxy type.
Geofencing for inclusion/exclusion purposes: Set specific permissions or responses based on the location of IP- or mobile-based connections.
Targeted notifications: Alert users, specific geographic locations or system administrators of events based on location, domain or other criteria.
Server/network traffic analysis: Identify and analyze traffic patterns, location and connection types for IP- and mobile-based connections.
Content localization/customization: Allow for geographic, connection type or other criteria to be used to specify information, content or other personalized use cases.
As government organizations build their digital initiatives and bring increasingly more assets into the tech-enabled universe, more departments and agencies can easily and quickly apply IP intelligence to solve multiple cyber challenges on a number of fronts.