CDE14 WHITE PAPER Laserfiche


[PDF]CDE14 WHITE PAPER Laserfiche - Rackcdn.comhttps://afd34ee8b0806295b5a7-9fbee7de8d51db511b5de86d75069107.ssl.cf1.rackc...

0 downloads 93 Views 513KB Size

A WHITE PAPER FROM

The Next-Generation Government Portal Optimizing Your Web Presence Through Secure, Reliable, Mobile-Friendly Services

Despite the opportunities government Web portals present, many state and local agencies are not maximizing their full potential. A CDG survey found poor user experience and security were top challenges preventing agencies from optimizing their portals. To overcome these hurdles, agencies need a solution, such as a cloud-based content delivery platform, that is designed with security in mind and meets user expectations for access anytime, anywhere and on any device.

This white paper discusses the key challenges to offering high-quality Web services and examines proven tactics for building or upgrading a government Web portal to meet employee, citizen and business expectations for security, reliability and mobility.

Introduction Government Web portals are the digital equivalent of a city hall, county agency or state office, where constituents and business owners can do everything from paying parking tickets, filing taxes or applying for health insurance to viewing legislative sessions or obtaining information in a public emergency. Despite the opportunities government Web portals present for better service, lower costs and greater transparency, many state and local agencies are not maximizing the full potential of their self-service websites. In a recent survey of IT professionals in state and local government, respondents indicated their top priorities for the coming year were increasing the number of online services to citizens and businesses (56%) and improving mobile access (45%). However, respondents cited poor user experience and security as their top challenges in meeting these goals and moving their websites to the next level.1 To overcome these hurdles, agencies need a solution that is designed with security in mind and meets user expectations for access anytime, anywhere and on any device. In many cases, a cloud-based content delivery platform can help an agency achieve its goals quickly and cost effectively.

What are your agency’s priorities when it comes to your Web offerings? Increasing the number of online services

56%

Improving accessibility from mobile devices

45%

Implementing open data, dashboards and data visualizations

35%

Improving user personalization

25%

Pushing more applications to the cloud

23%

Accepting or disbursing secure payments

21% 19%

Offering more multi-media Source: CDG E-Government and Web Services Survey, May 2015

2

The Next-Generation Government Portal

This white paper describes the key challenges to offering high-quality Web services and examines proven tactics for building or upgrading a government Web portal to meet employee, citizen and business expectations for security, reliability and mobility.

The New City Hall State and local governments are under pressure to provide more services and better support to individuals, communities and businesses. Whether at the municipal or state level, agencies can do their jobs faster, cheaper and more efficiently by putting government services at the public’s fingertips. The following drivers are creating a new urgency when it comes to providing Web-based services.

Digital Government Mandates Digital government mandates and initiatives range from reducing paperwork, maximizing data use, and increasing accountability and transparency to changing the culture of customer service, expanding telework programs and promoting “mobile first” initiatives. The U.S. government, for example, now requires federal agencies to mobile-enable at least two priority customerfacing services. State and local governments are following suit with their own initiatives, resulting in innovative services such as Delaware’s Hunter and Trapper mobile application, which allows hunters to easily obtain permits and register their activities to meet legal requirements for hunting and trapping in the state.2

Limited Resources Even though budgets are beginning to increase, they are still not close to their pre-recession levels. Because of this, agencies need to do more with less, and in an increasingly customer-centric culture, they must do it better. They can no longer afford to allocate staff and other resources to processes that can be more efficiently and conveniently fulfilled using a self-service application. They need to free up their workers’ time to address more complex issues and provide more advanced services.

Changing Workforce In the CDG survey, nearly 80 percent of respondents agreed their workers need 24/7 online access to Web applications to do their jobs. Whether

in the office, in the field or at home, government employees — firefighters, food safety inspectors, first responders, educators, police officers, administrative staff and more — increasingly use mobile devices to access applications. As federal, state and local governments continue to adopt telework programs, remote access to Web applications will become even more important for sharing information and maintaining productivity.

Public’s Demand for Speed, Reliability and Convenience Today’s citizens expect to access government services 24/7 and from any device. These services must offer the same functionality and operate at the same performance levels as enterprise and e-commerce services. Although users of a government Web portal do not have the option to “shop elsewhere” if they have a bad experience, they may still behave like e-commerce consumers surveyed in a recent study. According to the survey, more than 20 percent of users leave for good if they experience problems with a website; 45 percent are less likely to visit again; and 35 percent will have a negative perception of the organization.3

Ubiquity of Mobile Devices and Wi-Fi More people than ever before are using mobile devices. According to a survey by Pew Research Center, nearly two-thirds of adults in the United States now own a smartphone, and 19 percent depend — for one reason or another — on their smartphone for accessing online services.4 Forty percent of respondents in the same survey reported they use their smartphone to look up government services or information. Mobile-friendly Web portals not only help address issues of digital equity, they also create opportunities for government to serve citizens in new ways. For example, travelers can reserve campsites or find nearby points of interest; commuters can get information about traffic jams or road construction; and citizens can locate Red Cross shelters and alternative fueling stations during an emergency.

Pushing Open a (Slightly) Stuck Door Although many state and local agencies are eager to open their digital doors to citizens, a number of persistent challenges have prevented them from expanding Web

Quick Tip:

As federal, state and local governments increasingly adopt telework programs, remote access to Web applications will become even more important for sharing information and maintaining productivity. services and fully leveraging their portals. The top three challenges cited in the CDG survey were poor user experience (48%), security (39%) and lack of personalization (35%). To overcome these challenges, government agencies can take the following steps.

Improve reliability, delivery and scalability. It doesn’t matter how good the content is or how well applications address a particular need; if users cannot reliably access a Web page and quickly load content, they will likely abandon the portal before it reaches its full potential. As a frame of reference, consider that almost half of e-commerce consumers expect a Web page to load within two seconds.5 To match the availability and performance levels of commercial websites, agencies need highly available connections, regardless of a user’s location; rapid page loads (as a function of network routing and bandwidth); and flexibility (i.e., scalability) to meet rapid

The Top 5 Online Services Challenges Poor User Experience

48%

Security

39%

Lack of Personalization

35%

No Return on Investment/Costs

33%

Poor Performance and Slow Speed

27%

Source: CDG E-Government and Web Services Survey, May 2015

3

fluctuations in traffic volume (e.g., during elections, public emergencies or televised events).

Provide consistency and personalization. Nearly 70 percent of respondents in the CDG survey said a consistent user experience across multiple locations and devices is an unmet need. In addition, 69 percent of respondents agreed their constituents expect them to deliver a personalized Web experience. Some government organizations have an ad hoc approach to Web applications and user interfaces. A consistent look and feel — including visual design, functionality, interactions and overall tone of voice — across Web applications and devices helps users recognize a

Not-So-Responsive Web Design According to Forrester Research, responsive Web design (RWD) compromises performance in mobile environments by ”forcing devices to download more content than they will display” and ”making excessive server calls.”6 These negative attributes compound other challenges inherent in mobile applications. For example, cellular connection speeds are slower than broadband speeds, and mobile devices cannot match larger devices in terms of memory, processing speed, multi-tasking and other features that impact performance. The good news is mobile performance optimization tools can help address these issues, so agencies can still incorporate effective mobile solutions into their overall Web portal strategy.

4

The Next-Generation Government Portal

legitimate government website, reduces the learning curve for interacting with multiple applications, builds trust and shapes public opinion. It also helps agencies streamline development and quality control. To get the most from a Web portal, government agencies must also offer a variety of relevant applications that can be tailored to an individual user’s location, device, personal preferences, personal data and more.

Accommodate various mobile devices and formats. Agencies have little control over users’ device types, browsers, cellular connections and other factors that impact performance and functionality, yet they must still deliver a positive user experience. Performance optimization tools can help. In addition, agencies can provide content in a format that is easily readable by the user’s device. States such as Alabama, California, Maine, North Carolina and Rhode Island7 are using responsive Web design (RWD) for their Web portals, so mobile users can easily view content on virtually any screen. With RWD, a Web application sends the same content to every device but includes information that allows each device to adapt and present the content in the best format. When implemented properly, RWD can be a boon to developers; however, RWD can also exacerbate mobile performance issues (see sidebar “Not So Responsive Web Design” to the left).

Ensure security and compliance. With the right security mechanisms, state and local governments can offer a broad range of services through their Web portals — from exchanging confidential personal records to accepting or distributing payments. However, recent headlines illustrate the damage that can occur when security measures are incomplete or not implemented correctly. The U.S. Internal Revenue Service (IRS) reported that thieves exploited its popular Get Transcript online application to potentially gain access to approximately 300,000 taxpayer accounts.8 The U.S. Army’s website was temporarily taken over by cyber vandals who denounced the military.9 And, in Canada, a distributed denial of service (DDoS) attack brought down the government’s portal for general services, as well as a number of other high-profile government websites.10 To maintain dynamic, reliable Web services, agencies must incorporate multiple layers of security into their portals.

Creating a Secure, Reliable Portal for Web-Based Services Although security and a positive user experience are essential ingredients for a thriving Web portal, many state and local governments do not have the technology, staffing and other resources required to address these goals. They are finding that cloud-based applications and services are an effective way to meet the current and long-term needs of a government Web portal. In the CDG survey, nearly 60 percent of respondents expect to increase their use of cloud-delivered Web applications in the coming year. While 45 percent cite cost savings as their top reason for doing so, other important drivers include IT infrastructure challenges and improved security, speed, performance and scalability.

Positive User Experience — Anywhere, Anytime, On Any Device A positive user experience starts with a services delivery platform that can load Web pages quickly and reliably onto any device, even under peak conditions. Many agencies do not have this foundation. They may not have enough servers to deliver content to all the areas they serve, and even if they do, they usually rely on a network of Internet service providers to route the content, which can result in slow service when Internet traffic is heavy. A cloud-based content delivery network (CDN) resolves these issues and is an ideal solution for government Web portals, especially if organizations want to reach remote workers, mobile device users and others who may be accessing services from distant locations. A CDN is a geographically distributed network that is specifically designed to deliver high-volume content rapidly, reliably and scalably. It addresses the performance problems associated with traditional networks by scaling bandwidth within its infrastructure and continually optimizing traffic routing. By using its own routing technology and establishing peer relationships with Internet service providers, CDNs reduce the number of “hops” that data makes across the global Internet infrastructure and ensures data travels via the most direct route to its destination. Best-in-class CDNs also offer other features such as automatic conversion of content into the end user’s device format (e.g., smartphone or laptop) and cloud-based solutions for optimizing Web and mobile performance,

streamlining media services and ensuring security. The following solutions should be in the toolkit of any agency that is taking its Web portal to the next level of service: • Web optimization solutions. Organizations can use these tools to enable fast, personalized access to content; optimize the user’s experience based on the device, network and browser being used; and fine-tune the CDN to deliver rich, dynamically generated content as quickly as possible. • Mobile performance solutions. These tools focus specifically on enhancing the mobile user’s experience by accelerating content delivery and optimizing performance. They are especially important for overcoming latency issues associated with cellular networks and RWD. • Media services. State and local governments can use media delivery services to simplify the delivery of high-quality media over the portal (e.g., for video teleconferencing, events and collaboration). These

The Advantages of a Cloud-Based CDN Because a CDN is cloud based, agencies do not have to invest in or maintain the infrastructure, hardware and bandwidth required to deliver Web portal services. Cloud-based services use the Internet to deliver specific IT capabilities as they are needed. This model is particularly important when a government portal offers services that frequently fluctuate in demand or consume a large amount of bandwidth. Cloud-based services have the advantage that they can significantly reduce cost, complexity and deployment time.

5

services are especially important as the number and type of connected devices expand; video and file format options become more complex; and data rates, file sizes and video quality increase.

Security Web portal attacks can occur at the application, network or DNS layer, and many agencies hesitate to offer high-value Web-based services because of security concerns. In the CDG survey, most respondents who do not have Web applications in the cloud cited security concerns as a major barrier. To prevent theft and downtime, comply with government regulations and maintain the public’s trust, state and local governments need a “defense-in-depth” security solution that addresses all layers of portal operation while allowing agencies to flexibly allocate different levels of security depending on the resource(s) needing protection. In determining what to protect and how, agencies should assess and quantify not only the risk associated with not providing adequate security measures, but also the financial, operational and other benefits that would accrue if the Web portal were properly secured. To create a secure Web portal, agencies need to protect or manage: • Network infrastructure from DDoS attacks that hijack other computers to orchestrate an attack that overwhelms a network’s resources • Personally identifiable information (PII) in health, financial and other records • Websites and applications from defacement, hostile takedowns and attacks that divert unsuspecting users to fraudulent sites

Did You Know? In a survey of nearly 600 IT professionals, respondents estimated that Web application attacks in the past year had cost their organizations an average of $1.2 million in incident response and technical support alone.11

6

The Next-Generation Government Portal

• Thousands of heterogeneous mobile devices, which can be used to exploit connections to applications and thereby execute attacks and steal information Because CDNs do not use the public Internet and because access to the CDN platform must be explicitly granted, CDNs add an inherent layer of security to a Web portal solution. However, to fully protect their portal and comply with government regulations, state and local agencies should also adopt a best-in-class, always on, cloud-based security solution that includes the following attributes: • A globally distributed architecture that can survive massive attacks and provide multiple layers of defense before attacks reach the agency’s data center • Proven protection against large (greater than 300 Gbps), extended DDoS attacks as well as smaller, stealthier attacks; scalability is a critical differentiator when seeking a solution; the size, complexity and duration of today’s DDoS attacks can tax the capabilities of even the largest vendors • Protection at the edge of the network against application-layer attacks (e.g., SQL code injections and cross-site scripts) that are used to steal data • Secure sign-on capabilities and secure sockets layer (SSL) encryption to prevent unauthorized access to networks, applications, content and other resources • Web application firewalls (WAFs)  —  optimized for security and performance — to monitor access to applications and protect against internal and external threats • Protection against man-in-the-middle attacks and other attacks on the Domain Name System (i.e., the system that resolves domain names to specific Internet addresses) • A Web-based portal for traffic visibility and real-time monitoring of traffic and suspicious activity • Access to real-time threat awareness, attack intelligence, global trends and other information related to the threat landscape • Mobile device management (MDM) and security tools to ensure mobile devices can be fully integrated into the IT system, comply with government and administrative policies, and access the agency’s resources securely and appropriately

Quick Tip:

Framing the Future Web portals offer state and local governments seemingly limitless opportunities to better serve their community, streamline operations and reduce costs. However, poor user experience, security concerns, and technology and staffing limitations have prevented some agencies from moving to the next level of Web portal services. A state-of-the-art, cloud-based content delivery network, complemented by cloud-based security services, creates the framework for a vibrant Web portal that offers innovative services and helps citizens, businesses and workers securely conduct their affairs anywhere, anytime and on any device. The following steps will help government leaders create a secure, robust, next-generation Web portal that truly answers the need for digital services anywhere, anytime, on any device. • Create a vision of what you want and make a list of goals for accomplishing this vision. • Clearly identify a project owner who keeps the project on track and makes decisions when conflicting objectives and goals arise. • Establish a governance framework for overseeing the project, keeping it on schedule, informing stakeholders, making data-based decisions and so on.

A state-of-the-art, cloud-based content delivery network, complemented by cloud-based security services, creates the framework for a vibrant Web portal that offers innovative services and helps citizens, businesses and workers securely conduct their affairs anywhere, anytime and on any device. • Get stakeholder input. Understand users’ habits and find out what they need. Seek input from those who work with the public face to face, online or on the phone. • Assess the infrastructure’s readiness and security posture, and identify gaps in security, bandwidth, performance and reliability. • Assess available funding and staff resources to determine whether the project requires third-party involvement and/or cloud-based services. • Research potential vendors, keeping in mind not only their technology but also their financial stability, track record of mitigating attacks, customer support and service level agreements. Be sure a vendor can effectively map offerings and their benefits to your agency’s technology needs and business requirements.

Endnotes

1. Center for Digital Government Research Survey of 165 IT professionals in state and local government, Understanding e-Government & Web Services, June 2015. 2. Delaware.gov, accessed Aug. 2015, http://delaware.gov/topics/apps 3. Akamai Technologies, 2014 Consumer Web Performance Expectations Survey, Feb. 2015. 4. Pew Research Center, U.S. Smart Phone Usage in 2015, April 2015, http://www.pewinternet.org/2015/04/01/us-smartphone-use-in-2015/ 5. Akamai Technologies, 2014 Consumer Web Performance Expectations Survey, Feb. 2015. 6. Forrester Research, Optimize Your Responsive Website Performance to Overcome Mobile Hurdles, June 2014, https://www.forrester.com/Optimize+Your+Responsive+Website+Performance+To+Overcome+Mobile+Hurdles/fulltext/-/E-RES115962 7. 5 Surprisingly Great Examples of Responsive Web Design, Feb. 2013, https://www.acquia.com/blog/5-surprisingly-great-examples-responsive-websites 8. CNN, IRS says criminals actually stole data on 330,000 — three times more than previously believed, Aug. 2015, http://money.cnn.com/2015/08/17/technology/irs-data-theft/ 9. Business Insider, The U.S. Army’s website was hacked, June 2015, http://www.businessinsider.com/afp-us-army-website-hacked-officials-2015-6 10. BBC News, Canadian government websites go dark after ‘cyber attack,’ June 2015, http://www.bbc.com/news/world-us-canada-33170534 11. Ponemon Institute, The Cost of Web Application Attacks, May 2015, https://www.stateoftheinternet.com/resources-web-security-white-paper-2015-ponemon-institute-the-cost-of-web-application-attacks.html

7

The Center for Digital Government, a division of e.Republic, is a national research and advisory institute on information technology policies and best practices in state and local government. Through its diverse and dynamic programs and services, the Center provides public and private sector leaders with decision support, knowledge and opportunities to help them effectively incorporate new technologies in the 21st century. www.centerdigitalgov.com

Underwritten by:

Akamai® is the leading cloud platform for helping government agencies and higher education organizations provide secure, high-performing user experiences on any device, anywhere. At the core of the Company’s solutions is the Akamai Intelligent Platform™ providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling government agencies to securely leverage the cloud. To learn more about how Akamai is accelerating the pace of innovation in a hyperconnected world, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.

© 2015 e.Republic. All rights reserved.