How the federal government can tackle its on-prem sensitive data dilemma

COMMENTARY | The new cyber battleground isn’t just in the cloud — it’s also in legacy on-prem servers teeming with forgotten data that are ripe for exploitation.

In April, cybersecurity experts and Microsoft issued urgent warnings following a surge in attacks targeting critical vulnerabilities in on-premises Microsoft Exchange and SharePoint servers, both widely used by the federal government. According to recent reports, threat actors have been actively exploiting these vulnerabilities, using sophisticated techniques such as NT LAN Manager (NTLM) relay attacks, web shell deployments and server-side request forgery (SSRF).

Experts are also warning that unchecked data retention is creating significant risks for government agencies, even as federal digital transformation initiatives continue to accelerate. Consequently, storing sensitive data on on-premises systems leaves it especially vulnerable to cyberattacks, as these systems often lack the advanced security and continuous monitoring found in cloud-based solutions. 

Moreover, with data serving as the primary fuel for ...