For federal agencies, delivering citizen services efficiently, rapidly and securely is the top priority. Today, the challenge is to continue to deliver and evolve these services with employees (and IT teams) working from home.
The pandemic has shown how much the delivery of citizen services depends on more robust Federal IT architectures – and that there is a need to create more sophisticated defenses against cyber adversaries looking to capitalize on the current crisis.
Enter Zero Trust. This concept has been implemented with success in the private sector and is gaining traction across both civilian agencies and the Department of Defense. Zero Trust is an approach for managing technology risk – you consider who’s connecting to your network, the endpoint device they are using, and the resource and application access they request, and then make a decision whether or not to allow access. In a recent MeriTalk interview, Tanium’s Ralph Kahn discusses Zero Trust, security in the work-at-home era, and federal policies that can pave the way for quicker adoption of better security models.
To better protect themselves, agencies need to understand who is trying to connect to the network, and the various things that person can do if granted access. Having that information gives agencies a more complete picture and an improved ability to assess the risk of the user connecting from the outside.
Single pane of glass
When evaluating access, systems rely on data that shows how the user is accessing the network. Often, this data can be weeks or months old – or inaccurate due to configuration changes or other factors. When determining access, agencies need real-time data to make a risk-based decision. Rather than leverage a complex, disjointed collection of legacy tools, decision makers and cyber defenders need a single platform that integrates endpoint management and security. By taking an integrated approach, you can see the details of the device in question: Who’s using it? Does it have the latest critical patches? Is it compliant? What else is it connected to? This single view effectively breaks down the data silos and closes the accountability, visibility, and resilience gaps that often exist between IT operations and security teams.
Agencies can overcome telework security risks with a platform approach using real-time data and Zero Trust. IT and cyber leaders gain end-to-end visibility across end users, servers and cloud endpoints. The team can identify assets, protect systems, detect threats, respond to attacks and recover from threats, at scale. And most importantly – achieve the real goal – keep missions moving forward and employees productive, working from anywhere.