3. Are we enabling flexible deployment for instant and seamless expansion?

              A cloud-based zero trust service can provide a scalable environment without placing a significant burden
            on the IT team.  Agencies can start with an initial use case and transition from broad policies to more
            granular and specific policies as they go.  And, many Federal agencies already have elements of zero
            trust  in  their  infrastructure,  such  as  endpoint  management,  Continuous  Diagnostics  and  Mitigation,
            software-defined networking, micro-segmentation, and cloud monitoring.  Once zero trust access is fully
            operational, decommission VPN access for the group, then iterate as necessary.

            4. How are we providing comprehensive visibility and troubleshooting that enables rapid user-
            issue resolution?

            In a legacy environment, you can’t protect what you don’t know is there.  A disadvantage of legacy
            solutions is that data is often distributed across the environment, and agencies often use complex tools
            with multiple interfaces, methodologies, and terminologies.  This creates a higher likelihood that bad
            actors could be hiding in the background, hoping to be overlooked.  Zero trust provides IT administrators
            with a single pane of glass view to manage, administer, and log users in one place.  Administrators will
            have full visibility and control into the distributed environment.

            5.  How  do  we  reduce  security  and  remote  access  infrastructure  maintenance  requirements?

            Appliance-based remote access solutions constantly need updates on firmware, software, security, and
            policies to keep up-to-date with technology and advancing security risks.  A cloud Software-as-a-Service
            model greatly reduces management and upkeep.  This can free up time for agencies to focus on more
            critical mission needs along with improving their policies, instead of patching security holes.


            6. What will ensure scalability for future COOP scenarios?
            Legacy remote access solutions, such as VPNs, may require adjustments to bandwidth, throughput, or
            additional technology adoption to scale to meet operational needs.  Many agencies’ initial reactions to
            the  current  crisis  have  been  to  grow  capacity  by  implementing  new  infrastructure  or  adding  new
            appliances.  But, a cloud-native capability is the only solution that can easily scale up and down as
            needed when future COOP scenarios arise.

            Cloud-delivered zero trust SASE models will transition security from network-centric controls and remote
            network  connectivity  to  user-centric  and  application-centric  security,  designed  to  support  highly
            distributed teams working beyond the traditional network perimeter.


            One thing we’ve learned from these past months is that every agency needs a systematic process to
            evaluate telework health.  These questions and review processes will create a stronger, more resilient
            government that can keep employees safe, productive, and focused on delivering citizen services.












            Cyber Defense eMagazine –July 2020 Edition                                                                                                                                                                                                                         126
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.