Page 126 - Cyber Defense eMagazine for July 2020
P. 126
3. Are we enabling flexible deployment for instant and seamless expansion?
A cloud-based zero trust service can provide a scalable environment without placing a significant burden
on the IT team. Agencies can start with an initial use case and transition from broad policies to more
granular and specific policies as they go. And, many Federal agencies already have elements of zero
trust in their infrastructure, such as endpoint management, Continuous Diagnostics and Mitigation,
software-defined networking, micro-segmentation, and cloud monitoring. Once zero trust access is fully
operational, decommission VPN access for the group, then iterate as necessary.
4. How are we providing comprehensive visibility and troubleshooting that enables rapid user-
issue resolution?
In a legacy environment, you can’t protect what you don’t know is there. A disadvantage of legacy
solutions is that data is often distributed across the environment, and agencies often use complex tools
with multiple interfaces, methodologies, and terminologies. This creates a higher likelihood that bad
actors could be hiding in the background, hoping to be overlooked. Zero trust provides IT administrators
with a single pane of glass view to manage, administer, and log users in one place. Administrators will
have full visibility and control into the distributed environment.
5. How do we reduce security and remote access infrastructure maintenance requirements?
Appliance-based remote access solutions constantly need updates on firmware, software, security, and
policies to keep up-to-date with technology and advancing security risks. A cloud Software-as-a-Service
model greatly reduces management and upkeep. This can free up time for agencies to focus on more
critical mission needs along with improving their policies, instead of patching security holes.
6. What will ensure scalability for future COOP scenarios?
Legacy remote access solutions, such as VPNs, may require adjustments to bandwidth, throughput, or
additional technology adoption to scale to meet operational needs. Many agencies’ initial reactions to
the current crisis have been to grow capacity by implementing new infrastructure or adding new
appliances. But, a cloud-native capability is the only solution that can easily scale up and down as
needed when future COOP scenarios arise.
Cloud-delivered zero trust SASE models will transition security from network-centric controls and remote
network connectivity to user-centric and application-centric security, designed to support highly
distributed teams working beyond the traditional network perimeter.
One thing we’ve learned from these past months is that every agency needs a systematic process to
evaluate telework health. These questions and review processes will create a stronger, more resilient
government that can keep employees safe, productive, and focused on delivering citizen services.
Cyber Defense eMagazine –July 2020 Edition 126
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.