As the distributed workforce grows, federal agencies face a broader threat landscape. Bad actors are gaining access to more user credentials than ever before, with their algorithms outperforming humans 1,000 to one. In this new environment, federal agencies must approach security infrastructure comprehensively — considering device, network and data security.
In a recent GCN article, I discuss zero-trust architectures and how they can provide users and devices with secure access to networks and data — regardless of whether a user is on-site or remote, an employee or a third party. I also discuss how the Continuous Diagnostics and Mitigation (CDM) program, established by the Department of Homeland Security, provides the building blocks for zero-trust architectures. But, without a solid foundation to your security program, the building could come crashing down.
Implementing zero trust in distributed environments
Zero-trust architectures rely on real-time data that shows how the user accesses the network, resulting in real-time investigation, detection, and remediation of endpoints to deliver speed, visibility and control.
Agencies often work off stale data that can be days or even months old. To get real-time data for zero-trust access, agencies need their security operations centers and network operations centers on a single platform. They should learn from use cases as they continuously evaluate new and existing threats.
The most urgent focus is on lateral movement detection and blocking of unnecessary rights. Teams can proactively understand what rights users and machines have, then apply that least-privilege model.
Agencies need to reduce complexity with an endpoint management and security platform, so they can start implementing a zero-trust approach. This helps IT teams reduce risk and act quickly to efficiently manage and secure the environment anywhere endpoints exist.