Cybersecurity and Modernization
Why security hinges
on interoperability
The U.S. Air Force provides a model for organizations that want to modernize across the enterprise
Aubrey Merchant-Dest
Federal CTO, Symantec
an Office 365 environment, then leave that environment to access an on-premises legacy application. A software-defined perimeter based on zero trust can provide that granular access by verifying identity and role before allowing access to an application infrastructure. And it can extend an agency’s on-premises security controls into the cloud.
Bringing together a community of vendors
In most segments of IT — such as networks,
THERE IS NO shortage of tools to address the demands of an increasingly complex security environment. However, individual tools typically solve a particular problem, and they often add to the broader challenge of trying to manage too many tools with overlapping capabilities.
When IT teams evaluate solutions on a tool-by-tool basis, it is difficult to build a strategy for risk mitigation. And although advances in automation and machine learning are making it possible to identify and take action against threats in real time, making the most of the technology requires tools that work together across the entire IT ecosystem.
We need more innovation around reducing tool complexity so that on- premises environments can work seamlessly with cloud, mobile and internet-of-things environments. By consolidating tools in the direction of standards and interoperability, we can drive down costs, reduce operational complexity, improve agencies’ security posture and ultimately build a foundation for taking advantage of automation.
Using zero trust to facilitate mobility
Mobility has been instrumental in improving the productivity and effectiveness of the government workforce, but it is also adding to the complexity of IT systems and the challenge of securing them. To achieve the efficiency and agility associated with cloud technology, employees must be able
to access resources from whatever device they’re using and from any location.
The combination of a mobile workforce
and the move to the cloud is dissolving
the network perimeter and driving the adoption of zero trust. It is not an individual product but a platform and a discipline.
It allows agencies to implement a security architecture that controls access to web, cloud and on-premises applications by using built-in intelligence to enforce a dynamic security policy based on the user, the device, the geographic location and other factors.
However, zero trust hinges on interoperability. A typical employee might use a smartphone to securely connect to
davooda/Shutterstock/FCW Staff
S-14 SPONSORED CONTENT