In the age of the cloud, cybersecurity can no longer be defined by the perimeter of a network.
This has become more apparent than ever as millions of federal workers were sent home last March when the coronavirus and the need to socially distance forced mass telework across the government, with much of the workforce still working remotely today.
In such a model, with personnel logging into applications from remote locations and without the ability to physically identify a user on a network is that person, zero trust is a must.
A zero-trust security architecture is one that users on a network are not trusted by default and instead required to provide credentials and earn authorization, typically with continuous validation, anytime they move around a network.
It’s a concept that’s catching on across the federal government. Outside of being perhaps the most popular buzzword to come out of the mouths of IT professionals in and outside government, nearly half of federal IT executives in a recent survey said their agencies are moving away from traditional network perimeter defense tactics and taking steps to adopt identity-centered, or zero-trust, security strategies to protect their digital resources.
“By surrounding their data with precision identity and access controls, agencies can better secure their information and improve the user experience for employees and citizens,” says the report, produced by FedScoop and underwritten by Duo Security.
And it’s a journey that agencies will certainly continue on in 2021 as the federal government, regardless of what in-office work looks like when the pandemic subsides, operates more and more decentralized networks with users accessing data and services from the edge.
This special report, which will be updated in the weeks following its initial publication, will explore the evolution of cybersecurity in government through the vector of zero trust and what agencies are looking to next on this journey.