Joe Bermudez, Senior Engineer at Axonius Federal Systems, has over 12 years of federal cybersecurity engineering experience. He currently supports DoD customers.
The recent zero-trust mandate is challenging federal IT teams to understand their security posture and maintain continuous visibility into their assets and users. This is compounded by a changing workplace landscape, the increased need for user access to software-as-a-services technologies, and the modification or addition of different end-user devices.
Initiatives like the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) Program and Defense Information Systems Agency’s (DISA) Continuous Monitoring and Risk Scoring (CMRS) program aim to be beneficial frameworks for implementing zero-trust practices. However, federal IT teams are still struggling under the weight of the many security and operations tools they use to protect their assets.
What agencies need is a turnkey approach to aggregate all the valuable data housed by the different systems they’ve already invested in and correlate it into actionable intelligence.
Using asset management to build a zero-trust foundation
The Biden administration’s new mandate on zero trust calls for agencies to move swiftly to improve prevention, detection, assessment and remediation of cyber incidents. But as long as all system data remains siloed, agencies will never achieve the visibility required to stay ahead of threats — let alone move toward a zero-trust posture.
When starting the zero-trust journey, I recommend agencies first get a firm grasp on the security baseline and compliance level of their assets.
Long-standing programs like CDM and CMRS are crucial to helping agencies establish a risk-based security approach to threats in their environment. These programs attempt to provide a dynamic approach to security by deriving a quantified, always up-to-date level of risk to articulate and track security compliance.
Adding a modern cyber asset attack surface management (CAASM) platform like Axonius drastically simplifies the task of aggregating and correlating all the necessary data for these programs, and greatly increases the accuracy and modernity of the programs. It also provides deeper visibility into assets and user actions. This puts agencies in a proactive posture to mitigate risks on the network. The combination slingshots agencies toward meeting their zero-trust mandates.
The second area I recommend agencies invest in is greater visibility into users and account access policies. While it remains to be seen how government agencies will navigate hybrid work in the long-term, trends suggest the demand for flexible work capabilities is on the rise. In this age, when agencies are scrutinizing their least-privileged access policies through the lens of zero-trust, they should be absolutely sure that devices are secured — but also that user accounts are adhering to security policies.
Tracking service accounts and administrator accounts can also be a big challenge for agencies. Axonius provides the ability to map out all devices to associated users quickly and easily. It allows agencies to easily monitor the frequency which passwords are modified for accounts, track the last time the account was used and show what devices the account is logged into.
Implementing multi-factor authentication (MFA) and single sign-on technology with an identity and access management solution is critical for agencies. While rolling out MFA to every facet of the agency is a challenge in itself, how well that policy is monitored is just as important. Axonius can constantly verify that the MFA security policy is being followed and flag or take action when it’s not.
How to adopt a stronger zero-trust mindset
There’s no shortage of security threats and vulnerabilities, but the key to building a zero-trust mindset is to close those visibility gaps. Data plays a key role in how those security decisions will be made.
I recommend leaders ask themselves some of these key questions to determine if they have enough visibility into their assets and users. Can you easily and constantly verify:
- That your endpoint agents are deployed and working properly on all your assets?
- How many unmanaged devices are connected to your network, and if they should or shouldn’t be managed?
- That privileged user accounts are following MFA security policies?
- That service accounts are properly used?
- That all your users and devices are adhering to your security policies?
If the answer to any of the questions is no, or I don’t know, you need to take a step back and think about how to increase their level of asset intelligence and move forward on zero trust.
Modernizing the asset inventory approach
The CAASM approach delivers agencies enhanced visibility into assets, users and issues.
Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers gaps and automatically validates and enforces policies. Deployed in minutes, the Axonius solution integrates with hundreds of data sources to give customers the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, automating response actions and informing business-level strategy.
The Axonius platform has more than 350 pre-built integrations into all the management, infrastructure and security tools that agencies already have deployed — and this number is still growing.
These integrations provide the out-of-the-box capability to deliver and maintain an up-to-date credible asset inventory. The Axonius Query Wizard also allows users to build complex queries so they can interrogate their asset inventory from all data sources in one place. From there, agencies can easily analyze their security posture, take automated action via the Axonius Security Policy Enforcement Center and feed this curated and accurate information to risk management systems.
Request a demo to learn more about how Axonius can help your organization address security risks with modern asset management solutions.