According to a new Federal Cybersecurity Risk Determination Report, the Office of Management and Budget (OMB) found that “only 55% of agencies limit access based on user attributes and roles, and only 57% review and track administrative privileges*.” The same report identified a consistent and secure identity, credential, and access management (ICAM) program as crucial in the decentralized IT landscape most agencies and organizations manage today.
New guidelines in NIST 800-63-3 enable more flexibility and freedom when designing your ICAM program. But as organizations adopt more cloud-hosted services outside their managed network, how do their security and IT teams protect access without separately managing policies and user access in each service?
One answer is through a zero-trust network methodology, which moves access security enforcement from the network to the application layer. Pioneered by Google in their BeyondCorp initiative and central to Duo’s Trusted Access solution, zero-trust networking can be a key tool in your IT modernization efforts. Join Sean Frazier, Duo Security’s Federal Advisory CISO, on July 26th at 12pm and learn how you can get started on your path to better security through zero trust!
Advisory CISO - Federal
Sean Frazier has spent 25 years in technology; spending most of those years working in cyber security in the public sector with companies like Netscape, Loudcloud/Opsware, Bluebox and Mobileiron.