Government Technology Insider
  • About
  • State & Local
  • Civilian
  • Defense & IC
SUBSCRIBE
No Result
View All Result
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Innovation and Technology to Advance Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
Government Technology Insider
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Innovation and Technology to Advance Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
No Result
View All Result
Government Technology Insider
No Result
View All Result
Home Civilian

Protecting Data at the Source is the Foundation for Zero Trust Success

by Jenna Sindle
December 13, 2021
in Civilian, Cybersecurity, Digital Transformation
Reading Time: 5 mins read
A A
Protecting data
Share on FacebookShare on Twitter

For federal agencies today there are two big challenges: The first is to secure data and the second is to find all the data that needs to be secured. Although industry and agencies have progressed steadily in creating better security, the biggest area of weakness has been protecting data at the source.

Until the advent of Zero Trust architecture, most cyber solutions protect perimeter defenses, but data is most vulnerable in its primary storage systems and online archives, whether it’s in the cloud, at the edge, or in the data center. Now data is everywhere and it’s hard to tell where it’s moving and keep track of where it is stored.  Not only has the historical reliance on perimeter security, been nullified by our data-rich environments, but the rise of the insider threat has also sounded its death knell. For government organizations, not having a data-focused cybersecurity strategy is a matter of national security.

Protecting Data at the Source is a Game Changer

Consider how a bank is set up to protect its money. There are a series of defenses starting outside the building, on-site security guards and many layers of personnel that have varying levels of access to the funds. As you get closer to the money the security increases steadily – hence why banks have sophisticated vaults. Protecting data should be no different. A perimeter only strategy doesn’t work for a bank and it won’t work in the data center either –  particularly because insider threats represent 34 percent of data breaches. Only by creating a chokepoint in front of the data, can we ensure complete visibility and control over every application and user accessing the data.

The New Data “Vault”: A Zero-Trust Approach

Because storage has emerged as the weakest link in the system, a Zero Trust architecture provides greater visibility to prevent breaches. Zero Trust changes the traditional model so that individuals only have access to the data they need, keeping classifications by segment with frequent verifications. This new model puts controls in the data owner’s hands versus the system administrators. The system admin has a lot to surveil and typically doesn’t have all the details, whereas the data manager knows who should have access, who has interacted with the data or who hasn’t in a project. This greater control for data managers allows them to de-escalate privileges or identify compartmentalized data in someone’s personal files which are critical to zero-trust and protecting from insider threats.

Securing unstructured data means adopting a “never trust” and “always verify” mentality, while maintaining the protection and accessibility of that data. The Zero Trust architecture prevents data from being held hostage, stolen, or compromised. The  platform  empowers  organizations  by  protecting  data  where  it  resides  without  the  cost, complexity,  and  security vulnerabilities  of  traditional  bolt-on  software  solutions.

A dynamic defense is the only way to meet the new adversaries. While cybersecurity has traditionally been network focused a solution is data-focused using dynamic controls versus a fixed strategy that is NIST RMF and HIPAA compliant, providing active  defense  and  policy  enforcement  against  unusual data  access is a stronger position.

Getting on the Path to Zero Trust

As federal agencies analyze their existing infrastructure and security measures, there is a specific set of criteria to consider as the foundation for a true Zero Trust infrastructure.

Zero Trust action list:

• Audit user interaction

• Audit admin interaction

• Encrypt data with keys controlled by the organization

• Determine normal user patterns by user type

• Continuously monitor the log and audit data

• Immediately investigate and ask end-user about anomalous behavior

The right system can make this action list easier to manage, with greater visibility and control – deployed in an agency’s enclave or virtually in the cloud. Working with trusted partners with experience of delivering complex solutions for federal agencies further eases the complexities of getting started on the path to Zero Trust success in today’s data-rich environments.

Ready to learn more? You can do that here.

 

Tags: Data SecurityFile storageprotecting data at the sourceViONZero Trust Security

RELATED POSTS

Bolstering Data Security
AI & Data

Bolstering Data Security with Modern Data Management: Part Three of Thinking with a Data-First Mentality in a Digital-First Government

April 28, 2022
Digital-First Government
AI & Data

Shifting to a Digital-First Government: Part Two of Thinking with a Data-First Mentality in a Digital-First Government

April 27, 2022
New approach to Cybersecurity  
Civilian

For Data-Driven Agencies a New Approach to Cybersecurity is Needed

August 12, 2021

TRENDING NOW

  • Advana

    Meet Advana: How the Department of Defense Solved its Data Interoperability Challenges

    8500 shares
    Share 3400 Tweet 2125
  • Network Slicing Enables Agencies to Create Private, Secure, and Customized Networks: A Podcast

    124 shares
    Share 50 Tweet 31
  • CISA Issues Updated Guidance to Protect Federal Agencies Against Expected Onslaught of DDoS Attacks

    32 shares
    Share 13 Tweet 8
  • Identifying the Building Blocks for a Successful Zero Trust Journey

    40 shares
    Share 16 Tweet 10

CONNECT WITH US

Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
MaaS Nebula Software Factory Banner Ad MaaS Nebula Software Factory Banner Ad MaaS Nebula Software Factory Banner Ad
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisment Banner Ad Advertisment Banner Ad Advertisment Banner Ad
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad

BECOME AN INSIDER

Get Government Technology Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Strategic Communications Group offers analytics, content marketing, and lead identification services. Interested?
Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About Government Technology Insider
  • State & Local
  • Civilian
  • Defense & IC
  • Categories
    • Acquisition
    • AI & Data
    • Customer Experience
    • Cybersecurity
    • Digital Transformation
    • Hybrid Work
    • Public Safety
  • Contact Us