Jeanette Manfra, director for government security and compliance at Google, wrote in a Nextgov article published Monday that government agencies should consider transitioning from perimeter-based government clouds to cloud environments based on zero-trust framework as more employees telework during the COVID-19 pandemic.
Manfra, former assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, discussed the difference between “gov clouds“ and commercial cloud platforms.
“New features are introduced daily into commercial clouds“”and often on-the-fly. But because government clouds are run through specialized, standalone data centers, they can have up to an 18-month lag time in receiving new features,“ she wrote. “This greatly impacts the government's access to critical new technologies, whether it's data analytics, artificial intelligence and machine learning, and even new security protections.“
Manfra called on agencies to adopt cloud platforms that implement a zero-trust approach to cybersecurity. “Zero trust removes the requirement of building a perimeter because users aren't even trusted when they're inside the fortress. Under perimeter-based models, that's usually when they do the most damage,“ she noted.