Stan Lowe, global chief information security officer at Zscaler, wrote in a commentary published Monday on FCW that adopting Trusted Internet Connection 3.0 guidance, zero trust and Secure Access Service Edge models could help ensure security as they move to the cloud and modernize their information technology infrastructure.
Lowe noted that the Cybersecurity and Infrastructure Security Agency’s TIC 3.0 guidance could offer agencies greater flexibility and an opportunity to transition into hybrid cloud environments.
“Rather than focusing on a physical network perimeter that no longer exists, the guidance recommends considering each zone within an agency environment to ensure baseline security across dispersed networks,” he said of TIC 3.0. “As agencies continue to support a remote and distributed workforce, this security approach will be critically important.”
Lowe said more agencies seeking to support telework and provide employees secure access are implementing the zero trust model, which allows agencies to grant access based on the principles of identity, data, device and location.
“As agencies adjust their security perimeter to protect users and data across multiple clouds, data centers, and remote locations, they will need to provide access based on user identity through a zero trust security model,” he wrote. “This reduces the complexity of multiple interfaces and delivers a better user experience.”
Lowe also discussed how the SASE framework could help agencies support their remote employees while ensuring the security of their data and internal applications.