Paperless Innovations considers human resource-driven information technology provisioning as a best practice in the federal government as agencies look to implement zero trust approach to network modernization.
The company said identity is among possible sources of security threats to cloud applications and highlighted it as “the first pillar of zero trust” because continuous user authentication and identity-based risk assessment are necessary for the model.
Paperless Innovations recommends HR-driven IT provisioning through PIV card authentication. According to the company, the practice leverages cloud software-as-a-service applications in an effort to accelerate the launch of IT platforms with “built-in identity awareness.”
“PIV enablement provides an authentication method that allows our government customers to ensure the validity of every login to our Actus Procurement Automation,” said Mike Tocci, president of Paperless Innovations. “Single sign on through PIV allows our customers a baseline of security.”
The company cited an Office of Management and Budget memorandum that focuses on moving the U.S. government toward zero trust cybersecurity principles. The memo lists strategic goals that align with the five complementary areas of effort or pillars identified by the Cybersecurity and Infrastructure Security Agency: identity, devices, networks, applications and workloads, and data.