A solid identity, credential and access management system is crucial to zero trust and to digital transformation in multicloud environments. Luckily, agencies a...
What’s more, as new applications proliferate and operate throughout a hybrid cloud environment, having a sound approach to identity and access management has become increasingly critical, noted Sean Frazier, federal chief security officer at Okta.
The highly mobile nature of the U.S. military workforce, compounded by a civilian DoD workforce that’s become more hybrid with respect to telework and remote access, only adds to the urgency, Frazier said during Federal News Network’s second annual DoD Cloud Exchange.
“We need to think about how we move to a dynamic workforce where we can still enable the enterprise users to access things from anywhere, at any time,” he said. “Being able to build identity constructs and being able to build security around those constructs is super important.”
In fact, Frazier said, solid identity, credential and access management (ICAM) is the fundamental requirement in building new digital systems.
“Nothing really happens until somebody or something asks for access to something,” he said. “That’s always an identity conversation, being able to prove that the person asking for access to the data is really that person.” That “person,” Frazier adds, could be another application, such as an artificial intelligence program, or any of a myriad of nonhuman internet of things entities.
Two qualities, Frazier said, must exist in the architecture of an effective ICAM system:
Facial recognition and other biometrics have proven reliable authentication factors, but they raise privacy concerns. Frazier said the approach taken by Apple and other device makers holds promise for DoD. Namely, store the biometric factor on the device and not in a database somewhere, which shifts that element of device validation off the network.
With cloud computing and digital transformation progressing hand in hand, DoD agencies should look to cloud-hosted ICAM solutions rather than building the capabilities themselves, he advised. A cloud-hosted ICAM, in which the vendor keeps applications and servers patched within the Federal Risk and Authorization Management Program (FedRAMP), is an important element in achieving a zero trust environment, Frazier said.
“We’ve been talking about the ‘what’ of zero trust for five or six years. Now, we need to focus on the ‘how,’ ” he said.
What that means is that DoD organizations (and many civilian agencies) aren’t starting their zero trust efforts from scratch, Frazier added. Because of that it makes sense for agencies to stand up tiger teams to assess where they are on their zero trust roadmaps and then build from there, he recommended.
To listen to and watch all the sessions from the 2022 Federal News Network DoD Cloud Exchange, go to the event page.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Federal Chief Security Officer, Okta
Host, The Federal Drive, Federal News Network
Federal Chief Security Officer, Okta
Sean Frazier is Federal CSO at Okta. In his role, Sean acts as the voice of the CSO for Okta's federal business. Prior to joining Okta, Sean spent more than 25 years working in technology and public sector security for companies such as Duo Security, Netscape, LoudCloud/Opsware, Proofpoint, Cisco & MobileIron. Sean has helped lead numerous projects used by the Department of Defense and Intelligence Community, including the Fortezza Crypto Card, Defense Messaging System (DMS) and many others. He also has extensive experience in identity and public key infrastructure (PKI), network, applications, mobile and IoT. Sean has testified in front of the U.S. Senate Homeland Security and Government Affairs Committee on the importance of public/private partnership in protecting the nation’s digital infrastructure. Sean also advises public/private partnership working groups including ACT-IAC, ATARC and many others.
Host, The Federal Drive, Federal News Network
Tom Temin has been the host of the Federal Drive since 2006 and has been reporting on technology markets for more than 30 years. Prior to joining Federal News Network, Tom was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines. Tom also contributes a regular column on government information technology.