Rigorous security and good user experience are not opposing goals, says the Palo Alto Network federal field CTO.
The equation for a successful hybrid workforce is straightforward: User experience + zero trust = a seamless digital engagement.
For many federal agencies, although the formula is easy to understand, it’s tough to implement.
But Wayne LeRiche, field chief technology officer for federal civilian at Palo Alto Networks, advises organizations to lean into secure access service edge (SASE) capabilities to more easily decode this problem.
“As far the user experience and really tapping into that, what we’re finding is there’s excitement around the tools that we can give to agencies. One thing in particular is something we call ADEM, which is autonomous digital experience management,” LeRiche said during Federal News Network’s Workplace Reimagined Exchange 2024.
“Think of it this way: You have the end client; you have the SASE cloud, which is doing the security inspection; and then you have the applications out in the cloud. So the operator of the SASE cloud can actually see, since I have some intelligence on the endpoint, whether the user has a bad Wi-Fi connection or if they have a memory problem on their PC.”
That end-to-end visibility offers IT teams the ability to be proactive about talking to an employee when, maybe even before, the user puts in a ticket, for instance, LeRiche said.
“I can look at the whole path — the network, the internet service provider, the SASE cloud and the application — to see where the problem may actually lie,” he said. “From an operator’s perspective, it makes things easier. “
SASE connects users from anywhere to anything through a secure cloud service that combines software-defined networking and security as a service.
“It’s not just a virtual private network replacement. We’re really doing things from a zero trust perspective, like looking at the actual endpoint device. We can identify a user, but what it does is make sure that user’s device is up to par with the policy,” LeRiche said.
“The other piece is that user, when they roam, it’s transparent to them. They don’t have to log on and log off multiple times. It’s the same kind of motion with their two-factor authentication or Common Access Card. There’s intelligence built into the agent as well as the SASE cloud for them to know, ‘Hey, I’m in the office today. I want to print to this printer,’ and it’s going to just work. I think that’s the big kind of leap that we have here — really providing that user experience so they don’t turn things off.”
Of course, SASE is just one aspect of a zero trust architecture. But it’s a critical one because SASE connects many of the other security features like identity and access management, endpoint detection and response tools, and network and data security capabilities.
“My advice is really to not just look at SASE as a kind of end-all, be-all but really look at the different vendors’ offerings and see how they work in a hybrid environment,” LeRiche said. “You turn your machine on. It’s already connected. That’s the transparency you want. You go to the office. There’s no kind of break in that connection, but there’s some intelligence there to say that you are on the local area network.”
Agencies should investigate different solution options, he recommended, and evaluate how they can fit into their specific environment and enable the best hybrid experience.
Discover more articles and videos now on Federal News Network’s Workplace Reimagined Exchange 2024 event page.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Jason Miller is executive editor of Federal News Network and directs news coverage on the people, policy and programs of the federal government.
Follow @jmillerWFED