An expert’s take on Zero Trust

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Fed Tech Talk’s audio interviews on Apple Podcasts or PodcastOne.

Cybersecurity has changed.  Today, we see porous networks and Virtual Private Networks (VPNs) securely connecting to compromised networks. If the malicious actors are inside the firewall, then how can administrators control their activity?

Back in 2010, the concept of Zero Trust was introduced as a potential answer. As with most initiatives, the devil is in the details. Most of the proposed solutions involve granting access to specific individuals, apps and data. Implementation will have to include a deep understanding of identity.

Head shot of Scott Smith
Scott Smith, managing director, Sila Solutions Group

Scott Smith is the managing director of Sila Solutions Group, and he joined host John Gilroy on this week’s Federal Tech Talk to discuss aspects of identity governance and administration as well as privileged access management.

During the interview, Smith talks about four basic concepts to allow federal information technology professionals to apply the concept of Zero Trust to federal systems. He outlines his thoughts on controlling users, apps, data and the network itself.

One aspect Smith highlighted was the dynamic nature of the identification policy. For example, a person may transfer agencies and have to be reassigned rights and privileges. If that person leaves the government, access must be stopped. What happens when a federal leader travels? Should an identification system grant this person access only from one geographic location?

When it comes to the data on the system itself, some estimates are that 80% of data generated today is unstructured. If the malicious code can be resident, who should have access to that data, and when?

Smith ends the discussion with observations on how analytics can assist in applying Zero Trust in the dynamic federal IT environment.

Copyright © 2019 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.