FB pixel

US federal agencies shift focus from perimeter to data to implement zero trust

US federal agencies shift focus from perimeter to data to implement zero trust
 

Data is the new security perimeter. That notion is the foundation of a new document from the U.S. executive branch on how agencies can adopt zero-trust cybersecurity practices.

The draft Federal Zero Trust Data Security Guide is a 42-page report that tells federal agencies how to define and secure the data they hold. More than 30 federal agencies and department participated in its development. The guide is accompanied by a 28-page volume of appendices that address how agencies can implement the guidance in their operations.

Cybersecurity Executive Order 14028 directed the move towards zero trust led to OMB M-22-09, on “Moving the U.S. Government Towards Zero Trust Cybersecurity Principles.” That memo mandated federal officials to develop the Zero Trust Data Security Guide.

The guide’s release comes just ahead of the November 7 deadline for federal agencies to submit their zero-trust implementation plans to the Office of the National Cyber Director and the Office of Management and Budget.

The new guide begins with a case for the importance of data management for zero trust security, and an elucidation of zero trust data security principles.

Federal bodies are instructed to set up a data inventory and a data catalogue. The data catalogue is a distinct document to help users find a particular data asset, the companion document explains.

The guide also sets out essential identity, credential and access management (ICAM) practices, stating the importance of continuous monitoring, authentication, identity federation and single sign-on (SSO) systems.

The importance of access controls based on users’ role, attributes and context is explained, and the role of security operations centers in vulnerability monitoring and response is set out.

A section on data management has not yet been developed, and is left blank.

The appendix on ICAM notes the importance of the identity assurance levels (IALs) set by NIST in SP 800-63 for identity verification and validation. It also advises implementing the principle of least privilege and behavior analytics and adaptive authentication.

Zero trust adoption is picking up steam, motivated by fear of costly breaches, deepfakes and synthetic identities, but the U.S. is behind the curve, according to survey results released earlier this year by Ponemon and Entrust.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

IntelliVision censured for misleading biometric accuracy and bias claims by FTC

The U.S. Federal Trade Commission has slapped IntelliVision with a consent order to halt claims about the accuracy of its…

 

DHS seeks wired interconnection for mobile devices to secure biometric data

The Department of Homeland Security (DHS) is spearheading an initiative to develop a wired interconnection cable/adapter that supports secure and…

 

BixeLab offers guidance on engaging APAC digital ID market

A series of digital identity verification frameworks, regulations and laws are taking effect across the Asia-Pacific region, presenting a sizeable…

 

Unissey first to receive Injection Attack Detection certification

Liveness detection from Unissey has become the first to achieve compliance certification under the Injection Attack Detection (IAD) program as…

 

Dominican Republic biometric passport plans advance, supplier to front costs

The Dominican Republic is preparing to launch its biometric passports with embedded electronic chips to replace the machine-readable version, with…

 

Ghana upgrades to chip-embedded passport for enhanced security

Ghana has rolled out an upgraded version of its passport which is embedded with a microprocessor chip containing the holder’s…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events