The National Security Agency is looking to avoid future data leaks to potential insider threats as the agency migrates to GovCloud by adopting “baked-in” security measures that control access to data, Nextgov reported Sunday.
“While putting data to the cloud environment potentially gives insiders the opportunity to steal more, by focusing on securing data down at cell level and tagging all the data and the individual, we can actually see what data an individual accesses, what they do with it, and we can see that in real time,” Lonny Anderson, NSA chief information officer, told the publication.
Frank Konkel writes that GovCloud will also automate the review and flagging of suspicious user behavior, compared to the previous manually reviewed system that Anderson said could have allowed Edward Snowden to escape detection in 2013.
Anderson added that GovCloud will also support information analysts as they perform queries on data as well as automate compliance with various mandates and regulations.
Konkel reports that NSA is in the process of moving users, data repositories, applications and tools to the cloud.
“One of the challenges we have had to work through is mixing new features and making sure there is no break in service for existing features analysts depend on,” NSA cloud strategist Dave Hurry told Nextgov.
Hurry noted that the agency is also training analysts to work in the cloud to boost analysis and analytics work and speed up time to market, the report said.