NIST, CISA Leaders Talk Cloud Security, Access Mgmt Needs for Telework Settings

Matthew Scholl, computer security division chief at the National Institute of Standards and Technology, said that agencies should assess user access and identity management controls as the government continues to implement telework, Nextgov reported Monday.

Scholl told attendees at a webinar hosted by Venable LLP that agencies must examine their use of trust algorithms and cryptographic management techniques as well as data loss prevention settings in a virtual private network.

He also cited the benefits of using zero-trust architectures and cloud computing for virtualization and network segmentation.

“We want to ensure that in these quick migrations that we’ve done, that we fully understand both the positives as well as some of the assumptions we’ve made about our security,” said Scholl.

“This is really the first time that everyone is sprinting in the same direction to really make a big change when it comes to cloud adoption,” noted Michael Duffy, director of the Cybersecurity and Infrastructure Security Agency during the event.

According to Scholl, agencies must make sure to follow-up with cloud providers with regards to security protocols and potential migration issues.

Check Also

Department of Energy

DOE Selects Projects Under Competitive Research Program

Thirty one research projects will receive $21M in funds through a Department of Energy effort that aims to develop capabilities in underserved regions within the U.S.