The concept of zero-trust architecture has been around for a long time, yet many agencies still struggle to put it into practice. The problem is that ZTA is not a specific solution but a system-of-systems approach to securing the network environment. And that environment is complex, encompassing both advanced cloud solutions and aging legacy technology. When it comes to aligning their systems with the pillars of ZTA, the pieces just don’t fit together.
What’s missing is observability. ZTA is based on the assumption that the network has already been breached and that the task is to contain and mitigate that threat. To do so, agencies need to look across the network environment and identify and diagnose issues, as well as anticipate future problems and optimize performance. That’s what observability provides.
“Observability is a key component of a greater zero-trust architecture, because it’s the platform that provides visibility and analytics of the entire IT environment,” said Brian Chamberlain, Business Development Manager at SolarWinds Federal.
Another key element is the concept of Secure by Design, said Travis Galloway, Senior Advisor for Government Affairs at SolarWinds, which has embedded Secure by Design principles into its own culture. “It’s an approach we took to creating technology and software systems and building security in from the very beginning of the development process, and not on the back end of it,” Galloway said.
In this video interview, Chamberlain and Galloway discuss how observability and related capabilities can help agencies make progress on ZTA. Topics include:
- Key frameworks and policies that should guide zero-trust initiatives
- The principles of a Secure by Design approach
- Best practices in modernizing with observability in mind
Leave a Reply
You must be logged in to post a comment.