The Department of Defense is working on security guidance to prepare for cloud deployment once the Joint Enterprise Defense Infrastructure contract is awarded, FedScoop reported Thursday.
“When we were asked to put together the cloud security guidance, the thought was zero trust is a good basis to determine the requirements,†said Paul Jacob, a cybersecurity architect at the office of DoD’s chief information officer.
Jacobs said the forthcoming guidance will address cryptography and require compliance with algorithm policies and identity, credential and access management requirements.
“We’re hoping this helps develop the narrative for zero trust, but it also will force folks to look very hard at their systems in terms of operating safely in the cloud,†he noted.
Defense Secretary and 2019 Wash100 Award recipient Mark Esper and the office of the department’s inspector general are reviewing the potential 10-year, $10 billion JEDI cloud computing contract.
