Matthew Scholl, computer security division chief at the National Institute of Standards and Technology, said that agencies should assess user access and identity management controls as the government continues to implement telework, Nextgov reported Monday.
Scholl told attendees at a webinar hosted by Venable LLP that agencies must examine their use of trust algorithms and cryptographic management techniques as well as data loss prevention settings in a virtual private network.
He also cited the benefits of using zero-trust architectures and cloud computing for virtualization and network segmentation.
“We want to ensure that in these quick migrations that we’ve done, that we fully understand both the positives as well as some of the assumptions we’ve made about our security,” said Scholl.
“This is really the first time that everyone is sprinting in the same direction to really make a big change when it comes to cloud adoption,” noted Michael Duffy, director of the Cybersecurity and Infrastructure Security Agency during the event.
According to Scholl, agencies must make sure to follow-up with cloud providers with regards to security protocols and potential migration issues.
