Andrew Malloy, technical director of the Defense Information Systems Agency's (DISA) cyber development directorate, said that DISA is looking at strategies to manage user access and personal mobile devices within remote work environments, Federal News Network reported Tuesday.
The agency is conducting pilot programs to test an enterprise identity management service and determine a bring-your-own-device approach for the Department of Defense (DOD).
"That’s what we need to figure out moving forward is, how we manage that and how we manage that centrally, to where from a cybersecurity perspective, we don’t have as much of a threat surface area,” Malloy told the publication.
He also noted that DISA began migrating its global directory to the cloud-based Defense Enterprise Office Solution (DEOS) infrastructure and worked with the National Security Agency to develop a zero-trust concept.
DISA deployed an initial zero trust reference architecture in May to support military information security efforts.