• Sponsored

Stronger security and access controls with a new industry partnership

The pandemic was a forcing agent that caused agencies to rethink identity and how users connect to government resources. It’s also led to a greater emphasis on cloud-based services.

As a result, IT leaders are looking more holistically at how they manage identity across the enterprise network while still complying with federal identity, credential and access management (FICAM) rules.

Andrew Whelchel, principal sales engineer at Okta shares that as agencies move to the cloud, guidance from OMB has been key to helping them build guardrails within the services they offer to their federal partners. That ensures that can help government to “rapidly modernize, but also do that within the governance.”

Looking for providers that are FedRAMP-approved is one of the fastest ways to implement cloud tools and identity services right out of the box, adds Dmitry Kagansky, senior solutions architect for Amazon Web Services.

Additionally, “it allows for agencies to experiment with services,” he says. “That experimentation often leads to much better results where they have much more variety, much more flexibility in how their systems are deployed.”

Whelchel and Kagansky join FedScoop in a new podcast to discuss strategies around modern identity and security in the cloud and how agencies can take advantage of FedRAMP-approved services to fast-track implementation.

This podcast was produced by FedScoop and underwritten by Okta and AWS.

Trends from agencies modernizing data centers and user access

The quick push to the cloud over the last year has been critical to give users access to government resources. Kagansky shares these investmets in cloud infrastructure is allowing agencies to experiment with data in new ways.

“We actually have quite a few customers that may have some sort of transactional workload where things are happening on prem on a regular basis. But then they’re funneling that data out to the cloud where they can start to aggregate it, analyze it, and do more with it,” he explains.

Using tools like that modernize access controls allows the organization to better control who has access to the data, both from the on-prem side and the cloud side.

Strengthening security with segmentation

With more data and applications in the cloud, Kagansky says leaders should take advantage of segmentation capabilities to secure their workloads.

“If you’ve got multiple systems, multiple applications with a lot of different data, and they don’t need to be interconnected, segmenting them actually cuts down on what we call the blast radius. If something does happen, if there’s some sort of bad actor or some sort of breach or any sort of mishap, that the blast radius is localized to just that one workload,” he says.

Additionally, Kagansky shares cloud allows organizations to segment access to data in a much more granular fashion — which is a big differentiator that what is available in an on-premise environment.

What the Okta Identity Cloud and AWS partnership provides users

Whelchel shares the benefits of the new partnership between Okta and AWS. While Okta Identity Cloud used to be a service that required servers to be installed inside a data center, now Okta can provide this in a software-as-a-service cloud environment.

“[The SaaS model] is ready to operate and support government customers and the community because it has [FedRAMP] accreditations,” he explains. “This includes an easy set up for single sign-on, multi-factor, which includes PIV and CAC access, and access to multiple types of applications — including AWS services.”

But most important, says Whelchel, agency should be looking for a solution that allows them to integrate identity into policies. With zero trust on the horizon, agencies should be looking to integrate their identity platform with dynamic policies, so that “it makes it very easy to blend that into zero trust policies.”

Listen to the podcast for the full conversation on IT management and security in the cloud. You can hear more coverage of “IT Security in Government” on our FedScoop radio channels on Apple Podcasts, Spotify, Google Play, Stitcher and TuneIn.

Also, read more from leaders about how state and local agencies are modernizing identity authentication.

This podcast was produced by FedScoop and underwritten by Okta and AWS.

Andrew Whelchel has more than 15 years of security experience, his focus is on citizen and employee identities. He works with federal government partners to reduce cyber risk and accelerate cloud modernization.

Dmitry Kagansky works with government organizations to help them in their cloud journeys. Prior to AWS he held a number of technical and management roles, including federal CTO for Quest Software and executive roles and Star2Star Communications and AvePoint.