Axiomatics Federal, Inc., the leader in fine-grained dynamic authorization for customers and partners of the federal government, today released its inaugural federal security update covering the latest trends and challenges for federal security agencies in 2018.
“Secure data sharing remains a challenge among intelligence agencies and many other federal departments when dealing with highly sensitive information,” said Craig Gilley, president of Axiomatics Federal, Inc. “Data sharing across departments, agencies, as well as state/local governments must meet the requirements of each agency, while ensuring that overall mission objectives are met.”
Axiomatics federal security leaders amassed these trends, which include the following.
DevOps will become more prevalent for large federal agencies who are accustomed to building their own software in 2018. This is mainly being driven by security concerns and the risk management framework. By having uniform development tools across the enterprise, security and operational risks can be mitigated for mission-critical applications since all the DevOps tools and processes have been evaluated, tested and approved.
Information Dissemination between Federal Agencies
Federal government entities are amassing large volumes of data and the direction given by the Office of the Director of National Intelligence (ODNI) means that best efforts must be made to share this data throughout the intelligence community, with exceptions needing to be justified and approved. To process these exceptions, agencies require metadata that describes aspects of the data to differentiate it from shareable data and policies must exist that can evaluate the characteristics (attributes) of the requester of the data, the data being requested, and what the requester wants to do with the data. An Attribute Based Access Control (ABAC) model can achieve this by considering the context of the access control request.
Securing Big Data Environments
Federal agencies have been inundated with so much data that they now need some level of data classification to determine if these data systems contain sensitive or regulated data that requires additional security. The rise of big data systems in the cloud adds an extra level of complexity. These systems will become much more distributed, making it difficult to manage the environment. Big data technologies are also continuing to evolve quickly – new data formats, new access techniques and protocols are difficult to keep up with from a security perspective. A key is to keep track of where the sensitive data is so that appropriate protections can be applied.
Data Monitoring to Prevent Security Breaches
Data monitoring will be a big theme as it continues to grow over time. Organizations should consider using data analytics, machine learning and Artificial Intelligence (AI), to identify anomalies that would otherwise go unnoticed by humans, helping to eliminate internal security threats. ABAC systems provide a wealth of activity log data that is used to enhance reporting and monitoring systems.
“As the data explosion continues to have its effect on federal agencies, being able to manage and specify properly who should have access to data is a major priority,” said Gilley. “By implementing an ABAC approach, organizations can progress toward a responsibility to provide mindset to better disseminate and share actionable intelligence to the community.”