How Federal Agencies Can Secure Data Services in the Cloud

By utilizing the cloud, federal agencies minimize their overall IT costs, while increasing scalability, modernizing their IT infrastructure and enabling collaboration among development teams to help solve complex challenges. However, the many advantages of cloud deployments do not come without risk.

Guest Editorial by Gerry Gebel, VP of Business Development at Axiomatics

As businesses continue their mass migration of data, applications, workflows and other business assets to the cloud, federal agencies are following suit, and for a good reason.

By utilizing the cloud, federal agencies minimize their overall IT costs, while increasing scalability, modernizing their IT infrastructure and enabling collaboration among development teams to help solve complex challenges.

In addition, cloud platforms like AWS and Microsoft Azure offer easier, more affordable and flexible data storage systems compared to traditional storage solutions like on-premise relational databases.

There are many advantages of cloud deployments. However, they do not come without risk.

A common challenge is cloud security.

Cloud platforms often include built-in security features like Identity and Access Management (IAM) to help control access to Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) services.

This is where we begin to see limitations in the built-in security features when dealing with, the security of transactions and data in these platforms.

Not to mention, cloud platforms introduce new technology capabilities (such as orchestration) that require IT employees to examine new processes, including security methods.

It is critical to enhance the basic security capabilities of the cloud platform and cloud data service providers to ensure the high levels of access control federal agencies have in their on-premise systems translate to the same fine-grained levels they require in the cloud.

Axiomatics FederalAugmenting Built-In Security Features

Out of the “box”, cloud platforms don’t offer much sophistication for a policy-based approach to both securing and sharing data.

We see new security products are emerging to protect the cloud, but in some cases, these only focus on a single aspect, such as the security of the infrastructure and containers instead of protecting the data itself.

One example is AWS.

AWS has an “IAM” strategy focused on authorizing administrators to spin up/down servers, databases, containers, etc.

Still, the AWS “IAM” strategy is limited because it focuses on the infrastructure instead of the data.

AWS uses the same legacy identity/role/group-based approach to authorization, which is not fine-grained enough to secure critical information federal agencies hold like national security information or personally identifiable information (PII) on American citizens.

Federal agencies require more advanced security measures than what cloud providers offer.

Security controls must address the legal requirements for the proper handling and sharing of sensitive digital information.

The security protocols must also implement access policies consistently across cloud platforms, instead of acquiring the additional risk and cost of cloud platform-specific security tools.

Security tools must also be built and deployed in the cloud, so they can be managed the same way any application workloads are managed.

Implementing Dynamic Authorization to Protect Cloud-Hosted Data

Federal agencies can extend access control capabilities beyond what cloud providers offer with externalized dynamic authorization delivered with Attribute Based Access Control (ABAC).

Dynamic authorization for cloud-hosted data works by leveraging access control and organizational policies to decide what resources can and cannot be accessed.

Federal agencies can access additional context like risk score, device information, location, etc. when deciding on access decisions.

Policies are an exact reflection of federal requirements and are easy to decipher.

With dynamic authorization, federal agencies can define their data access policies once and apply them consistently on-premise and in-cloud deployments.

Federal agencies ensure secure access to applications and data in the cloud while also realizing a wide range of other benefits, including:

  • Running an access control service in cloud platforms directly with protected applications and data provides best-in-class system performance.

    • In addition, this approach permits federal agencies to operate the security infrastructure in the same way that applications are managed.

  • Dynamic authorization for cloud platforms saves developers a significant amount of time because application development accommodates the microservice approach of bounded context and calls external services for security functions.

    • Developers are no longer bothered with adding security code to their APIs/microservices. Instead, they can call another microservice to process access decisions.

  • Application maintenance costs are significantly reduced by separating security logic from the application.

    • By moving security logic to a dedicated service, access policy changes are implemented independent of the business logic code, resulting in a much easier/quicker access policy change process.

  • A dedicated dynamic authorization service can respond faster to policy change requests because code changes are eliminated.

    • Instead, policy changes are made in the authorization service through configuration and delivered to the runtime services.

As more federal agencies continue to tap the power of the cloud and migrate their infrastructure to cloud platforms, the need to address complex access control use cases for cloud-based resources is only going to grow.

The federal government houses massive amounts of sensitive data that can threaten the security of millions of citizens.

By leveraging dynamic authorization delivered with ABAC, federal agencies enable secure access to sensitive information assets such as applications and data that are now stored within cloud platforms, as well as the administration of cloud deployments.

About the Author

Gerry Gebel, Vice President of Business Development at Axiomatics, a Platinum Award Winner in the 2018 ‘ASTORS’ Awards Program

Gerry Gebel, Vice President of Business Development at Axiomatics
Gerry Gebel, Vice President of Business Development at Axiomatics

As the vice president of business development at Axiomatics, Gerry Gebel supports the sales, marketing and product teams by managing strategic partnerships and alliances.

Before joining Axiomatics, Gerry was vice president and service director for Burton Group’s identity management practice.

He covered topics such as authorization, federation, identity and access governance, user provisioning and other IAM topics.

Gerry has more than 15 years of experience in the financial services industry, focusing on security architecture, middleware support and mainframe systems.

AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:

  • Provides named sources
  • Reported by more than one notable outlet
  • Includes supporting video, direct statements, or photos

Subscribe to the AST Daily News Alert Here.

Twitter: https://twitter.com/ggebel?lang=en

LinkedIn: https://www.linkedin.com/in/gerry-gebel-626332/

Company Website: https://www.axiomatics.com

Axiomatics Federal Takes Platinum in the 2018 ‘ASTORS’ Homeland Security Awards Program

Axiomatics Federal Inc.

2018 ASTORS Platinum

  • Best Best IT Policy Mgmt & Authentication

  • Axiomatics Policy Server

 

The Annual ‘ASTORS’ Awards Program is specifically designed to honor distinguished government and vendor solutions that deliver enhanced value, benefit and intelligence to end users in a variety of government, homeland security and public safety vertical markets.

Deanne Criswell
Deanne Criswell the Commissioner of the New York City Emergency Management Department is responsible for oversight of the City’s efforts to plan and prepare for emergencies, educate the public about preparedness, coordinate emergency response and recovery, and disseminate emergency information.

The Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program highlighting the most cutting-edge and forward-thinking security solutions coming onto the market today, to ensure our readers have the information they need to stay ahead of the competition, and keep our Nation safe – one facility, street, and city at a time.

American Security Today is pleased to announce that Deann Criswell, the NYC Emergency Management Commissioner will deliver the keynote address at the 2020 ‘ASTORS’ Awards Presentation Luncheon Banquet in New York City.

Nominations are now being accepted for the 2020 ‘ASTORS’ Homeland Security Awards at https://americansecuritytoday.com/ast-awards/.

Comprehensive List of Categories Include:

Access Control/ Identification Personal/Protective Equipment Law Enforcement Counter Terrorism
Perimeter Barrier/ Deterrent System Interagency Interdiction Operation Cloud Computing/Storage Solution
Facial/IRIS Recognition Body Worn Video Product Cyber Security
Video Surveillance/VMS Mobile Technology Anti-Malware
Audio Analytics Disaster Preparedness ID Management
Thermal/Infrared Camera Mass Notification System Fire & Safety
Metal/Weapon Detection Rescue Operations Critical Infrastructure
License Plate Recognition Detection Products And Many Others!

Don’t see a Direct Hit for your Product, Agency or Organization?

The World Health Organization (WHO) declared the 2019–20 coronavirus outbreak a Public Health Emergency of International Concern (PHEIC) on 30 January 2020 and a pandemic on 11 March 2020. Local transmission of the disease has occurred across all fifty states in the America.

With the unprecedented occurrence of the COVID-19 pandemic, the focus of the safety and security industries has realized the need to increase innovations to address the daily growing challenges.

As such AST aims to make sure these firms and professionals are reflected in the 2020 ‘ASTORS’ Awards Program, so we’d like to encourage you to submit appropriate categories recommendations and include COVID-19 Frontline Professionals in your Nominations to see that these Professionals, Facilities, and Vendors receive the Recognition they Deserve!

Submit your category recommendation for consideration to Michael Madsen, AST Publisher at: mmadsen@americansecuritytoday.com.

The 2019 ‘ASTORS’ Awards Program surpassed expectations with a record number of nominations received from industry leaders and government agencies, and drew over 200 attendees to the ‘ASTORS’ Awards Presentation Banquet – an exclusive gourmet luncheon and networking opportunity which filled to capacity, before having to turn away late registrants.

The 2019 ‘ASTORS’ Awards Luncheon featured an impassioned and compelling keynote address by William (Bill) Bratton, former police commissioner of the NYPD twice, the BPD, and former chief of the LAPD, on the history of policing in America and the evolution of critical communication capabilities in our post 9/11 landscape.

The event featured an impassioned and compelling keynote address by William J. Bratton, former police commissioner of the New York Police Department (NYPD) twice, the Boston Police Department (BPD), and former chief of the Los Angeles Police Department (LAPD), as he walked attendees through 50 years of American policing history, the impacts on the communities, and the evolution of critical communication capabilities in our post 9/11 landscape.

Commissioner Bratton, one of the world’s most respected and trusted experts on risk and security issues and Executive Chairman of Teneo Risk a global advisory firm, was recognized as the ‘2019 ‘ASTORS’ Person of the Year’ for his Lifetime of Dedication and Extraordinary Leadership in Homeland Security and Public Safety.

Why the ‘ASTORS’ Homeland Security Awards Program?

2019 ‘ASTORS’ Homeland Security Awards Luncheon at ISC East

American Security Today’s comprehensive Annual Homeland Security Awards Program is organized to recognize the most distinguished vendors of physical, IT, port security, law enforcement, and first responders, in acknowledgment of their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.’

Over 200 distinguished guests representing Federal, State and Local Governments, and Industry Leading Corporate Firms, gathered from across North America, Europe and the Middle East to be honored among their peers in their respective fields which included: 

  • The Drug Enforcement Administration (DEA)
  • National Center for Missing and Exploited Children (NCMEC)
  • United States Marine Corps
  • The Federal Protective Service (FPS)
  • Argonne National Laboratory (ANL)
  • United States Postal Inspection Service
  • DHS S&T 
  • United States Marshals Service (USMS)
  • The Port Authority of New York & New Jersey Police (PAPD)
  • The Department of Justice (DOJ)
  • The New York State Division of Homeland Security & Emergency Services (NYS DHSES)
  • United States Border Patrol
  • AlertMedia, Ameristar Perimeter Security, Attivo Networks, Automatic Systems, Bellevue University, BriefCam, Canon U.S.A., CornellCookson, Drone Aviation, FLIR Systems, Hanwha Techwin, HID Global, IPVideo Corp., Konica Minolta Business Solutions, LenelS2, ManTech, Regroup Mass Notifications, SafeLogic, SolarWinds, Senstar, ShotSpotter, Smiths Detection, TCOM LP, Trackforce, Verint, and More!

From innovative Military Cyber Programs, to LocalState and Federal Public Safety and Emergency Management Initiatives, New Physical and IT Products and Services, and Security Professional, Threat Assessment, Emergency Preparedness, Law Enforcement and Homeland Security Education and Training Opportunities – Join your ‘ASTORS’ Award-Winning Peers and Receive the Recognition You Deserve!

Excellence in Public Safety and Government Security Award Nominations are also encouraged, such as those 2019 Honored Winners which includes the DEAU.S. Marine CorpsDHS S&TFederal Protective ServiceDHS S&T NUSTLU.S. Marshals ServiceU.S. Border PatrolThe Port Authority of NY/NJ, and the NYS Division of Homeland Security & Emergency Services.

Individuals are also encouraged to be nominated for Government Excellence in Public Safety and Homeland Security such as last years widely respected recipients.

Why American Security Today?

The traditional security marketplace has long been covered by a host of publications putting forward the old school basics to what is Today – a fast changing security landscape.

The traditional security marketplace has long been covered by a host of publications putting forward the old school basics to what is Today – a fast changing security landscape.

American Security Today is uniquely focused on the broader Homeland Security & Public Safety marketplace with over 75,000 readers at the Federal, State and local levels of government as well as firms allied to government.

American Security Today brings forward a fresh compelling look and read with our customized digital publications that hold readers eyes throughout the story with cutting edge editorial that provides solutions to their challenges.

Harness the Power of the Web – with our 100% Mobile Friendly Publications

AST puts forward the Largest and Most Qualified Circulation in Government with Over 75,000 readers on the Federal, State and Local levels.
AST puts forward the Largest and Most Qualified Circulation in Government with Over 75,000 readers on the Federal, State and Local levels.

The AST Digital Publications is distributed to over 75,000 qualified government and homeland security professionals in federal, state and local levels.

‘PROTECTING OUR NATION, ONE CITY AT A TIME’

AST Reaches both Private & Public Experts, essential to meeting these new challenges.

Today’s new generation of public safety and security experts need real-time knowledge to deal with domestic and international terrorism, lone wolf attacks, unprecedented urban violence, shifts in society, culture and media bias – making it increasingly difficult for Homeland Security, Law Enforcement, First Responders, Military and Private Security Professionals to implement coordinated security measures to ensure national security and improve public safety.

American Security Today

These experts are from Government at the federal, state and local level as well as from private firms allied to government.

AST provides a full plate of topics in our AST Monthly Magazine Editions, AST Website and AST Daily News Alerts, covering 23 Vital Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities, and Emergency Response among others.

AST has Expanded readership into integral Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants & Dams, Bridges & Tunnels, and other potential targets of terrorism.

Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting & Concert Stadiums, our Nation’s Schools & Universities, and Commercial Business Destinations – all enticing targets due to the large number of persons and resources clustered together.

To learn more about the 2019 ‘ASTORS’ Homeland Security Award Winners solutions, please go to the 2019 ‘ASTORS’ Championship Edition Fully Interactive Magazine – the Best Products of 2019 ‘A Year in Review’.

The ‘ASTORS’ Champion Edition is published annually and includes a review of the ‘ASTORS’ Award Winning products and programs, highlighting key details on many of the winning firms products and services, includes video interviews and more.

It is your Go-To source throughout the year for ‘The Best of 2019 Products and Services‘ endorsed by American Security Today, and can satisfy your agency’s and organization’s most pressing Homeland Security and Public Safety needs.

From Physical Security (Access Control, Critical Infrastructure, Perimeter Protection and Video Surveillance Cameras and Video Management Systems), to IT Security (Cybersecurity, Encryption, Data Storage, Anti-Malware and Networking Security – Just to name a few), the 2019 ‘ASTORS’ CHAMPIONS EDITION will have what you need to Detect, Delay, Respond to, and Mitgate today’s real-time threats in our constantly evolving security landscape.

It also includes featured guest editorial pieces from some of the security industry’s most respected leaders, and recognized firms in the 2019 ‘ASTORS’ Awards Program.

Axiomatics is a premier vendor of dynamic authorization delivered through Attribute Based Access Control (ABAC) solutions.

The company is headquartered in Stockholm, Sweden and has offices across the US. Axiomatics is a driving force behind dynamic access control through its suite of industry standard products.

These products are utilized by Global Fortune 2000 companies and federal government agencies to balance compliance, information sharing, and the protection of critical assets and Intellectual Property.

For more information about advertising opportunities with American Security Today, please contact Michael Madsen, AST Publisher at mmadsen@americansecuritytoday.com.

AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:

  • Provides named sources
  • Reported by more than one notable outlet
  • Includes supporting video, direct statements, or photos

Subscribe to the AST Daily News Alert Here.

Learn More…

Axiomatics Federal Competes in 2018 ‘ASTORS’ Awards Program (Videos)