Cloud Workload Protection Meets Agencies’ Most Pressing Needs
As cyberattacks become more sophisticated, securing cloud workloads becomes increasingly critical for avoiding the compromise of government security infrastructure and intelligence and defense systems, says Nat Montha, U.S. federal systems engineering director at Nutanix.
Cloud environments can increase agencies’ attack surface because they have more entry points and interconnected systems and thus present a higher risk of security vulnerabilities.
As concerns about the security of federal data grow, it makes sense that CWP platforms not only ensure data is stored in the cloud confidentially but also detect and attempt to mitigate threats such as malware, ransomware and unauthorized access. This is often done through a combination of real-time monitoring, behavioral analysis and machine learning algorithms trained to identify abnormal activities.
“CWP solutions are essential for federal agencies, as they are increasingly adopting cloud services to stand up new applications and services quickly to meet requirements and mandates,” Montha says. “It is critical to protect data and workloads that inform and power their operations and missions.”
Agencies working toward cloud-native app development are most likely to adopt CWP, and this helps ensure compliance with the Federal Information Security Modernization Act, Federal Risk and Authorization Management Program and Department of Defense impact level certifications.
CWP further aligns with the zero-trust security model agencies are required to adopt, which emphasizes the need to verify and secure all users and devices on their networks regardless of location in the era of remote work, Sangiuliano says.
What’s more, CWP scales up and down with cloud environments.
The CWP Solutions Available to Agencies
Agencies have many CWP solutions available to them, and the technology is rapidly evolving. Traditional security companies and hyperscalers offer CWP platforms, as do other tech players such as Nutanix, with its Cloud Platform.
Because different solutions address different facets of the CWP framework (not necessarily most of them), it’s important for agencies to build defense in depth — an all-encompassing solution that meets as many requirements as possible.
“Choosing a CWP platform for federal agencies involves careful consideration of various factors to ensure that the selected solution aligns with security requirements, compliance standards and the agency’s specific needs,” Montha says. “They should begin with an evaluation of all of the cloud platforms they are using.”
From there, agencies must review solutions that address the CWP framework, such as threat detection and prevention, vulnerability management, encryption and data protection, incident response, continuous monitoring and reporting, and compliance certification.