Skip to main content

CISA Releases New Proposed Cloud Security Guidance

posted onJune 16, 2022
by l33tdawg
Wikipedia
Credit: Wikipedia

As the federal government continues to work out its strategy for secure cloud platform implementations, the Cybersecurity and Infrastructure Security Agency is asking for public comment on the latest version of its draft use case for services such as IaaS, PaaS, and SaaS.

The draft Trusted Internet Connections 3.0 guidance, released Thursday, is a huge, detailed document that lays out proposed methods for federal agencies to use cloud platforms securely. It builds on the Cloud Security Technical Reference Architecture that was part of President Biden’s executive order on cybersecurity from 2021. The guidance covers a wide range of potential uses cases for agencies, and seeks to apply some of the same principles used in traditional network and multi-boundary environments to help secure cloud deployments.

“The IaaS, PaaS, and SaaS guidance in the Cloud Use Case focuses on the scenario in which an agency has one or more cloud deployments in its enterprise. Traditionally, agency users would have accessed cloud deployments either directly from an agency campus or by establishing a secure connection (e.g., VPN) to an agency campus, and using that channel to access the cloud deployment,” the draft guidance says. The conceptual architecture laid out in the document comprises seven separate trust zones, which should be assigned various levels of trust, from low, to medium, to high, depending on the specific agency’s risk tolerance and use cases. The trust zones include agency campus, cloud service provider, remote user, external partner, agency service, external entity, and web. The guidance relies on a shared security model, which divides responsibility for securing various portions of a deployment between the CSPs and the agency itself.

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th