The world of cloud security is known for moving fast, turning on a dime, and evolving with ever-growing threat vectors.
The Federal sector, on the other hand, has highly regulated, rigorous standards when it comes to their security, and for very good reason. The data they’re protecting is about as sensitive as it gets, and any exposure is literally a matter of national security. For that reason, many of the same requirements for purchasing an F-22 fighter jet also apply to a VPN or DLP solution.
All of the rigorous vetting and due diligence they perform to make sure a security platform is as close to “bulletproof” as possible is necessary and important. Because of this, they have historically built up many carefully thought out and meticulously vetted security stacks to best fit their mission’s needs.
But at a time like the present, where work situations and security programs are evolving and transforming every week, these important, methodical processes can present some challenges when it comes to making quick changes, but I think I have figured out how this can drive change toward the cloud in the long run.
Setting the stage for change
From my vantage point in the Federal market, I have a good sense of what many are equipped for, and I know this recent shift to remote working due to COVID-19 is causing some real challenges that require a very different set of solutions than what has been provided in the past.
It’s not that there aren’t agencies already making the shift to cloud though. FEDRamp authorizations are already in place for a reason, and they are the targets that companies like Netskope are striving to hit as we market ourselves and our solutions to these agencies.
But for those agencies who have been slower and more methodical to adapt to the changing security and network trends, they are finding that this increasingly remote working life is full of frustration and mission fatigue. This is particularly the case when it comes to severe latency, as traffic is hair pinned through on-prem solutions.
Increased latency leads to poor user experience, which leads to these agencies re-evaluating services. And it will require a mindset change. Despite all of the frustrations, though these changes still won’t happen overnight, no matter how frustrating it seems. Past policy and legacy ATO’s actively stand in the way of that, unless top brass put their full weight behind it.
The real wake up call here is going to be on the other side of this pandemic when agencies realize how much they’re spending relative to how much coverage, visibility, and friction they’re actually getting from their current security solutions.
Where’s the future of Federal going?
The changes in working habits created from this pandemic will undoubtedly help accelerate shifting security stacks into the cloud, that literally speak the language of the cloud JSON and API.
In many cases, these agencies already have users who are working in the cloud, using instances of Office 365 or Box. Being able to put controls around these apps, that aren’t siloed off and can communicate with each other, offers be