Thales security solutions: key steps to improve national network security

2021 year 5 month 12 How did the White House executive order issued on the th set a new 、 Strict government network security standards . From then on , Office of management and budget (OMB) Released a strategy , To help institutions implement these Standards , Especially those with zero trust with them (ZTA) Change relevant standards . The document requires agencies to 2024 Achieve the specific goal of zero trust by the end of the year . So , Institutions must decide how to use a centralized identity management system , Multifactor certification (MFA) And a reliable list of assets .  then , They need to submit the implementation plan of these measures , And after the strategy takes effect 60 Create within days 2024 Budget estimates for the fiscal year . 

However , It's not always that easy .  Public sector institutions —— Especially state and local government agencies —— Sometimes there is a lack of technology or technical expertise to implement the above safety measures .  Fortunately, , These organizations can take advantage of Thales New of the company “Cyber pack”.  

Next we will explore how this type of solution works . 

What is? Cyber pack?  

Thales network package is a cloud based overall solution , Help organizations improve their network security posture through the following key points :  

Find out - Quickly discover and classify data  

Protect — Encrypt data at rest and in flight , No expensive impact on performance  

control - Digital threats of isolation and layer access , Such as blackmail software attack  

Thales The company designed Cyber Packs To help American companies prepare for executive orders .  They enable institutions to find... Anywhere 、 Protect and control access to sensitive data .  While doing all this work , They also integrate existing IT infrastructure , And provides the same level of security , Whether deployed locally or in the cloud .  These capabilities are important for preventing intrusion 、 Minimize the impact of successful intrusion 、 Incident detection and response as well as relevant incident evidence collection are essential .  

Cloud security

2021 year 5 The monthly executive order requires 3(c)(i) Regulations , organization “ A federal cloud security strategy should be developed , And provide corresponding guidance to the organization ”.  To support this requirement , Network packages provide organizations IaaS and PaaS Cloud policy comes with encryption (BYOE) function .  They are themed with encryption , Through file level encryption and fine-grained access control , Enable the organization to maintain control over keys and encryption , Achieve zero trust in the cloud .  These solutions balance these specifications with additional features , Such as hsm That is, cloud key management of services 、 be used for Azure and SFDC Cloud key broker service , And meet the Standards , Include FIPS 140-2 Level 3、ISO 27001 and SOC Type 2.  

Identify unclassified data  

In subsequent executive orders , requirement 3(c)(iv) Regulations , Institutions within the scope “…… Priority should be given to identifying unclassified data that the agency considers to be the most sensitive under the greatest threat , And provide appropriate processing and storage solutions for these data .”  The network package enables its own key in a variety of multi cloud deployments (BYOK) And for Google EKM Provide your own key (HYOK) To solve this instruction .  It also includes AWS GovCloud and Azure U.S. Government.  

MFA And encryption  

In section of the executive order 3(d) In , The White House explained “…… Agencies should comply with the federal records act to the greatest extent .... Under the circumstances , Adopt multi factor authentication and encryption for data at rest and in transmission ”. Cyber pack It can help organizations scan sensitive data in their internal sites and cloud based environments ( Include structured 、 Unstructured and cloud object data storage ) To achieve this goal .  then , They can repair data discovery from the same platform through encryption and access control , Use real end-to-end 、 Authenticate network encryption 、MFA、 Identity is service 、 Strategic management 、 risk assessment 、 Border protection 、 session management , And right ISO/IEC 27001、CSA STAR and SOC 2 And other compliance frameworks .