One year since President Biden signed Executive Order 14028, “Improving the Nation’s Cybersecurity,” the government has moved rapidly to reinforce the cybersecurity guidelines to modernize and improve security procedures. This will provide guidance to federal agencies and the private sector to effectively respond to ransomware attacks.
The President has directed the Federal Government to adopt tougher cybersecurity standards including the adoption of Zero Trust, multi-factor authentication and cloud-based security as the cornerstone of these standards and policies. Additionally, because of recent breaches, a deeper focus has been placed on software development, components, and supply chain.
Now is the time for change. The President’s mandate comes with a timeline, requiring the entire federal government to adopt and migrate to a cloud based, Zero Trust architecture.
In addition to improving cybersecurity for government, the provisions within this Executive Order (E.O.) as well as the NIST Zero Trust Architecture are part of an effort to bring increased protection and accountability to private sector suppliers and supply chain contractors. Zero Trust requires that all entities or users be treated as “untrusted” and updates the adage of “trust, but verify” to “never trust, and always verify.”
The standards defined in the Executive Order will become the de facto standards for business as well as Government within the next few years. The truth is that embracing the Zero Trust as a “way of life” is now mandatory due to the frequency, severity and increasing sophistication of the attacks we face each day. Government suppliers of goods and services who do not comply with these requirements may no longer qualify for Federal, State and local contracts going forward.
Onclave TrustedPlatform™ eliminates vulnerabilities inherent in standard, co-mingled environments. Our solution includes proven techniques and technologies used by the U.S. Department of Defense (DoD) and our national security agencies and integrated them into a Zero Trust network solution that is not only more secure than typical IT networks but also easier to manage and lower in cost. Onclave’s platform aligns with NIST 800-53 and NIST 800-207: NIST (National Institute of Standards in Technology), NSA, DoD, DHS and Defense Information Systems Agency (DISA) which means Onclave is qualified to help your enterprise meet the requirements of the E.O. 14028.
Secure your enterprise from future risks and potential breaches by adopting Zero Trust based on the NIST guidelines and E.O. 14028 requirements. As the world operates in an evolving, interconnected world, enterprises must step up and modernize their cybersecurity solution to protect their data, systems, devices, and the many lives that depend on critical infrastructure and support.
With increasing numbers of remote and mobile users, satellite infrastructures, data and services located outside the protection of traditional network security, Onclave can provide the fastest path to a more secure, simplified, and scalable network solution.
These tables outline how Onclave aligns to the Executive Order from President Biden. These tables were updated from May 2021 to May 2022.
Click here to download a 1-page PDF of the tables listed below.
Click here to view a JPG of the tables listed below.
Executive Order 14028
Modernizing Federal Government Cybersecurity – Zero Trust Architecture
|Accelerated adoption of cloud technology||YES|
|Develop and implement Zero Trust Architecture||YES|
|Report to OMB and APNSA with plans||YES|
|Cloud technology and adopt Zero Trust Architecture||YES|
|Adopt multi-factor authentication||YES|
|Encryption for data at rest and in transit||YES|
|Security model, design principles and coordinated cyber and system management strategy – acknowledgment threats inside and outside of network||YES|
|No implicit trust in any one element, node, or service||YES|
|Continuous verification of the operational picture – real-time information||YES|
|User full access with only bare minimum needed to perform their jobs||YES|
|Node is compromised can ensure damage is contained||YES|
|Constantly limits access and looks for anomalous or malicious activity||YES|
|Granular risk-based access controls||YES|
|Security automation throughout all aspects of the infrastructure to protect data real-time within a dynamic threat environment||YES|
|Least-privilege access – who, what, when where and how||YES|