Last year, we announced our partnership with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) to work on the Implementing a Zero Trust Architecture project.  

After a year of collaboration with its industry partners, including Ivanti, NIST recently released its preliminary draft, NIST Cybersecurity Practice Guide SP 1800-35 Vol B, for public comment.  

Together, we are collaborating with NIST and ZTA technology providers to build several example ZTA solutions, demonstrating their ability to provide secure access to corporate resources.  

The solutions will enforce corporate security policy dynamically and in near-real-time with:  

  • Restricting access to authenticated, authorized users and devices.  
  • Supporting a flexible, complex set of diverse business use cases involving a remote workforce, cloud use and partner collaboration.  
  • Supporting contractors. 

Our proposed solutions build upon the work of NIST Special Publication (SP) 800-207. The publication digs into how to leverage commercially available technology, including Ivanti Neurons for MDM (MI Cloud FedRAMP) to build interoperable, open, standards-based ZTA implementations that align to the concepts and principles in NIST Special Publication.  

Working to secure a zero trust federal government 

At Ivanti, we were pleased to contribute to this draft, as the executive order on improving the nation’s cybersecurity calls for the federal government to move to a zero trust architecture.  

We worked with NIST on three principal areas for successfully implementing zero trust across government:  

  • Securing the managed mobile device. 
  • Supporting remote workers with access to resources – regardless of the user’s location or device. 
  • Establishing conditional access controls with validation of the device, network and apps, before allowing access.  

These areas are important for security and potentially help with job retention in the federal government – which is desperately needed. According to the June job report, the government has lost 640,000 jobs since the pandemic began.  

Allowing flexibility in federal workplaces 

While security must be paramount for our federal agencies, which have faced an onslaught of attacks in recent years, we must make sure the federal government is an enjoyable place to work.  

With recent news reports showing the public sector is falling behind in attracting and retaining top talent, making these adjustments can be a huge step in catching up to the private sector.  

That means supporting telework, allowing employees to bring their own devices to work and more, all while maintaining the highest levels of security through a zero trust architecture and securing employees’ mobile devices. 

All of this is possible through embracing the Everywhere Workplace.  

While this is not the final publication, we’re excited by the work we’ve done and will continue to do throughout this process, ensuring the future of zero trust in government includes the flexibility for employees to securely and safely work from everywhere.