On the Federal Zero Trust Strategy

Algemetric

January 28, 2022

The Office of Management and Budget (OMB) recently released a Federal Zero Trust Strategy in support of the Executive Order on Improving the Nation’s Cybersecurity to push the adoption of zero trust principles across civilian agencies’ enterprise security architecture.

The content of the executive order and the OMB memorandum is worth examination in its entirety however here we highlight some sections that has direct impact in how our Identity and Access Management (IAM) is implemented, deploy, and managed.

In the OMB memorandum, under the section “”Identity””, the vision is that agency staffs should use enterprise-managed identities to access applications they use. In particular, they should use phishing-resistant MFA to protect personnel from sophisticated online attacks.

As part of the actions to fulfill this vision, agencies must use strong multi-factor authentication (MFA) throughout their enterprise, which must be enforced at the application layer instead of the network layer. Additionally, when authorizing users to access resources, agencies must consider at least one device-level signal alongside identity information about the authenticated user.

As for phishing-resistant authenticators and approaches to MFA, the federal strategy points to the World Wide Web Consortium (W3C)’s open “Web Authentication” standard along side with FIDO2 as effective approaches to meet the requirements of the Federal Zero Trust Strategy.

One of the implications of the Federal Zero Trust Strategy is that it creates options for agencies to use FIDO instead of authentication based on Personal Identity Verification (PIV) or public-key infrastructure (PKI).

Spectra is Algemetric’s IAM solution for machine-to-machine communication (M2M), much needed in a wide variety of IoT scenarios. Spectra implements FIDO2’s standards: WebAuthn and CTAP for establishing the role of trusted administrators for creating and managing IAM for IoT applications. Spectra provides extensive IAM controls for M2M following zero trust principles. Additionally, Spectra is designed based on approved public-key cryptography in a data-centric fashion, which does not required PKI and does not depend on the security of the network.

Spectra was designed to contemplate zero trust principles for the get-go. Spectra the result of a powerful combination of data organization, advanced cryptographic protocols, and features satisfying modern IAM requirements.

The Ubiquitous Nature Of Modern Business Intelligence

David Silva April 5, 2024

Business intelligence (BI) can be described as a series of technologies, procedures and tools used for collecting data from multiple data sources. This data is

20 Ways Software Development Companies Can Boost Customer Retention

David Silva March 28, 2024

Multiple studies and opinion surveys performed across industries agree: It’s more cost-effective to retain existing customers than it is to acquire new ones. Knowing this,

Prisma by Algemetric: A Pioneering Secure and Privacy-Preserving Business Intelligence Platform.

Richard Goodman March 4, 2024

Colorado Springs, Colorado, 4th March 2024 – Algemetric announced today their flagship product Prisma, designed to revolutionize secure and privacy-preserving data management, analytics and business

Algemetric is now IASME Cyber Essentials certified

Algemetric February 26, 2024

Algemetric is proud to announce we are now IASME Cyber Essentials certified. This achievement is proof of our ongoing commitment to operating with the most