On April 8, 2020, Ross Nodurft was quoted in FCW regarding cloud security as federal agencies navigate the surge in telework following the COVID-19 outbreak.
According to the article, the Cybersecurity and Infrastructure Security Agency’s (CISA) issued emergency guidance details the need to manage web traffic and align data connections with authorized activities, protect the confidentiality and integrity of that traffic, promote the use of applications and services that ensure continuity of operations, and allow for timely reaction and adaptation by agencies to newly discovered threats.
The guidance covers options for federal agencies to consider during the crisis, including teleworkers establishing a protected connection to agency networks and accessing cloud resources from there, with the agency, CSP, and worker all involved in enforcement. This method could result in increased latency, network congestion, and other performance issues.
"Agencies are making risk-based decisions in an environment that is completely different than it was 3-4 weeks ago," Nodurft told FCW. "Telework is now something that has to happen quickly and in order to do that you're going to see more and more workloads put in a cloud environment and agencies will be interacting with them in a more robust way than before."