Randy Wood, vice president of federal sales at application delivery networking platforms provider F5 Networks (Nasdaq: FFIV), has said that federal agencies should recognize application security as one of the key elements of an enterprise security strategy.
Wood wrote that government information technology managers should consider the security challenges posed by enterprise applications amid agencies’ adoption of cloud and mobility platforms to expand the use of such applications to other users.
“Trust no application, no user and no traffic flow, ” he said.
He urged federal agencies to implement multi-factor authentication in order to provide users access to all applications and other resources as well as monitor outbound traffic.
“In the case of outbound traffic, it’s important to provide an ‘air gap’ in which security teams can view encrypted data as clear text; then re-encrypt it as it continues on its path, ” Wood said.
Wood also called on agencies to develop a “comprehensive set of security policies and services tailored to address the risk level of a given application.”