Matthew Schneider, senior director of government, education and healthcare at VMware (NYSE: VMW), has said government agencies seeking to ensure security of applications within the network should initially change their mindset through the adoption of the “zero trust” model.
Schneider wrote that implementing such a model “means you have to assume your network has already been compromised and act accordingly.”
Agencies that aim to secure their data center should start observing how applications communicate, behave and interact with other apps and users since modern apps are “dynamic” or tend to move across the cloud and data infrastructure and can be exploited by potential threat actors.
He called on agencies to “spell out in common language which applications have permission to talk to other applications and users” instead of safeguarding apps based on internet protocol addresses.
Automation can help network administrators facilitate application deployment as well as quarantine or remediate apps in high-alert scenarios, Schneider said.
He also discussed the potential role in application security of micro-segmentation that works to divide the data center into components based on “common language rules.”
Micro-segmentation works to “bring firewall, advanced security, and other traditionally perimeter-level defenses to the application level,” he added.