Becker wrote that agencies should consider raising the required authentication level as users seek to gain access to higher-level data and applications.
“The key is to manage those activities via one pane of glass or one platform that supports the entire risk-based and continuous authentication process,” he noted.
He said there are new technology platforms agencies can adopt to better understand users’ online behavior and make informed authentication decisions.
Becker also cited several government policies and guidelines aimed at helping agencies better secure their information technology environments. These include the Department of Defense’s Cybersecurity Maturity Model Certification program, Federal Information Processing Standard 140 and the recent cybersecurity executive order that requires zero trust architecture, multifactor authentication, supply chain security and encryption for data at rest and in transit.
“Complying with government mandates and policies is essential for helping agencies discover the resources they need to protect, protecting the data itself and also controlling access to the data,” he added.