Cloud environments inherently make it more complex to know and control which users and systems can access applications and data. This truth applies whether a government maintains a single private cloud, a hybrid private and public cloud, or multi-cloud environments. Security measures in legacy systems were not designed for this level of access complexity. More than ever, governments need a new model for access control. This issue brief discusses how a zero-trust approach makes security stronger yet simpler for users and IT, and offers a model that can scale and adapt to a government’s dynamic use of cloud resources.
