by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : May 2016
G ONE ARE THE DAYS when agency endpoints were confined to systems connected to a LAN in a brick building— easy to secure and manage. Endpoints now include virtual users, smartphones, tablets, external consultants and partner organizations. Information is pushed and pulled to devices internally and externally, increasing the risk of exposure and likelihood of theft. Security needs to become more agile, more persistent, more predictive, and more dynamic. To get there, cyberdefenses must move to within the perimeter, the hardware, and even the device. It must move down to the data level. Policies Drive Change Recognizing those issues, the Office of the President recently directed the Administration to implement the Cybersecurity National Action Plan (CNAP). This plan calls for all federal agencies to take a multi-layered data protection approach to better secure the government’s most sensitive data. The Office of Management and Budget (OMB) agrees. OMB has been urging agencies to implement capabilities to “protect high value assets and sensitive information” within the next year. Those two policies point towards implementation of a multi-layered cybersecurity strategy that includes data-centric security. What is Data-Centric Security? Data-centric security targets and protects the data itself regardless of its location—inside or outside of the firewall and on any device. It adds another critical layer of fortification to existing security measures. Data-centric security encrypts the native file format itself. This helps ensure data remains more secure wherever it travels or is stored. The decryption server and keys often reside in a different location than the data, which further enhances protection. Only a device with the proper client technology and authentication controls can decrypt the file. But encryption alone is not enough for data- centric security, though. It’s like padlocking your wallet and throwing it into the ocean. Your wallet is safe, but you have no idea where it has gone or what happened to the contents. When choosing a data- centric security solution, select one that combines security strength with persistent, dynamic control. Persistent, Dynamic Control Persistent, dynamic control has four key elements: 1. Ability to remotely push dynamic policy and access changes on the fly without having to revoke and renew access 2. Continuous auditing of location and events, inside and outside the firewall 3. Digital signatures to confirm the identity of each person who signed a document, confirming it hasn’t been altered in transit 4. Extension beyond LDAP authentication to support for a range of authorization sources By adding persistent dynamic control to data- centric security, the agency is able to stay in contact with the data—pushing policy and access changes, receiving information about who’s accessing, how it’s being used and how frequently, and helping to ensure authenticity and integrity. Employing this approach, your agency will be able to better manage your data wherever it goes in the world, predict internal and external threats, and respond with agility to changing operational needs. Barr y Leffew is the Vice President Public Sector, Adobe Systems Incorporated. BARRY LEFFEW VICE PRESIDENT PUBLIC SECTOR, ADOBE SYSTEMS INCORPORATED DATA-CENTRIC SECURITY Why agencies need agile, persistent security at the data-level. Data-Centric Security Learn more at carahsoft.com/innovation-adobe Adobe, the Adobe logo are trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or other countries. © 2016 Adobe Systems Incorporated. All rights reserved. Adobe solutions deliver security capabilities at the data-level with persistent, dynamic control. Your agency’s data is on the move, now your security can move with it. S-20 SECURING THE ENTERPRISE SPONSORED CONTENT WHAT TO LOOK FOR IN A DATA-CENTRIC SECURITY SOLUTION Flexible Deployment: Is it available on-premises or in the cloud with FedRAMP authorization? Infrastructure Flexibility: Does it support a wide variety of infrastructures, operating systems and authentication providers? Custom Workflow Support: Does it support application development for custom workflows? Client-Side Support: Does it require a dedicated client to decrypt? Is that client available/authorized within your agency?
March and April 2016
June and July 2016