The Cybersecurity and Infrastructure Security Agency (CISA) has released a draft version of its Applying Zero Trust Principles to Enterprise Mobility for public comment.
Adopting zero trust security architectures to protect the government’s information resources is a key factor in President Biden’s Executive Order on Improving the Nation’s Cybersecurity issued May 2021, and an integral part of that equation is enterprise mobility security.
The CISA publication highlights the need for special consideration for mobile devices and associated enterprise security management capabilities due to their technological evolution and ubiquitous use.
CISA also noted that the publication is not a technical manual or implementation guide for either zero trust or enterprise mobility.
“It’s intended to guide Federal agencies through the process of developing and implementing their specific cybersecurity capabilities for enterprise mobility toward adoption of their zero trust goals,” CISA said on the agency’s blog. “Our intent is to inform Federal agencies how zero trust principles can be applied to currently-available mobile security technologies that are already adopted in many cases as part of enterprise mobility security programs.”
The publication also showcases architectural frameworks, principles, and capabilities to attain a zero trust level set for any agency. It also maps mobile security approaches into zero trust principles that an organization can use to align its current mobile security capabilities with a zero trust approach.
The deadline for providing comments on the CISA zero trust mobility publication is April 18.