Unified Communications Featured Article

Zscaler Zero Trust Solution Get FedRAMP Approval

August 14, 2018

Zscaler Inc. has reached a new FedRAMP milestone. Its Zscaler Private Access-Government solution meets the program’s Moderate security requirements. And the Federal Communications Commission has granted it Authority to Operate.

That makes it the first zero trust remote access platform to get such approval. And it means Zscaler can market and sell its ZPA-Government cloud service to government agencies.

FedRAMP stands for Federal Risk and Authorization Management Program. This program provides a single way through which federal government entities can ensure the information systems and services they use meet their information security, management, and procurement requirements.

ZPA-Government is a cloud-based service that allows authorized users to access internal applications. It promises ease of use because access is the same whether applications live in the government data center, the AWS GovCloud, or elsewhere.

The service provides zero trust using a software-defined perimeter, providing encrypted (TLS 1.2) connections to applications. That’s as opposed to using hardware appliances and legacy VPN technology. That eliminates issues associated with traditional Trusted Internet Connections- based VPN solutions.

In 2007 the Office of Management and Budget issued a TIC mandate. But Zscaler says that traditional TIC-based solutions “require significant maintenance and excessive backhauling” and that creates latency for remote users accessing modern cloud and external hosted applications.

Byron Caswell, Senior Advisor for FCC’s Information Technology organization, and core member of the FCC’s FedRAMP Authorization program, said: “Our decision to sponsor ZPA-Government for a FedRAMP Moderate Authorization is evidence of the commission’s belief that the cloud offers a more secure, efficient, and cost-effective way to secure core federal missions.”

The federal government in 2009 embarked on a journey to adopt cloud technology to lower costs and drive innovation. But none of the federal government agencies met the Office of Management and Budget’s goal that 15 percent of IT spending in 2016 should be on cloud computing services.

In a recent report the White House’s American Technology Council says that’s due to “impediments in policy, resource allocation, and agency prioritization.” Accenture Federal Services CTO Dominic Delmolino adds that “some agency decision-makers are unsure of how to start their path to the cloud or how to maintain momentum once they’ve begun. Many find the procurement of a utility-like cloud service challenging given federal acquisition rules and policies, and some fear the risks of migrating legacy workloads to an external infrastructure.” However, Delmolino adds, “I am quite bullish on the future of cloud adoption across government.”

Meanwhile, Gartner forecasts double-digit growth in the use of public cloud services by governments of all kinds. “Cloud use by government organizations varies depending on whether they operate at a national, state/province or local level,” Gartner says. “Local governments spend 20.6% of their IT budgets on cloud, and national governments spend 22%.”

Edited by Maurice Nagle