The National Security Agency (NSA) released a new Cybersecurity Information Sheet (CSI) on May 22 sharing the best practices for securing applications from unauthorized users and ensuring continuous visibility of the workload at any given time.
The CSI – “Advancing Zero Trust Maturity Throughout the Application and Workload Pillar” – provides organizations with recommendations on “achieving progressive levels of application and workload capabilities.”
Application and workload is one of the seven pillars in a zero trust architecture, and according to the CSI, the two are mutually dependable.
“While applications are the individual tools that serve business needs, workloads can be standalone solutions or tightly coupled groups of processing components performing mission functions,” the guidance states.
According to the CSI, the application and workload pillar depends on an organization’s ability to integrate key capabilities into a comprehensive zero trust framework.
Those capabilities include application inventory, secure software development and integration, software risk management, resource authorization and integration, and continuous monitoring and ongoing authorizations.
“This guidance helps organizations disrupt malicious cyber activity by applying granular access control and visibility to applications and workloads in modern network environments,” Dave Luber, NSA’s director of cybersecurity, said in a press release. “Implementing a Zero Trust framework places cybersecurity practitioners in a better position to secure sensitive data, applications, assets, and services.”
This recent CSI is part of a series of guidance NSA is developing to assist Defense Department customers in piloting zero trust systems. Thus far, NSA has released guidance on four other zero trust pillars – user, data, device, and network and environment. NSA is currently developing additional zero trust guidance.