<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon

Zero Trust Memo From Executive Order 14028 (TL;DR Version)

Cyberattacks have increased significantly over the years. Emboldened by the easy access provided by remote workers connecting to unsecured networks, cyberattacks on corporate networks increased by 50 percent in 2021 compared to 2020. Those attacks were up by 47 percent in the government and military sectors. Recent research has also found that cybercriminals have become so sophisticated that they can penetrate 93 percent of corporate networks.

It is no surprise that President Joe Biden issued a Zero Trust executive order to protect federal government networks. On May 12, 2021, recognizing the dire situation, Executive Order (EO) 14028 was issued, focusing on protecting the U.S. from cybercriminals and cyberattacks. EO 14028 specifically recommends Zero Trust Architecture as necessary to defend the nation against threat actors. This post provides a summary of Executive Order 14028.

What Is Zero Trust Architecture (According to EO 14028)?

The Federal Government defines Zero Trust Architecture as a security model that acknowledges threats inside and outside networks. Instead of trusting any element, node, or service, Zero Trust requires everything to constantly be verified and authenticated. Essentially, Zero Trust lets users have full access, but only as much as needed, to do their jobs. This helps contain risk should a breach occur.

Additionally, Zero Trust assumes that a breach has happened or will happen. Hence, it embeds continuous security monitoring to look for suspicious activity. This is done through granular, risk-based access controls and security automation. Least-privileged access is applied for every access decision, keeping environments as locked down as possible.

Why Does the Federal Government Believe That Zero Trust Is the Future of Cybersecurity?

Cloud technology has become an integral part of business, even for the federal government. From software-as-a-service (SaaS) to platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS), more and more government agencies are reaping the benefits of the cloud.

However, migrating to the cloud comes with different risks, and the federal government is right to be concerned about malicious actors exploiting an access loophole in its systems. In 2020, a Russia-sponsored hack breached the Pentagon, intelligence agencies, nuclear labs, and even Fortune 500 companies, resulting in stolen information. The Department of Defense and Department of Homeland Security both had seemingly impenetrable cyber defenses, but a Trojan horse downloaded by users compromised the SolarWinds software being used.

To keep pace with these increasingly sophisticated cyberattacks, the federal government is modernizing its approach to cybersecurity. Assuming that a breach has already occurred or is likely to occur puts the government on the offensive. It allows it to proactively identify and mitigate risks before the next breach happens.

The Federal Government's Zero Trust Implementation Plan

As part of EO 14028, federal government agencies must take decisive steps to modernize their cybersecurity posture. Within 60 days, they had to develop a plan to implement Zero Trust architecture. This required incorporating migration steps laid out by the National Institute of Standards and Technology (NIST), which organizes cybersecurity capabilities into five functions: identify, protect, detect, respond, and recovery.

The ”protect” function is where Zero Trust Architecture comes in. Here, federal agencies must develop and implement safeguards to protect critical infrastructure. This includes identity management, authentication and access control, and data security.

From now on, all federal government agencies and contractors must adopt Zero Trust Architecture as they migrate to cloud technology.

3 Zero Trust Takeaways from Executive Order 14028

The federal government isn’t the only sector that can benefit from Zero Trust Architecture. As cybercriminals become more sophisticated, the Zero Trust executive order can be used as a springboard for organizations to protect their own infrastructure. Taking the first steps toward Zero Trust can help organizations of all sizes protect their sensitive data and minimize the fallout when a breach occurs. Here are three takeaways from EO 14028 for organizations looking at Zero Trust.

1. Implementing Zero Trust can be incremental

Organizations that might feel overwhelmed by Zero Trust don’t need to implement it all at once. Taking an incremental approach helps avoid high costs, confusion, and getting bogged down in administrative work – and lets organizations get started. They can build on those first steps to improve their cybersecurity postures almost immediately.

2. Zero Trust helps reduce security breaches

Because Zero Trust assumes breaches will occur and offers ways to mitigate the impact, it provides real benefits to organizations. Instead of focusing on the perimeter as traditional security architecture has done, Zero Trust plans for the inevitability of an attack. It looks inward at how users access systems and provides them with only what they need to do their jobs. It also requires constant, real-time authentication, limiting the likelihood of a breach.

3. Long-life credentials, passwords, and VPNs cease to exist

As part of Zero Trust, long-life credentials have become a thing of the past. Instead of giving users credentials that they can use long after they leave the company, users get access that is decommissioned once they’re done with the project. Instead of passwords that are vulnerable to phishing attacks, they receive tokens like PIV cards and Yubikeys, or leverage SSO from providers like Okta. And VPNs aren’t necessary because identity is the new perimeter and users are constantly authenticated.

How StrongDM Helps Organizations Adopt Zero Trust

Zero Trust means organizations shift from a reactive approach to cybersecurity to a proactive one. For Better, detecting suspicious behavior in real-time by using StrongDM allowed it to respond faster to incidents and provided peace of mind by logging every query and permission change. Suppose something suspicious does happen, such as a user query after hours or a lot of queries being made. In that case, the user can immediately be suspended before real damage can be done.

🕵 Learn how Better.com uses StrongDM to adopt Zero Trust access.

This is just one way that StrongDM helps organizations adopt a Zero Trust architecture. To learn more about how you can bring your Zero Trust aspirations to life, make sure to watch our Zero Trust Access Edition Webinar.


About the Author

, Technical Evangelist, has had a long 30+ year career in systems engineering and architecture, but has spent the last 13+ years working on the Cloud, and specifically, Cloud Security. He's currently the Technical Evangelist at StrongDM, taking the message of Zero Trust Privileged Access Management (PAM) to the world. As a practitioner, he architected and created cloud automation, DevOps, and security and compliance solutions at Netflix and Adobe. He worked closely with customers at Evident.io, where he was telling the world about how cloud security should be done at conferences, meetups and customer sessions. Before coming to StrongDM, he lead an innovations and solutions team at Palo Alto Networks, working across many of the company's security products.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

Securing Network Devices with StrongDM's Zero Trust PAM Platform
Securing Network Devices with StrongDM's Zero Trust PAM Platform
Let’s talk about the unsung heroes of your on-premises infrastructure: network devices. These are the routers, switches, and firewalls that everyone forgets about…and takes for granted—until something breaks. And when one of those somethings breaks, it leads to some pretty bad stuff. If your network goes down, that’s bad, bad, bad for business. But if those devices lack the necessary security, well, that can leave you exposed in an incredibly dangerous way.
What Is Zero Trust for the Cloud? (And Why It's Important)
What Is Zero Trust for the Cloud? (And Why It's Important)
Zero Trust cloud security is a cybersecurity model that operates on the principle that no user, device, system, or action should be trusted by default — even if it's inside your organization’s own network. This approach minimizes the risk of breaches and other cyber threats by limiting access to sensitive information and resources based on user roles, device security posture, and contextual factors.
What Is Zero Trust Data Protection?
What Is Zero Trust Data Protection?
Zero Trust Data Protection isn't just the best way to safeguard your data — given today's advanced threat landscape, it's the only way. Assuming inherent trust just because an access request is inside your network is just asking for a breach. By implementing the latest tactics in authentication, network segmentation, encryption, access controls, and continuous monitoring, ZT data security takes the opposite approach.
Simplify Database Authorization with Policy-Based Action Control
Simplify Database Authorization with Policy-Based Action Control
As enterprises continue to modernize their IT environments, the need for a more advanced and adaptable approach to database authorization becomes increasingly apparent. Traditional models, with their reliance on static roles and broad permissions, are no longer sufficient to meet the demands of decentralized, dynamic infrastructures. StrongDM addresses this gap by offering a solution that emphasizes fine-grained, policy-based action control, enabling organizations to manage database access with the precision and flexibility required in today’s complex business environments.
StrongDM Now Delivers Continuous Authorization for Databases Through Fine-Grained Policy-based Action Control
Access is no longer the primary challenge in enterprise security; it's the actions of users that are most aligned with managing risk. By focusing on how actions are authorized, StrongDM is giving customers a more effective approach to enterprise security. Our policy-based action control ensures that, in addition to access, every user action is scrutinized, delivering a higher level of security tailored to meet the complex demands of modern enterprises.