David Kubicki, senior manager of solution architects for the public sector at Palo Alto Networks (Nasdaq: PANW), said an ideal cloud security platform enables government agencies to address security requirements “while enabling them to expand for additional use cases as their cloud maturity increases.”
“Adopting a platform designed with flexibility and choice in its architecture ensures future-proof cloud security,” Kubicki wrote in an article published in Carahsoft.com.
He said there are key factors agencies should remember when selecting cloud providers and one of those is security and compliance.
The Palo Alto Networks executive said the cloud provider should comply with government and industry regulations and implement strong security measures to safeguard data during processing, at rest and in transit.
Another aspect to consider is data residency and jurisdiction.
“Understanding where the cloud provider stores data and the legal jurisdiction governing that data is crucial for compliance and regulatory purposes, especially for government agencies that may be subject to data residency requirements,” he added.
Kubicki said agencies should choose providers based on how they could meet the needs of their applications and workloads and look for those that work with other industry leaders to offer a wide range of integrated capabilities to ensure security and compliance.
He highlighted the need to deploy an integrated platform that offers visibility across all areas of the application life cycle to identify vulnerabilities in code and fielded assets.
“In addition, the seamless integration of easy-to-use security tools into the DevOps workflow is important to reduce friction between teams and ensure that the responsibility for security is shared across all stakeholders,” Kubicki stated.