HR-Driven Zero Trust in Cloud SaaS Applications

Published August 26, 2022

Controlling access to IT applications is a major concern during the federal government’s move to cloud solutions. IT modernization necessitates changing from a network perimeter security model to a model that encompasses all possible sources of security threats: IdentityDeviceNetworkApplications, and Data.

Requirements for Zero Trust in OMB Memorandum M-22-09 outline the CISA Zero Trust Maturity Model with Identity as the first pillar. HR driven IT provisioning through PIV card authentication is the first defense.

Why is Identity the first pillar of Zero Trust? Because everything else in the model is dependent on identity. Zero Trust requires continuous user authentication and the ability to organize risk assessments based on stored identity and nonrepudiation. Why is HR driven IT provisioning a best practice? Because HR systems hold the identity data of all employees and contractors and are the ultimate source of truth for roles and permissions.

HR-driven IT provisioning through PIV card is being implemented by cloud SaaS solutions to enable out-of-the-box provisioning with modern HR systems so that IT can quickly roll out new solutions with built-in identity awareness.

“PIV enablement provides an authentication method that allows our government customers to ensure the validity of every login to our Actus Procurement Automation.”

Mike Tocci of Paperless Innovations

Single sign on through PIV allows our customers a baseline of security that would otherwise be time consuming and costly to implement. Security solutions that are tied to modern HR systems provide continuous Identity assurance in constantly evolving environments.